testing

.gitignore

@@ -22,4 +22,5 @@ src/tags
 src/faudit/faudit
 src/fnet/fnet
 src/fseccomp/fseccomp
+src/fcopy/fcopy
 uids.h

test/fs/fs.sh

@@ -82,10 +82,21 @@ echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"
 echo "TESTING: double whitelist (test/fs/whitelist-double.exp)"
 ./whitelist-double.exp
 
-
 echo "TESTING: whitelist (test/fs/whitelist.exp)"
 ./whitelist.exp
 
+echo "TESTING: fscheck --bind non root (test/fs/fscheck-bindnoroot.exp)"
+./fscheck-bindnoroot.exp
+
+echo "TESTING: fscheck --tmpfs non root (test/fs/fscheck-tmpfs.exp)"
+./fscheck-tmpfs.exp
+
+echo "TESTING: fscheck --private= (test/fs/fscheck-private.exp)"
+./fscheck-private.exp
+
+echo "TESTING: fscheck --read-only= (test/fs/fscheck-readonly.exp)"
+./fscheck-readonly.exp
+
 #cleanup
 rm -fr ~/fjtest-dir
 rm -fr ~/fjtest-dir-lnk

test/fscheck-bindnoroot.exp → test/fs/fscheck-bindnoroot.exp

@@ -5,10 +5,13 @@ spawn $env(SHELL)
 match_max 100000
 
 # dir
-send -- "firejail --net=br0 --bind=fscheck-dir,/etc\r"
+send -- "firejail --net=br0 --bind=testdir1,/etc\r"
 expect {
  timeout {puts "TESTING ERROR 0\n";exit}
  "Error"
 }
 after 100
 
+puts "\nall done\n"
+
+

test/fs/fscheck-private.exp

@@ -0,0 +1,50 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+
+# file link
+#send -- "firejail --private=fscheck-file-link\r"
+#expect {
+# timeout {puts "TESTING ERROR 2\n";exit}
+# "Error"
+#}
+#after 100
+
+# file 
+send -- "firejail --private=testfile1\r"
+expect {
+ timeout {puts "TESTING ERROR 2.1\n";exit}
+ "Error"
+}
+after 100
+
+# ..
+send -- "firejail --private=../fs/testfile1\r"
+expect {
+ timeout {puts "TESTING ERROR 2.2\n";exit}
+ "Error"
+}
+after 100
+
+# no file
+send -- "firejail --private=../test/nodir\r"
+expect {
+ timeout {puts "TESTING ERROR 3\n";exit}
+ "Error"
+}
+after 100
+
+# same owner
+send -- "firejail --private=/etc\r"
+expect {
+ timeout {puts "TESTING ERROR 4\n";exit}
+ "Error"
+}
+after 100
+
+puts "\nall done\n"
+

test/fscheck-readonly.exp → test/fs/fscheck-readonly.exp

@@ -5,10 +5,11 @@ spawn $env(SHELL)
 match_max 100000
 
 # dir
-send -- "firejail --net=br0 --read-only=../test/fscheck-dir\r"
+send -- "firejail --read-only=../test/testdir1\r"
 expect {
  timeout {puts "TESTING ERROR 0\n";exit}
  "Error"
 }
 after 100
 
+puts "\nall done\n"

test/fscheck-tmpfs.exp → test/fs/fscheck-tmpfs.exp

@@ -5,7 +5,7 @@ spawn $env(SHELL)
 match_max 100000
 
 # ..
-send -- "firejail --net=br0 --tmpfs=../test/fscheck-dir\r"
+send -- "firejail --tmpfs=fscheck-dir\r"
 expect {
  timeout {puts "TESTING ERROR 0.1\n";exit}
  "Error"

test/fs/read-write.exp

@@ -15,37 +15,21 @@ expect {
 }
 sleep 1
 
-send -- "echo mytest >~/_firejail_test_dir/a;echo done\r"
+send -- "echo mytest > ~/_firejail_test_dir/a\r"
 expect {
- timeout {puts "TESTING ERROR 1\n";exit}
- "done"
-}
-after 100
-
-send -- "echo mytest >~/_firejail_test_dir/test1/b;echo done\r"
-expect {
- timeout {puts "TESTING ERROR 2\n";exit}
- "done"
+ timeout {puts "TESTING ERROR 5\n";exit}
+ "Read-only file system"
 }
 after 100
 
-send -- "cat ~/_firejail_test_dir/a;echo done\r"
-expect {
- timeout {puts "TESTING ERROR 3\n";exit}
- "mytest" {puts "TESTING ERROR 4\n";exit}
- "done"
-}
-after 100
+send -- "echo mytest > ~/_firejail_test_dir/test1/b\r"
+sleep 1
 
-send -- "cat ~/_firejail_test_dir/test1/b;echo done\r"
+send -- "cat ~/_firejail_test_dir/test1/b\r"
 expect {
  timeout {puts "TESTING ERROR 5\n";exit}
  "mytest"
 }
-expect {
- timeout {puts "TESTING ERROR 6\n";exit}
- "done"
-}
 
 after 100
 puts "\nall done\n"