#!/usr/bin/expect -f

set timeout 10
spawn $env(SHELL)
match_max 100000

send -- "firejail --debug --noprofile --noroot --caps.drop=all --seccomp --cpu=0,1 --name=noroot-sandbox\r"
expect {
	timeout {puts "TESTING ERROR 0.1\n";exit}
	"Child process initialized"
}
sleep 1

send -- "cat /proc/self/status\r"
expect {
	timeout {puts "TESTING ERROR 1\n";exit}
	"CapBnd:"
}
expect {
	timeout {puts "TESTING ERROR 1.1\n";exit}
	"0000000000000000"
}

send -- "cat /proc/self/status\r"
expect {
	timeout {puts "TESTING ERROR 2\n";exit}
	"Cpus_allowed:"
}
expect {
	timeout {puts "TESTING ERROR 2.1\n";exit}
	"3"
}
expect {
	timeout {puts "TESTING ERROR 2.2\n";exit}
	"Cpus_allowed_list:"
}
puts "\n"

send -- "cat /proc/self/status\r"
expect {
	timeout {puts "TESTING ERROR 2\n";exit}
	"Seccomp:"
}
expect {
	timeout {puts "TESTING ERROR 2.1\n";exit}
	"2"
}
expect {
	timeout {puts "TESTING ERROR 2.2\n";exit}
	"Cpus_allowed:"
}
puts "\n"

send -- "ping 0\r"
expect {
	timeout {puts "TESTING ERROR 4\n";exit}
	"Operation not permitted"
}
puts "\n"

send -- "whoami\r"
expect {
	timeout {puts "TESTING ERROR 55\\n";exit}
	"netblue"
}
puts "\n"
send -- "exit\r"
sleep 2


send -- "firejail --noroot --noprofile\r"
expect {
	timeout {puts "TESTING ERROR 6\n";exit}
	"Child process initialized"
}
sleep 1
send -- "whoami\r"
expect {
	timeout {puts "TESTING ERROR 7\n";exit}
	"netblue"
}
send -- "sudo -s\r"
expect {
	timeout {puts "TESTING ERROR 8\n";exit}
	"effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
}
puts "\n"
send -- "exit\r"
sleep 2

send -- "firejail --name=test --noroot --noprofile\r"
expect {
	timeout {puts "TESTING ERROR 9\n";exit}
	"Child process initialized"
}
sleep 1

spawn $env(SHELL)
send -- "firejail --debug --join=test\r"
expect {
	timeout {puts "TESTING ERROR 9\n";exit}
	"User namespace detected"
}
expect {
	timeout {puts "TESTING ERROR 9\n";exit}
	"Joining user namespace"
}
sleep 1

send -- "sudo -s\r"
expect {
	timeout {puts "TESTING ERROR 8\n";exit}
	"effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
}
puts "all done\n"