#!/usr/bin/expect -f # This file is part of Firejail project # Copyright (C) 2014-2023 Firejail Authors # License GPL v2 set timeout 10 spawn $env(SHELL) match_max 100000 send -- "echo testing > ~/_firejail-test-file\r" after 100 send -- "firejail --build cat ~/_firejail-test-file\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "whitelist $\{HOME\}/_firejail-test-file" } expect { timeout {puts "TESTING ERROR 1\n";exit} "include whitelist-common.inc" } expect { timeout {puts "TESTING ERROR 2\n";exit} "include whitelist-usr-share-common.inc" } expect { timeout {puts "TESTING ERROR 3\n";exit} "include whitelist-var-common.inc" } expect { timeout {puts "TESTING ERROR 4\n";exit} "caps.drop all" } expect { timeout {puts "TESTING ERROR 5\n";exit} "ipc-namespace" } expect { timeout {puts "TESTING ERROR 6\n";exit} "netfilter" } expect { timeout {puts "TESTING ERROR 7\n";exit} "nonewprivs" } expect { timeout {puts "TESTING ERROR 8\n";exit} "noroot" } expect { timeout {puts "TESTING ERROR 9\n";exit} "net none" } expect { timeout {puts "TESTING ERROR 10\n";exit} "seccomp" } expect { timeout {puts "TESTING ERROR 11\n";exit} "private-bin cat," } expect { timeout {puts "TESTING ERROR 12\n";exit} "private-dev" } expect { timeout {puts "TESTING ERROR 13\n";exit} "private-etc none" } expect { timeout {puts "TESTING ERROR 14\n";exit} "private-tmp" } after 100 send -- "rm -f ~/_firejail-test-file\r" after 100 send -- "firejail --build cat /etc/passwd\r" expect { timeout {puts "TESTING ERROR 10\n";exit} "private-etc passwd," } after 100 send -- "rm firejail-test-file-4388\r" after 100 send -- "firejail --build=firejail-test-file-4388 cat /etc/passwd\r" after 100 send -- "cat firejail-test-file-4388\r" expect { timeout {puts "TESTING ERROR 10.1\n";exit} "private-etc passwd," } after 100 # increase the timeout for remote services set timeout 30 send -- "firejail --build wget --output-document=~ debian.org\r" expect { timeout {puts "TESTING ERROR 13\n";exit} "protocol" } expect { timeout {puts "TESTING ERROR 13.1\n";exit} "inet" } after 100 puts "all done\n"