whitelist-dev.exp 2.85 KB
Newer Older
netblue30's avatar
netblue30 committed
1 2
#!/usr/bin/expect -f
# This file is part of Firejail project
3
# Copyright (C) 2014-2019 Firejail Authors
netblue30's avatar
netblue30 committed
4 5 6 7 8 9 10 11 12 13 14 15 16
# License GPL v2

set timeout 10
spawn $env(SHELL)
match_max 100000

send -- "firejail --whitelist=/dev/null --debug\r"
expect {
	timeout {puts "TESTING ERROR 0\n";exit}
	"Child process initialized"
}
sleep 1

netblue30's avatar
netblue30 committed
17
send -- "find /dev | wc -l\r"
netblue30's avatar
netblue30 committed
18 19 20 21 22 23 24 25
expect {
	timeout {puts "TESTING ERROR 1\n";exit}
	"2"
}
after 100
send -- "exit\r"
sleep 1

netblue30's avatar
netblue30 committed
26 27
send -- "firejail --whitelist=/dev/null --whitelist=/dev/shm --whitelist=/dev/random\r"
expect {
28
	timeout {puts "TESTING ERROR 2\n";exit}
netblue30's avatar
netblue30 committed
29 30 31 32 33 34
	"Child process initialized"
}
sleep 1

send -- "find /dev | wc -l\r"
expect {
35
	timeout {puts "TESTING ERROR 3\n";exit}
netblue30's avatar
netblue30 committed
36 37 38 39 40 41
	"4"
}
after 100
send -- "exit\r"
sleep 1

netblue30's avatar
netblue30 committed
42
send -- "firejail --private-dev --debug\r"
netblue30's avatar
netblue30 committed
43
expect {
44
	timeout {puts "TESTING ERROR 4\n";exit}
netblue30's avatar
netblue30 committed
45 46 47 48
	"Child process initialized"
}
sleep 1

netblue30's avatar
netblue30 committed
49
send -- "ls -l /dev | wc -l\r"
netblue30's avatar
netblue30 committed
50
expect {
51
	timeout {puts "TESTING ERROR 5\n";exit}
netblue30's avatar
netblue30 committed
52 53 54 55 56
	"12" {puts "OK\n"}
	"13" {puts "OK\n"}
	"14" {puts "OK\n"}
	"15" {puts "OK\n"}
	"16" {puts "OK\n"}
netblue30's avatar
netblue30 committed
57
	"17" {puts "OK\n"}
netblue30's avatar
netblue30 committed
58
	"18" {puts "OK\n"}
59 60 61
	"19" {puts "OK\n"}
	"20" {puts "OK\n"}
	"21" {puts "OK\n"}
netblue30's avatar
netblue30 committed
62 63
}
after 100
netblue30's avatar
netblue30 committed
64

netblue30's avatar
netblue30 committed
65
set have_dvd 0
netblue30's avatar
netblue30 committed
66 67
send -- "ls -l /dev\r"
expect {
netblue30's avatar
netblue30 committed
68
	"dvd" {set have_dvd 1}
netblue30's avatar
netblue30 committed
69 70 71
}
after 100

netblue30's avatar
netblue30 committed
72 73

set have_dri 0
netblue30's avatar
netblue30 committed
74 75
send -- "ls -l /dev\r"
expect {
netblue30's avatar
netblue30 committed
76
	"dri" {set have_dri 1}
netblue30's avatar
netblue30 committed
77 78 79
}
after 100

netblue30's avatar
netblue30 committed
80
set have_snd 0
netblue30's avatar
netblue30 committed
81 82
send -- "ls -l /dev\r"
expect {
netblue30's avatar
netblue30 committed
83
	"snd" {set have_snd 1}
netblue30's avatar
netblue30 committed
84 85 86
}
after 100

netblue30's avatar
netblue30 committed
87 88 89
send -- "exit\r"
sleep 1

netblue30's avatar
netblue30 committed
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
if { $have_snd > 0 } {
	puts "TESTING --private-dev --nosound\n"
	send -- "firejail --private-dev --nosound ls /dev\r"
	expect {
		timeout {puts "TESTING ERROR 7\n";exit}
		"Child process initialized"
	}
	expect {
		timeout {puts "TESTING ERROR 8\n";exit}
		"snd" {puts "TESTING ERROR 9\n";exit}
		"Parent is shutting down"
	}
	after 100
} else {
	puts "TESTING skip --private-dev --nosound, no /dev/snd device available\n"
netblue30's avatar
netblue30 committed
105
}
netblue30's avatar
netblue30 committed
106

netblue30's avatar
netblue30 committed
107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
if { $have_dvd > 0 } {
	puts "TESTING --private-dev --nodvd\n"
	send -- "firejail --private-dev --nodvd ls /dev\r"
	expect {
		timeout {puts "TESTING ERROR 10\n";exit}
		"Child process initialized"
	}
	expect {
		timeout {puts "TESTING ERROR 11\n";exit}
		"dvd" {puts "TESTING ERROR 12\n";exit}
		"cdrom" {puts "TESTING ERROR 13\n";exit}
		"dvdrom" {puts "TESTING ERROR 14\n";exit}
		"cdrw" {puts "TESTING ERROR 15\n";exit}
		"dvdrw" {puts "TESTING ERROR 16\n";exit}
		"Parent is shutting down"
	}
	after 100
} else {
	puts "TESTING skip --private-dev --nodvd, no /dev/dvd device available\n"
netblue30's avatar
netblue30 committed
126
}
netblue30's avatar
netblue30 committed
127

netblue30's avatar
netblue30 committed
128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
if { $have_dri > 0 } {
	puts "TESTING --private-dev --no3d\n"
	send -- "firejail --private-dev --no3d ls /dev\r"
	expect {
		timeout {puts "TESTING ERROR 17\n";exit}
		"Child process initialized"
	}
	expect {
		timeout {puts "TESTING ERROR 18\n";exit}
		"dri" {puts "TESTING ERROR 19\n";exit}
		"Parent is shutting down"
	}
	after 100
} else {
	puts "TESTING skip --private-dev --no3d, no /dev/dri device available\n"
netblue30's avatar
netblue30 committed
143
}
netblue30's avatar
netblue30 committed
144 145 146

after 100
puts "\nall done\n"