Commit 2f8688a1 authored by netblue30's avatar netblue30

testing

parent 63e16bfc
...@@ -39,7 +39,6 @@ clean: ...@@ -39,7 +39,6 @@ clean:
for dir in $(APPS) $(MYLIBS); do \ for dir in $(APPS) $(MYLIBS); do \
$(MAKE) -C $$dir clean; \ $(MAKE) -C $$dir clean; \
done done
rm -fr gcov-file gcov-dir gcov-test-initialized
rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm
rm -f test/utils/index.html* rm -f test/utils/index.html*
rm -f test/utils/wget-log rm -f test/utils/wget-log
...@@ -146,7 +145,7 @@ uninstall: ...@@ -146,7 +145,7 @@ uninstall:
rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
DISTFILES = "src etc platform configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" DISTFILES = "src etc platform configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES"
DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" DISTFILES_TEST = "test/rlimit test/apps test/apps-x11 test/apps-x11-xorg test/root test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils"
dist: dist:
mv config.status config.status.old mv config.status config.status.old
...@@ -188,14 +187,6 @@ cppcheck: clean ...@@ -188,14 +187,6 @@ cppcheck: clean
scan-build: clean scan-build: clean
scan-build make scan-build make
gcov-test-initialized:
./gcov-test-init.sh
gcov: gcov-test-initialized
lcov --capture -d src/firejail -d src/firemon -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg --output-file gcov-file
rm -fr gcov-dir
genhtml gcov-file --output-directory gcov-dir
# #
# make test # make test
...@@ -232,7 +223,10 @@ test-arguments: ...@@ -232,7 +223,10 @@ test-arguments:
test-fs: test-fs:
cd test/fs; ./fs.sh | grep TESTING cd test/fs; ./fs.sh | grep TESTING
test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments test-rlimit:
cd test/rlimit; ./rlimit.sh | grep TESTING
test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments test-rlimit
echo "TEST COMPLETE" echo "TEST COMPLETE"
########################################## ##########################################
......
#!/bin/bash
USER=`whoami`
firejail --help
firemon --help
/usr/lib/firejail/fnet --help
/usr/lib/firejail/fseccomp --help
/usr/lib/firejail/ftee --help
firecfg --help
sudo chown $USER:$USER `find .`
touch gcov-test-initialized
...@@ -626,6 +626,9 @@ void fs_private_home_list(void) { ...@@ -626,6 +626,9 @@ void fs_private_home_list(void) {
fs_logger_print(); // save the current log fs_logger_print(); // save the current log
free(dlist); free(dlist);
#ifdef HAVE_GCOV
__gcov_flush();
#endif
_exit(0); _exit(0);
} }
// wait for the child to finish // wait for the child to finish
......
...@@ -104,16 +104,8 @@ void preproc_build_cp_command(void) { ...@@ -104,16 +104,8 @@ void preproc_build_cp_command(void) {
preproc_mount_mnt_dir(); preproc_mount_mnt_dir();
if (stat(RUN_CP_COMMAND, &s)) { if (stat(RUN_CP_COMMAND, &s)) {
char* fname = realpath("/bin/cp", NULL); char* fname = realpath("/bin/cp", NULL);
if (fname == NULL) { if (fname == NULL || stat(fname, &s) || is_link(fname)) {
fprintf(stderr, "Error: /bin/cp not found\n"); fprintf(stderr, "Error: invalid /bin/cp\n");
exit(1);
}
if (stat(fname, &s)) {
fprintf(stderr, "Error: /bin/cp not found\n");
exit(1);
}
if (is_link(fname)) {
fprintf(stderr, "Error: invalid /bin/cp file\n");
exit(1); exit(1);
} }
int rv = copy_file(fname, RUN_CP_COMMAND, 0, 0, 0755); int rv = copy_file(fname, RUN_CP_COMMAND, 0, 0, 0755);
......
...@@ -130,7 +130,7 @@ void pulseaudio_init(void) { ...@@ -130,7 +130,7 @@ void pulseaudio_init(void) {
int rv = mkdir(dir1, 0755); int rv = mkdir(dir1, 0755);
if (rv == 0) { if (rv == 0) {
if (set_perms(dir1, getuid(), getgid(), 0755)) if (set_perms(dir1, getuid(), getgid(), 0755))
; // do nothing {;} // do nothing
} }
} }
free(dir1); free(dir1);
...@@ -140,7 +140,7 @@ void pulseaudio_init(void) { ...@@ -140,7 +140,7 @@ void pulseaudio_init(void) {
int rv = mkdir(dir1, 0700); int rv = mkdir(dir1, 0700);
if (rv == 0) { if (rv == 0) {
if (set_perms(dir1, getuid(), getgid(), 0700)) if (set_perms(dir1, getuid(), getgid(), 0700))
; // do nothing {;} // do nothing
} }
} }
free(dir1); free(dir1);
......
...@@ -79,6 +79,18 @@ expect { ...@@ -79,6 +79,18 @@ expect {
"name=blablabla" "name=blablabla"
} }
sleep 1 sleep 1
send -- "firemon --x11\r"
expect {
timeout {puts "TESTING ERROR 7\n";exit}
"name=test xterm"
}
expect {
timeout {puts "TESTING ERROR 7.1\n";exit}
"DISPLAY"
}
sleep 1
send -- "firejail --shutdown=test\r" send -- "firejail --shutdown=test\r"
sleep 3 sleep 3
......
...@@ -55,12 +55,6 @@ else ...@@ -55,12 +55,6 @@ else
echo "TESTING SKIP: zsh not found" echo "TESTING SKIP: zsh not found"
fi fi
echo "TESTING: rlimit (test/environment/rlimit.exp)"
./rlimit.exp
echo "TESTING: rlimit profile (test/environment/rlimit-profile.exp)"
./rlimit-profile.exp
echo "TESTING: firejail in firejail - single sandbox (test/environment/firejail-in-firejail.exp)" echo "TESTING: firejail in firejail - single sandbox (test/environment/firejail-in-firejail.exp)"
./firejail-in-firejail.exp ./firejail-in-firejail.exp
......
...@@ -4,10 +4,6 @@ set timeout 5 ...@@ -4,10 +4,6 @@ set timeout 5
spawn $env(SHELL) spawn $env(SHELL)
match_max 100000 match_max 100000
send -- "pkill apache\r"
sleep 2
send -- "firejail --name=apache /etc/init.d/apache2 start\r" send -- "firejail --name=apache /etc/init.d/apache2 start\r"
expect { expect {
timeout {puts "TESTING ERROR 0\n";exit} timeout {puts "TESTING ERROR 0\n";exit}
......
...@@ -4,15 +4,6 @@ set timeout 5 ...@@ -4,15 +4,6 @@ set timeout 5
spawn $env(SHELL) spawn $env(SHELL)
match_max 100000 match_max 100000
send -- "sudo ls; sudo whoami; sudo pwd\r"
expect {
timeout {puts "TESTING ERROR: you need to root run this test as root\n";exit}
"root"
}
send -- "pkill dhcpd\r"
sleep 2
send -- "firejail --name=dhcpd /etc/init.d/isc-dhcp-server start\r" send -- "firejail --name=dhcpd /etc/init.d/isc-dhcp-server start\r"
expect { expect {
timeout {puts "TESTING ERROR 0\n";exit} timeout {puts "TESTING ERROR 0\n";exit}
......
...@@ -4,10 +4,6 @@ set timeout 5 ...@@ -4,10 +4,6 @@ set timeout 5
spawn $env(SHELL) spawn $env(SHELL)
match_max 100000 match_max 100000
send -- "pkill nginx\r"
sleep 2
send -- "firejail --name=nginx /etc/init.d/nginx start\r" send -- "firejail --name=nginx /etc/init.d/nginx start\r"
expect { expect {
timeout {puts "TESTING ERROR 0\n";exit} timeout {puts "TESTING ERROR 0\n";exit}
......
...@@ -47,6 +47,12 @@ else ...@@ -47,6 +47,12 @@ else
echo "TESTING SKIP: nginx not found" echo "TESTING SKIP: nginx not found"
fi fi
#********************************
# filesystem
#********************************
echo "TESTING: fs private (test/root/private.exp)"
./private.exp
#******************************** #********************************
# seccomp # seccomp
#******************************** #********************************
......
...@@ -4,16 +4,6 @@ set timeout 5 ...@@ -4,16 +4,6 @@ set timeout 5
spawn $env(SHELL) spawn $env(SHELL)
match_max 100000 match_max 100000
send -- "sudo ls; sudo whoami; sudo pwd\r"
expect {
timeout {puts "TESTING ERROR: you need to root run this test as root\n";exit}
"root"
}
send -- "pkill snmpd\r"
sleep 2
send -- "firejail --name=snmpd /etc/init.d/snmpd start\r" send -- "firejail --name=snmpd /etc/init.d/snmpd start\r"
expect { expect {
timeout {puts "TESTING ERROR 0\n";exit} timeout {puts "TESTING ERROR 0\n";exit}
......
...@@ -4,15 +4,6 @@ set timeout 5 ...@@ -4,15 +4,6 @@ set timeout 5
spawn $env(SHELL) spawn $env(SHELL)
match_max 100000 match_max 100000
send -- "sudo ls; sudo whoami; sudo pwd\r"
expect {
timeout {puts "TESTING ERROR: you need to root run this test as root\n";exit}
"root"
}
send -- "pkill unbound\r"
sleep 2
send -- "firejail --name=unbound unbound\r" send -- "firejail --name=unbound unbound\r"
expect { expect {
timeout {puts "TESTING ERROR 0\n";exit} timeout {puts "TESTING ERROR 0\n";exit}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment