1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
.TH JAILTEST 1 "MONTH YEAR" "VERSION" "JAILTEST man page"
.SH NAME
jailtest \- Simple utility program to test running sandboxes
.SH SYNOPSIS
sudo jailtest [OPTIONS] [directory]
.SH DESCRIPTION
WORK IN PROGRESS!
jailtest attaches itself to all sandboxes started by the user and performs some basic tests
on the sandbox filesystem:
.TP
\fB1. Virtual directories
jailtest extracts a list with the main virtual directories installed by the sandbox.
These directories are build by firejail at startup using --private* and --whitelist commands.
.TP
\fB2. Noexec test
jailtest inserts executable programs in /home/username, /tmp, and /var/tmp directories
and tries to run them form inside the sandbox, thus testing if the directory is executable or not.
.TP
\fB3. Read access test
jailtest creates test files in the directories specified by the user and tries to read
them from inside the sandbox.
.TP
The program is running as root exclusively under sudo.
.SH OPTIONS
.TP
\fB\-\-debug
Print debug messages
.TP
\fB\-?\fR, \fB\-\-help\fR
Print options end exit.
.TP
\fB\-\-version
Print program version and exit.
.TP
\fB[directory]
One or more directories in user home to test for read access.
.SH OUTPUT
For each sandbox detected we print the following line:
PID:USER:Sandbox Name:Command
It is followed by relevant sandbox information, such as the virtual directories and various warnings.
.SH EXAMPLE
.br
$ sudo jailtest ~/.ssh ~/.gnupg
.br
1429:netblue::/usr/bin/firejail /opt/firefox/firefox
.br
Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc,
.br
5602:netblue::/usr/bin/firejail /usr/bin/ssh netblue@x.y.z.net
.br
Virtual dirs: /var/tmp, /dev,
.br
Warning: I can read ~/.ssh
.br
5926:netblue::/usr/bin/firejail /usr/bin/gimp-2.10
.br
Virtual dirs: /tmp, /var/tmp, /dev,
.br
Warning: I can run programs in /home/netblue
.br
6394:netblue:libreoffice:/usr/bin/firejail libreoffice
.br
Virtual dirs: /tmp, /var/tmp, /dev,
.br
.SH LICENSE
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
.PP
Homepage: https://firejail.wordpress.com
.SH SEE ALSO
\&\flfirejail\fR\|(1),
\&\flfirecfg\fR\|(1),
\&\flfirejail-profile\fR\|(5),
\&\flfirejail-login\fR\|(5)
\&\flfirejail-users\fR\|(5)
|
