From d30ae468d925199359aa7c6d4cdec7e9e15587dd Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sat, 19 Nov 2016 09:49:09 -0500 Subject: testing --- test/chroot-resolvconf.exp | 14 ------- test/chroot/chroot-resolvconf.exp | 14 +++++++ test/chroot/fs_chroot.exp | 68 +++++++++++++++++++++++++++++++++ test/environment/environment.sh | 15 ++++++++ test/environment/rlimit-bad-profile.exp | 35 +++++++++++++++++ test/environment/rlimit-bad.exp | 34 +++++++++++++++++ test/environment/rlimit-bad1.profile | 1 + test/environment/rlimit-bad2.profile | 1 + test/environment/rlimit-bad3.profile | 1 + test/environment/rlimit-bad4.profile | 1 + test/environment/rlimit-profile.exp | 33 ++++++++++++++++ test/environment/rlimit.exp | 37 ++++++++++++++++++ test/environment/rlimit.profile | 4 ++ test/fs_chroot.exp | 68 --------------------------------- test/rlimit/rlimit-profile.exp | 33 ---------------- test/rlimit/rlimit.exp | 37 ------------------ test/rlimit/rlimit.profile | 4 -- test/rlimit/rlimit.sh | 14 ------- 18 files changed, 244 insertions(+), 170 deletions(-) delete mode 100755 test/chroot-resolvconf.exp create mode 100755 test/chroot/chroot-resolvconf.exp create mode 100755 test/chroot/fs_chroot.exp create mode 100755 test/environment/rlimit-bad-profile.exp create mode 100755 test/environment/rlimit-bad.exp create mode 100644 test/environment/rlimit-bad1.profile create mode 100644 test/environment/rlimit-bad2.profile create mode 100644 test/environment/rlimit-bad3.profile create mode 100644 test/environment/rlimit-bad4.profile create mode 100755 test/environment/rlimit-profile.exp create mode 100755 test/environment/rlimit.exp create mode 100644 test/environment/rlimit.profile delete mode 100755 test/fs_chroot.exp delete mode 100755 test/rlimit/rlimit-profile.exp delete mode 100755 test/rlimit/rlimit.exp delete mode 100644 test/rlimit/rlimit.profile delete mode 100755 test/rlimit/rlimit.sh (limited to 'test') diff --git a/test/chroot-resolvconf.exp b/test/chroot-resolvconf.exp deleted file mode 100755 index 2d0da2fb0..000000000 --- a/test/chroot-resolvconf.exp +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/expect -f - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --chroot=/tmp/chroot /bin/bash\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - "invalid /tmp/chroot/etc/resolv.conf file" -} - -puts "\nall done\n" - diff --git a/test/chroot/chroot-resolvconf.exp b/test/chroot/chroot-resolvconf.exp new file mode 100755 index 000000000..2d0da2fb0 --- /dev/null +++ b/test/chroot/chroot-resolvconf.exp @@ -0,0 +1,14 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --chroot=/tmp/chroot /bin/bash\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "invalid /tmp/chroot/etc/resolv.conf file" +} + +puts "\nall done\n" + diff --git a/test/chroot/fs_chroot.exp b/test/chroot/fs_chroot.exp new file mode 100755 index 000000000..aeb5669e1 --- /dev/null +++ b/test/chroot/fs_chroot.exp @@ -0,0 +1,68 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --chroot=/tmp/chroot\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Error: --chroot option is not available on Grsecurity systems" {puts "\nall done\n"; exit} + "Child process initialized" {puts "chroot available\n"}; +} +sleep 1 + +send -- "cd /home;pwd\r" +expect { + timeout {puts "TESTING ERROR 0.1\n";exit} + "home" +} +sleep 1 +send -- "bash\r" +sleep 1 +send -- "ls /; pwd\r" +expect { + timeout {puts "TESTING ERROR 0.2\n";exit} + "this-is-my-chroot" +} +expect { + timeout {puts "TESTING ERROR 0.3\n";exit} + "home" +} + + + +send -- "ps aux; pwd\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "/bin/bash" +} +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "bash" +} +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "ps aux" +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "home" +} +sleep 1 + + +send -- "ps aux |wc -l; pwd\r" +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "6" +} +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "home" +} +sleep 1 + + +puts "all done\n" + diff --git a/test/environment/environment.sh b/test/environment/environment.sh index c2a6c435a..2bb5a249e 100755 --- a/test/environment/environment.sh +++ b/test/environment/environment.sh @@ -95,4 +95,19 @@ if [ "$?" -eq 0 ]; then echo "TESTING: ibus (test/environment/ibus.exp)" ./ibus.exp +else + echo "TESTING SKIP: ibus not configured" fi + +echo "TESTING: rlimit (test/rlimit/rlimit.exp)" +./rlimit.exp + +echo "TESTING: rlimit profile (test/rlimit/rlimit-profile.exp)" +./rlimit-profile.exp + +echo "TESTING: rlimit errors (test/rlimit/rlimit-bad.exp)" +./rlimit-bad.exp + +echo "TESTING: rlimit errors profile (test/rlimit/rlimit-bad-profile.exp)" +./rlimit-bad-profile.exp + diff --git a/test/environment/rlimit-bad-profile.exp b/test/environment/rlimit-bad-profile.exp new file mode 100755 index 000000000..80693a4a0 --- /dev/null +++ b/test/environment/rlimit-bad-profile.exp @@ -0,0 +1,35 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + + +send -- "firejail --profile=rlimit-bad1.profile\r" +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "Invalid rlimit option" +} +after 100 + +send -- "firejail --profile=rlimit-bad2.profile\r" +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "Invalid rlimit option" +} +after 100 + +send -- "firejail --profile=rlimit-bad3.profile\r" +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "Invalid rlimit option" +} +after 100 +send -- "firejail --profile=rlimit-bad4.profile\r" +expect { + timeout {puts "TESTING ERROR 7\n";exit} + "Invalid rlimit option" +} +after 100 + +puts "\nall done\n" diff --git a/test/environment/rlimit-bad.exp b/test/environment/rlimit-bad.exp new file mode 100755 index 000000000..574e7e174 --- /dev/null +++ b/test/environment/rlimit-bad.exp @@ -0,0 +1,34 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --rlimit-fsize=-1024\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "invalid rlimt fsize" +} +after 100 + +send -- "firejail --rlimit-nofile=asdf\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "invalid rlimt nofile" +} +after 100 + +send -- "firejail --rlimit-nproc=100.23\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "invalid rlimt nproc" +} +after 100 +send -- "firejail --rlimit-sigpending=2345-78\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "invalid rlimt sigpending" +} +after 100 + +puts "\nall done\n" diff --git a/test/environment/rlimit-bad1.profile b/test/environment/rlimit-bad1.profile new file mode 100644 index 000000000..b6d3340d8 --- /dev/null +++ b/test/environment/rlimit-bad1.profile @@ -0,0 +1 @@ +rlimit-fsize -1024 diff --git a/test/environment/rlimit-bad2.profile b/test/environment/rlimit-bad2.profile new file mode 100644 index 000000000..ef3f243c6 --- /dev/null +++ b/test/environment/rlimit-bad2.profile @@ -0,0 +1 @@ +rlimit-nofile asdf diff --git a/test/environment/rlimit-bad3.profile b/test/environment/rlimit-bad3.profile new file mode 100644 index 000000000..af016a29f --- /dev/null +++ b/test/environment/rlimit-bad3.profile @@ -0,0 +1 @@ +rlimit-nproc 100.23 diff --git a/test/environment/rlimit-bad4.profile b/test/environment/rlimit-bad4.profile new file mode 100644 index 000000000..aabe3d008 --- /dev/null +++ b/test/environment/rlimit-bad4.profile @@ -0,0 +1 @@ +rlimit-sigpending 67asd56 \ No newline at end of file diff --git a/test/environment/rlimit-profile.exp b/test/environment/rlimit-profile.exp new file mode 100755 index 000000000..a9e54a405 --- /dev/null +++ b/test/environment/rlimit-profile.exp @@ -0,0 +1,33 @@ +#!/usr/bin/expect -f + +set timeout 10 +#cd /home +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --profile=rlimit.profile\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "cat /proc/self/limits\r" +expect { + timeout {puts "TESTING ERROR 1.1\n";exit} + "Max file size 1024 1024" +} +expect { + timeout {puts "TESTING ERROR 1.2\n";exit} + "Max processes 1000 1000" +} +expect { + timeout {puts "TESTING ERROR 1.3\n";exit} + "Max open files 500 500" +} +expect { + timeout {puts "TESTING ERROR 1.4\n";exit} + "Max pending signals 200 200" +} +after 100 +puts "\nall done\n" diff --git a/test/environment/rlimit.exp b/test/environment/rlimit.exp new file mode 100755 index 000000000..611f69821 --- /dev/null +++ b/test/environment/rlimit.exp @@ -0,0 +1,37 @@ +#!/usr/bin/expect -f + +set timeout 10 +cd /home +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --rlimit-fsize=1024 --rlimit-nproc=1000 --rlimit-nofile=500 --rlimit-sigpending=200\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "cat /proc/self/limits; pwd\r" +expect { + timeout {puts "TESTING ERROR 1.1\n";exit} + "Max file size 1024 1024" +} +expect { + timeout {puts "TESTING ERROR 1.2\n";exit} + "Max processes 1000 1000" +} +expect { + timeout {puts "TESTING ERROR 1.3\n";exit} + "Max open files 500 500" +} +expect { + timeout {puts "TESTING ERROR 1.4\n";exit} + "Max pending signals 200 200" +} +expect { + timeout {puts "TESTING ERROR 1.5\n";exit} + "home" +} +after 100 +puts "\n" diff --git a/test/environment/rlimit.profile b/test/environment/rlimit.profile new file mode 100644 index 000000000..271891c03 --- /dev/null +++ b/test/environment/rlimit.profile @@ -0,0 +1,4 @@ + rlimit-fsize 1024 +rlimit-nproc 1000 + rlimit-nofile 500 +rlimit-sigpending 200 \ No newline at end of file diff --git a/test/fs_chroot.exp b/test/fs_chroot.exp deleted file mode 100755 index aeb5669e1..000000000 --- a/test/fs_chroot.exp +++ /dev/null @@ -1,68 +0,0 @@ -#!/usr/bin/expect -f - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --chroot=/tmp/chroot\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - "Error: --chroot option is not available on Grsecurity systems" {puts "\nall done\n"; exit} - "Child process initialized" {puts "chroot available\n"}; -} -sleep 1 - -send -- "cd /home;pwd\r" -expect { - timeout {puts "TESTING ERROR 0.1\n";exit} - "home" -} -sleep 1 -send -- "bash\r" -sleep 1 -send -- "ls /; pwd\r" -expect { - timeout {puts "TESTING ERROR 0.2\n";exit} - "this-is-my-chroot" -} -expect { - timeout {puts "TESTING ERROR 0.3\n";exit} - "home" -} - - - -send -- "ps aux; pwd\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - "/bin/bash" -} -expect { - timeout {puts "TESTING ERROR 2\n";exit} - "bash" -} -expect { - timeout {puts "TESTING ERROR 3\n";exit} - "ps aux" -} -expect { - timeout {puts "TESTING ERROR 4\n";exit} - "home" -} -sleep 1 - - -send -- "ps aux |wc -l; pwd\r" -expect { - timeout {puts "TESTING ERROR 5\n";exit} - "6" -} -expect { - timeout {puts "TESTING ERROR 6\n";exit} - "home" -} -sleep 1 - - -puts "all done\n" - diff --git a/test/rlimit/rlimit-profile.exp b/test/rlimit/rlimit-profile.exp deleted file mode 100755 index a9e54a405..000000000 --- a/test/rlimit/rlimit-profile.exp +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/expect -f - -set timeout 10 -#cd /home -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --profile=rlimit.profile\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - "Child process initialized" -} -sleep 1 - -send -- "cat /proc/self/limits\r" -expect { - timeout {puts "TESTING ERROR 1.1\n";exit} - "Max file size 1024 1024" -} -expect { - timeout {puts "TESTING ERROR 1.2\n";exit} - "Max processes 1000 1000" -} -expect { - timeout {puts "TESTING ERROR 1.3\n";exit} - "Max open files 500 500" -} -expect { - timeout {puts "TESTING ERROR 1.4\n";exit} - "Max pending signals 200 200" -} -after 100 -puts "\nall done\n" diff --git a/test/rlimit/rlimit.exp b/test/rlimit/rlimit.exp deleted file mode 100755 index 611f69821..000000000 --- a/test/rlimit/rlimit.exp +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/expect -f - -set timeout 10 -cd /home -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --rlimit-fsize=1024 --rlimit-nproc=1000 --rlimit-nofile=500 --rlimit-sigpending=200\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - "Child process initialized" -} -sleep 1 - -send -- "cat /proc/self/limits; pwd\r" -expect { - timeout {puts "TESTING ERROR 1.1\n";exit} - "Max file size 1024 1024" -} -expect { - timeout {puts "TESTING ERROR 1.2\n";exit} - "Max processes 1000 1000" -} -expect { - timeout {puts "TESTING ERROR 1.3\n";exit} - "Max open files 500 500" -} -expect { - timeout {puts "TESTING ERROR 1.4\n";exit} - "Max pending signals 200 200" -} -expect { - timeout {puts "TESTING ERROR 1.5\n";exit} - "home" -} -after 100 -puts "\n" diff --git a/test/rlimit/rlimit.profile b/test/rlimit/rlimit.profile deleted file mode 100644 index 271891c03..000000000 --- a/test/rlimit/rlimit.profile +++ /dev/null @@ -1,4 +0,0 @@ - rlimit-fsize 1024 -rlimit-nproc 1000 - rlimit-nofile 500 -rlimit-sigpending 200 \ No newline at end of file diff --git a/test/rlimit/rlimit.sh b/test/rlimit/rlimit.sh deleted file mode 100755 index d85497176..000000000 --- a/test/rlimit/rlimit.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -# This file is part of Firejail project -# Copyright (C) 2014-2016 Firejail Authors -# License GPL v2 - -export MALLOC_CHECK_=3 -export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) - -echo "TESTING: rlimit (test/rlimit/rlimit.exp)" -./rlimit.exp - -echo "TESTING: rlimit profile (test/rlimit/rlimit-profile.exp)" -./rlimit-profile.exp - -- cgit v1.2.3-54-g00ecf