Commit 37a5a354 authored by netblue30's avatar netblue30

testing

parent c3354382
......@@ -255,6 +255,7 @@ dist:
cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/dist-compile test/.; cd ..
cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/filters test/.; cd ..
cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/network test/.; cd ..
cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/fs test/.; cd ..
cd $(NAME)-$(VERSION); rm -fr `find . -name .svn`; rm -fr $(NAME)-$(VERSION); cd ..
tar -cjvf $(NAME)-$(VERSION).tar.bz2 $(NAME)-$(VERSION)
rm -fr $(NAME)-$(VERSION)
......@@ -304,5 +305,8 @@ test-filters:
test-network:
echo "Please read test/netwok/README file and run the test manually"
test: test-profiles test-utils test-environment test-apps test-apps-x11 test-filters test-network
test-fs:
cd test/fs; ./fs.sh | grep TESTING
test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-filters test-network
echo "TEST COMPLETE"
......@@ -62,3 +62,8 @@ fi
echo "TESTING: nice (test/environment/nice.exp)"
./nice.exp
echo "TESTING: quiet (test/environment/quiet.exp)"
./quiet.exp
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 4
spawn $env(SHELL)
match_max 100000
# check ip address
send -- "firejail --net=br0 --quiet\r"
send -- "firejail --quiet echo done\r"
expect {
"Child process initialized" {puts "TESTING ERROR 1\n";exit}
"Interface" {puts "TESTING ERROR 1\n";exit}
timeout {puts "TESTING ERROR 1\n";exit}
"Reading profile" {puts "TESTING ERROR 2\n";exit}
"Child process initialized" {puts "TESTING ERROR 3\n";exit}
"done"
}
sleep 1
send -- "\r"
puts "\nall done\n"
#!/bin/bash
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
echo "TESTING: kmsg access (test/fs/kmsg.exp)"
./kmsg.exp
echo "TESTING: read/write /var/tmp (test/fs/fs_var_tmp.exp)"
./fs_var_tmp.exp
echo "TESTING: read/write /var/lock (test/fs/fs_var_lock.exp)"
./fs_var_lock.exp
echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)"
./fs_dev_shm.exp
echo "TESTING: private (test/fs/private.exp)"
./private.exp `whoami`
echo "TESTING: private-etc (test/fs/private-etc.exp)"
./private-etc.exp
echo "TESTING: private-bin (test/fs/private-bin.exp)"
./private-bin.exp
echo "TESTING: whitelist empty (test/fs/whitelist-empty.exp)"
./whitelist-empty.exp
echo "TESTING: private whitelist (test/fs/private-whitelist.exp)"
echo "TESTING: (failing on OpenSUSE)"
./private-whitelist.exp
echo "TESTING: invalid filename (test/fs/invalid_filename.exp)"
./invalid_filename.exp
echo "TESTING: blacklist directory (test/fs/option_blacklist.exp)"
./option_blacklist.exp
echo "TESTING: blacklist file (test/fs/option_blacklist_file.exp)"
./option_blacklist_file.exp
echo "TESTING: bind as user (test/fs/option_bind_user.exp)"
./option_bind_user.exp
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -12,33 +15,33 @@ expect {
}
sleep 1
send -- "echo mytest > /dev/shm/ttt;pwd\r"
send -- "echo mytest > /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"home"
"done"
}
send -- "cat /dev/shm/ttt;pwd\r"
send -- "cat /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 2.1\n";exit}
timeout {puts "TESTING ERROR 2\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"home"
timeout {puts "TESTING ERROR 3\n";exit}
"done"
}
send -- "rm /dev/shm/ttt;pwd\r"
send -- "rm /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"home"
timeout {puts "TESTING ERROR 4\n";exit}
"done"
}
send -- "cat /dev/shm/ttt;pwd\r"
send -- "cat /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"mytest" {puts "TESTING ERROR 4.1\n";exit}
"home"
timeout {puts "TESTING ERROR 5\n";exit}
"mytest" {puts "TESTING ERROR 6\n";exit}
"done"
}
sleep 1
......@@ -48,40 +51,40 @@ sleep 1
# redo the test with --private
send -- "firejail\r"
expect {
timeout {puts "TESTING ERROR 10\n";exit}
timeout {puts "TESTING ERROR 7\n";exit}
"Child process initialized"
}
sleep 1
send -- "echo mytest > /dev/shm/ttt;pwd\r"
send -- "echo mytest > /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 11\n";exit}
"home"
timeout {puts "TESTING ERROR 8\n";exit}
"done"
}
send -- "cat /dev/shm/ttt;pwd\r"
send -- "cat /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 12.1\n";exit}
timeout {puts "TESTING ERROR 9\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 12\n";exit}
"home"
timeout {puts "TESTING ERROR 10\n";exit}
"done"
}
send -- "rm /dev/shm/ttt;pwd\r"
send -- "rm /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 13\n";exit}
"home"
timeout {puts "TESTING ERROR 11\n";exit}
"done"
}
send -- "cat /dev/shm/ttt;pwd\r"
send -- "cat /dev/shm/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 14\n";exit}
"mytest" {puts "TESTING ERROR 14.1\n";exit}
"home"
timeout {puts "TESTING ERROR 12\n";exit}
"mytest" {puts "TESTING ERROR 13\n";exit}
"done"
}
sleep 1
puts "\n"
puts "\nall done\n"
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -12,33 +15,33 @@ expect {
}
sleep 1
send -- "echo mytest > /var/lock/ttt;pwd\r"
send -- "echo mytest > /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"home"
"done"
}
send -- "cat /var/lock/ttt;pwd\r"
send -- "cat /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 2.1\n";exit}
timeout {puts "TESTING ERROR 2\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"home"
timeout {puts "TESTING ERROR 3\n";exit}
"done"
}
send -- "rm /var/lock/ttt;pwd\r"
send -- "rm /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"home"
timeout {puts "TESTING ERROR 4\n";exit}
"done"
}
send -- "cat /var/lock/ttt;pwd\r"
send -- "cat /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"mytest" {puts "TESTING ERROR 4.1\n";exit}
"home"
timeout {puts "TESTING ERROR 5\n";exit}
"mytest" {puts "TESTING ERROR 6\n";exit}
"done"
}
sleep 1
......@@ -48,40 +51,40 @@ sleep 1
# redo the test with --private
send -- "firejail\r"
expect {
timeout {puts "TESTING ERROR 10\n";exit}
timeout {puts "TESTING ERROR 7\n";exit}
"Child process initialized"
}
sleep 1
send -- "echo mytest > /var/lock/ttt;pwd\r"
send -- "echo mytest > /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 11\n";exit}
"home"
timeout {puts "TESTING ERROR 8\n";exit}
"done"
}
send -- "cat /var/lock/ttt;pwd\r"
send -- "cat /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 12.1\n";exit}
timeout {puts "TESTING ERROR 9\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 12\n";exit}
"home"
timeout {puts "TESTING ERROR 10\n";exit}
"done"
}
send -- "rm /var/lock/ttt;pwd\r"
send -- "rm /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 13\n";exit}
"home"
timeout {puts "TESTING ERROR 11\n";exit}
"done"
}
send -- "cat /var/lock/ttt;pwd\r"
send -- "cat /var/lock/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 14\n";exit}
"mytest" {puts "TESTING ERROR 14.1\n";exit}
"home"
timeout {puts "TESTING ERROR 12\n";exit}
"mytest" {puts "TESTING ERROR 13\n";exit}
"done"
}
sleep 1
puts "\n"
puts "\nall done\n"
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -12,33 +15,33 @@ expect {
}
sleep 1
send -- "echo mytest > /var/tmp/ttt;pwd\r"
send -- "echo mytest > /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"home"
"done"
}
send -- "cat /var/tmp/ttt;pwd\r"
send -- "cat /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 2.1\n";exit}
timeout {puts "TESTING ERROR 2\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"home"
timeout {puts "TESTING ERROR 3\n";exit}
"done"
}
send -- "rm /var/tmp/ttt;pwd\r"
send -- "rm /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"home"
timeout {puts "TESTING ERROR 4\n";exit}
"done"
}
send -- "cat /var/tmp/ttt;pwd\r"
send -- "cat /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"mytest" {puts "TESTING ERROR 4.1\n";exit}
"home"
timeout {puts "TESTING ERROR 5\n";exit}
"mytest" {puts "TESTING ERROR 6\n";exit}
"done"
}
sleep 1
......@@ -48,40 +51,40 @@ sleep 1
# redo the test with --private
send -- "firejail\r"
expect {
timeout {puts "TESTING ERROR 10\n";exit}
timeout {puts "TESTING ERROR 7\n";exit}
"Child process initialized"
}
sleep 1
send -- "echo mytest > /var/tmp/ttt;pwd\r"
send -- "echo mytest > /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 11\n";exit}
"home"
timeout {puts "TESTING ERROR 8\n";exit}
"done"
}
send -- "cat /var/tmp/ttt;pwd\r"
send -- "cat /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 12.1\n";exit}
timeout {puts "TESTING ERROR 9\n";exit}
"mytest"
}
expect {
timeout {puts "TESTING ERROR 12\n";exit}
"home"
timeout {puts "TESTING ERROR 10\n";exit}
"done"
}
send -- "rm /var/tmp/ttt;pwd\r"
send -- "rm /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 13\n";exit}
"home"
timeout {puts "TESTING ERROR 11\n";exit}
"done"
}
send -- "cat /var/tmp/ttt;pwd\r"
send -- "cat /var/tmp/ttt;echo done\r"
expect {
timeout {puts "TESTING ERROR 14\n";exit}
"mytest" {puts "TESTING ERROR 14.1\n";exit}
"home"
timeout {puts "TESTING ERROR 12\n";exit}
"mytest" {puts "TESTING ERROR 13\n";exit}
"done"
}
sleep 1
puts "\n"
puts "\nall done\n"
#!/usr/bin/expect -f
#invalid_filename checks:
#
#--bind (two files) - profile.c - Note: The test is not implemented here, need to be root to test it
#--blacklist - profile.c
#--cgroup - cgroup.c
#--chroot - main.c
#--netfilter - netfilter.c
#--output - output.c
#--private - fs_home.c
#--privte-bin (list) - fs_bin.c
#--private-home (list) - fs_home.c
#--private-etc (list) - fs_etc.c
#--profile - main.c
#--read_only - profile.c
#--shell - main.c
#--tmpfs - profile.c
#--white-list
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -201,7 +185,5 @@ expect {
}
after 100
puts "\nall done\n"
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -16,14 +19,14 @@ expect {
timeout {puts "TESTING ERROR 2\n";exit}
"Permission denied"
}
sleep 1
after 100
send -- "cat /proc/kmsg\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"Permission denied"
}
sleep 1
after 100
puts "\nall done\n"
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -11,23 +14,23 @@ expect {
}
sleep 1
send -- "ls -l /var;pwd\r"
send -- "ls -l /var;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"Permission denied"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"home"
"done"
}
send -- "cd /var;pwd\r"
send -- "cd /var;echo done\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"Permission denied"
}
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"home"
"done"
}
sleep 1
......
......@@ -11,14 +11,14 @@ expect {
}
sleep 1
send -- "cat /etc/passwd;pwd\r"
send -- "cat /etc/passwd;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"Permission denied"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"home"
"done"
}
sleep 1
......
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -63,9 +66,6 @@ expect {
}
send -- "exit\r"
sleep 1
puts "\nall done\n"
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
......@@ -23,35 +26,35 @@ sleep 1
send -- "firejail --private --noprofile\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
timeout {puts "TESTING ERROR 1\n";exit}
"Child process initialized"
}
sleep 1
send -- "ls -al; pwd\r"
send -- "cd ~; ls -al; echo done\r"
expect {
timeout {puts "TESTING ERROR 0.1\n";exit}
timeout {puts "TESTING ERROR 2\n";exit}
".bashrc"
}
expect {
timeout {puts "TESTING ERROR 0.2\n";exit}
timeout {puts "TESTING ERROR 3\n";exit}
[lindex $argv 0]
}
send -- "ls -al; pwd\r"
send -- "ls -al; echo done\r"
expect {
timeout {
# OpenSUSE doesn't use .Xauthority from user home directory
# OpenSUSE doesn't use .Xauthority from user done directory
send -- "env | grep XAUTHORITY\r"
expect {
timeout {puts "TESTING ERROR 0.3\n";exit}
timeout {puts "TESTING ERROR 4\n";exit}
"/run/lightdm/netblue/xauthority"
}
}
".Xauthority"
}
expect {
timeout {puts "TESTING ERROR 0.4\n";exit}
timeout {puts "TESTING ERROR 5\n";exit}
[lindex $argv 0]
}
......@@ -59,38 +62,38 @@ expect {
# testing private only
send -- "bash\r"
sleep 1
# owner /home/netblue
send -- "ls -l /home;pwd\r"
# owner /done/netblue
send -- "ls -l /done;echo done\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
timeout {puts "TESTING ERROR 6\n";exit}
[lindex $argv 0]
}
expect {
timeout {puts "TESTING ERROR 1.1\n";exit}
timeout {puts "TESTING ERROR 7\n";exit}
[lindex $argv 0]
}
expect {
timeout {puts "TESTING ERROR 1.2\n";exit}
timeout {puts "TESTING ERROR 8\n";exit}
[lindex $argv 0]
}
expect {
timeout {puts "TESTING ERROR 1.3\n";exit}
"home"
timeout {puts "TESTING ERROR 9\n";exit}
"done"
}
sleep 1
# owner /tmp
send -- "stat -c %U%a /tmp;pwd\r"
send -- "stat -c %U%a /tmp;echo done\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
timeout {puts "TESTING ERROR 10\n";exit}
"root777" {puts "version 1\n";}
"root1777" {puts "version 2\n";}
"nobody777" {puts "version 3\n";}
"nobody1777" {puts "version 4\n";}
}
expect {
timeout {puts "TESTING ERROR 2.1\n";exit}
"home"
timeout {puts "TESTING ERROR 11\n";exit}
"done"
}
sleep 1
......
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2016 Firejail Authors
# License GPL v2
set timeout 30
spawn $env(SHELL)
......
#!/usr/bin/expect -f
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Child process initialized"
}
sleep 1
# test processes
send -- "bash\r"
sleep 1
send -- "ps aux; pwd\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
"/bin/bash"
}
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"bash"
}
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"ps aux"
}
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"home"
}
sleep 1
send -- "ps aux |wc -l; pwd\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"6" {puts "normal system\n"}
"5" {puts "grsecurity\n"}
}
expect {
timeout {puts "TESTING ERROR 6\n";exit}
"home"
}
sleep 1
puts "\nall done\n"
#!/bin/bash
echo "TESTING: version"
./option_version.exp
echo "TESTING: help"
./option_help.exp
echo "TESTING: man"
./option_man.exp
echo "TESTING: list"
./option_list.exp
echo "TESTING: PID"
./pid.exp
echo "TESTING: profile no permissions"
./profile_noperm.exp
echo "TESTING: profile syntax"
./profile_syntax.exp
echo "TESTING: profile read-only"
./profile_readonly.exp
echo "TESTING: profile tmpfs"
./profile_tmpfs.exp
echo "TESTING: private"
./private.exp `whoami`
echo "TESTING: read/write /var/tmp"
./fs_var_tmp.exp
echo "TESTING: read/write /var/run"
./fs_var_run.exp
echo "TESTING: read/write /var/lock"
./fs_var_lock.exp
echo "TESTING: read/write /dev/shm"