From a8b23c83998c7964f8898c39784ac186a0216c3f Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 11 Nov 2016 07:47:46 -0500
Subject: testing

---
 test/fs_overlay.exp               | 66 --------------------------
 test/overlay/firefox-x11-xorg.exp | 90 +++++++++++++++++++++++++++++++++++
 test/overlay/firefox-x11.exp      | 90 +++++++++++++++++++++++++++++++++++
 test/overlay/firefox.exp          | 99 +++++++++++++++++++++++++++++++++++++++
 test/overlay/fs.exp               | 46 ++++++++++++++++++
 test/overlay/overlay.sh           | 57 ++++++++++++++++++++++
 6 files changed, 382 insertions(+), 66 deletions(-)
 delete mode 100755 test/fs_overlay.exp
 create mode 100755 test/overlay/firefox-x11-xorg.exp
 create mode 100755 test/overlay/firefox-x11.exp
 create mode 100755 test/overlay/firefox.exp
 create mode 100755 test/overlay/fs.exp
 create mode 100755 test/overlay/overlay.sh

(limited to 'test')

diff --git a/test/fs_overlay.exp b/test/fs_overlay.exp
deleted file mode 100755
index b7eeba80f..000000000
--- a/test/fs_overlay.exp
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/usr/bin/expect -f
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "rm -f /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 0\n";exit}
-	"home"
-}
-
-send -- "ls > /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 1\n";exit}
-	"home"
-}
-
-send -- "firejail --noprofile --overlay\r"
-expect {
-	timeout {puts "TESTING ERROR 2\n";exit}
-	"not available for kernels older than 3.18" {puts "\nTESTING: overlayfs not available\n"; exit}
-	"Error: --overlay option is not available on Grsecurity systems" {puts "\nTESTING: overlayfs not available\n"; exit}
-	"Child process initialized" {puts "found\n"}
-}
-sleep 1
-
-send -- "echo xyzxyzxyz > /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 3\n";exit}
-	"home"
-}
-sleep 1
-
-send -- "cat  /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 4\n";exit}
-	"xyzxyzxyz"
-}
-expect {
-	timeout {puts "TESTING ERROR 4.1\n";exit}
-	"home"
-}
-sleep 1
-
-send -- "exit\r"
-sleep 2
-
-send -- "cat  /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 5\n";exit}
-	"xyzxyzxyz" {puts "TESTING ERROR 5.1\n";exit}
-	"home"
-}
-
-sleep 1
-send -- "rm -f /tmp/firejail-overlay-test;pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 0\n";exit}
-	"home"
-}
-
-
-sleep 1
-puts "all done \n"
-
diff --git a/test/overlay/firefox-x11-xorg.exp b/test/overlay/firefox-x11-xorg.exp
new file mode 100755
index 000000000..76c0e55fc
--- /dev/null
+++ b/test/overlay/firefox-x11-xorg.exp
@@ -0,0 +1,90 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --overlay --name=test --x11=xorg firefox -no-remote www.gentoo.org\r"
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"firefox" {puts "firefox detected\n";}
+	"iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 3.2\n";exit}
+	"no-remote"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --overlay --name=blablabla\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd:"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+
+puts "\nall done\n"
+
diff --git a/test/overlay/firefox-x11.exp b/test/overlay/firefox-x11.exp
new file mode 100755
index 000000000..aa248f328
--- /dev/null
+++ b/test/overlay/firefox-x11.exp
@@ -0,0 +1,90 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --overlay --name=test --x11 firefox -no-remote www.gentoo.org\r"
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"firefox" {puts "firefox detected\n";}
+	"iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 3.2\n";exit}
+	"no-remote"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --name=blablabla --overlay\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd:"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+
+puts "\nall done\n"
+
diff --git a/test/overlay/firefox.exp b/test/overlay/firefox.exp
new file mode 100755
index 000000000..6ef23558d
--- /dev/null
+++ b/test/overlay/firefox.exp
@@ -0,0 +1,99 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --overlay firefox -no-remote www.gentoo.org\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Reading profile /etc/firejail/firefox.profile"
+}
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"firefox" {puts "firefox detected\n";}
+	"iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 3.2\n";exit}
+	"no-remote"
+}
+after 100
+
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+
+
+send -- "firejail --name=blablabla --overlay\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+after 100
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	" firefox" {puts "firefox detected\n";}
+	" iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"no-remote"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd:"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+after 100
+
+puts "\nall done\n"
+
diff --git a/test/overlay/fs.exp b/test/overlay/fs.exp
new file mode 100755
index 000000000..15ada9203
--- /dev/null
+++ b/test/overlay/fs.exp
@@ -0,0 +1,46 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --overlay\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"not available for kernels older than 3.18" {puts "\nTESTING: overlayfs not available\n"; exit}
+	"Error: --overlay option is not available on Grsecurity systems" {puts "\nTESTING: overlayfs not available\n"; exit}
+	"Child process initialized" {puts "found\n"}
+}
+sleep 1
+
+send -- "echo xyzxyzxyz > ~/_firejail_test_file; echo done\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"done"
+}
+after 100
+
+send -- "cat  ~/_firejail_test_file; echo done\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"xyzxyzxyz"
+}
+expect {
+	timeout {puts "TESTING ERROR 4.1\n";exit}
+	"done"
+}
+after 100
+
+send -- "exit\r"
+sleep 2
+
+send -- "cat  ~/_firejail_test_file; echo done\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"xyzxyzxyz" {puts "TESTING ERROR 5.1\n";exit}
+	"done"
+}
+
+after 100
+puts "\nall done\n"
+
diff --git a/test/overlay/overlay.sh b/test/overlay/overlay.sh
new file mode 100755
index 000000000..971adddfe
--- /dev/null
+++ b/test/overlay/overlay.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+export MALLOC_CHECK_=3
+export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+
+echo "TESTING: overlay fs (test/overlay/fs.exp)"
+rm -fr ~/_firejail_test_*
+./fs.exp
+rm -fr ~/_firejail_test_*
+
+which firefox
+if [ "$?" -eq 0 ];
+then
+	echo "TESTING: overlay firefox"
+	./firefox.exp
+else
+	echo "TESTING SKIP: firefox not found"
+fi
+
+which firefox
+if [ "$?" -eq 0 ];
+then
+	echo "TESTING: overlay firefox x11 xorg"
+	./firefox.exp
+else
+	echo "TESTING SKIP: firefox not found"
+fi
+
+
+# check xpra/xephyr
+which xpra
+if [ "$?" -eq 0 ];
+then
+        echo "xpra found"
+else
+        echo "xpra not found"
+	which Xephyr
+	if [ "$?" -eq 0 ];
+	then
+        	echo "Xephyr found"
+	else
+        	echo "TESTING SKIP: xpra and/or Xephyr not found"
+		exit
+	fi
+fi
+
+which firefox
+if [ "$?" -eq 0 ];
+then
+	echo "TESTING: overlay firefox x11"
+	./firefox.exp
+else
+	echo "TESTING SKIP: firefox not found"
+fi
-- 
cgit v1.2.3-54-g00ecf