diff --git a/contrib/gdb-firejail.sh b/contrib/gdb-firejail.sh index 397438e1e41..35348088e97 100755 --- a/contrib/gdb-firejail.sh +++ b/contrib/gdb-firejail.sh @@ -17,7 +17,7 @@ if [ -z "${1##*/firejail}" ]; then else # First argument is not named firejail, then add default unless environment # variable already set. - set -- ${FIREJAIL:=$(which firejail)} "$@" + set -- ${FIREJAIL:=$(command -v firejail)} "$@" fi bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" & diff --git a/test/appimage/appimage.sh b/test/appimage/appimage.sh index 9afacf5be5b..c2bdad012ad 100755 --- a/test/appimage/appimage.sh +++ b/test/appimage/appimage.sh @@ -13,7 +13,7 @@ echo "TESTING: AppImage v1 (test/appimage/appimage-v1.exp)" echo "TESTING: AppImage v2 (test/appimage/appimage-v2.exp)" ./appimage-v2.exp -echo "TESTING: AppImage file name (test/appimage/filename.exp)"; +echo "TESTING: AppImage file name (test/appimage/filename.exp)" ./filename.exp echo "TESTING: AppImage argsv1 (test/appimage/appimage-args.exp)" diff --git a/test/apps-x11-xorg/apps-x11-xorg.sh b/test/apps-x11-xorg/apps-x11-xorg.sh index 9ed1239798b..9dcee7aff66 100755 --- a/test/apps-x11-xorg/apps-x11-xorg.sh +++ b/test/apps-x11-xorg/apps-x11-xorg.sh @@ -7,8 +7,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -which firefox 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v firefox then echo "TESTING: firefox x11 xorg" ./firefox.exp @@ -16,8 +15,7 @@ else echo "TESTING SKIP: firefox not found" fi -which transmission-gtk 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v transmission-gtk then echo "TESTING: transmission-gtk x11 xorg" ./transmission-gtk.exp @@ -25,8 +23,7 @@ else echo "TESTING SKIP: transmission-gtk not found" fi -which transmission-qt 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v transmission-qt then echo "TESTING: transmission-qt x11 xorg" ./transmission-qt.exp @@ -34,8 +31,7 @@ else echo "TESTING SKIP: transmission-qt not found" fi -which thunderbird 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v thunderbird then echo "TESTING: thunderbird x11 xorg" ./thunderbird.exp diff --git a/test/apps-x11/apps-x11.sh b/test/apps-x11/apps-x11.sh index a3c946ca4dd..b2722eed3e5 100755 --- a/test/apps-x11/apps-x11.sh +++ b/test/apps-x11/apps-x11.sh @@ -10,49 +10,42 @@ export LC_ALL=C echo "TESTING: no x11 (test/apps-x11/x11-none.exp)" ./x11-none.exp - -which xterm 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v xterm then echo "TESTING: xterm x11 xorg" ./xterm-xorg.exp - which xpra 2>/dev/null - if [ "$?" -eq 0 ]; + if command -v xpra then - echo "TESTING: xterm x11 xpra" - ./xterm-xpra.exp + echo "TESTING: xterm x11 xpra" + ./xterm-xpra.exp fi - which Xephyr 2>/dev/null - if [ "$?" -eq 0 ]; + if command -v Xephyr then - echo "TESTING: xterm x11 xephyr" - ./xterm-xephyr.exp + echo "TESTING: xterm x11 xephyr" + ./xterm-xephyr.exp fi else echo "TESTING SKIP: xterm not found" fi # check xpra/xephyr -which xpra 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v xpra then - echo "xpra found" + echo "xpra found" else - echo "xpra not found" - which Xephyr 2>/dev/null - if [ "$?" -eq 0 ]; + echo "xpra not found" + if command -v Xephyr then - echo "Xephyr found" + echo "Xephyr found" else - echo "TESTING SKIP: xpra and/or Xephyr not found" + echo "TESTING SKIP: xpra and/or Xephyr not found" exit fi fi -which firefox 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v firefox then echo "TESTING: firefox x11" ./firefox.exp @@ -60,8 +53,7 @@ else echo "TESTING SKIP: firefox not found" fi -which chromium 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v chromium then echo "TESTING: chromium x11" ./chromium.exp @@ -69,8 +61,7 @@ else echo "TESTING SKIP: chromium not found" fi -which transmission-gtk 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v transmission-gtk then echo "TESTING: transmission-gtk x11" ./transmission-gtk.exp @@ -78,8 +69,7 @@ else echo "TESTING SKIP: transmission-gtk not found" fi -which thunderbird 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v thunderbird then echo "TESTING: thunderbird x11" ./thunderbird.exp diff --git a/test/apps/apps.sh b/test/apps/apps.sh index 83e977ba0c5..0ef01bf2efa 100755 --- a/test/apps/apps.sh +++ b/test/apps/apps.sh @@ -7,12 +7,10 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -LIST="firefox midori chromium opera transmission-qt qbittorrent uget-gtk filezilla gthumb thunderbird " -LIST+="vlc fbreader deluge gnome-mplayer xchat wine kcalc ktorrent hexchat" +apps=(firefox midori chromium opera transmission-qt qbittorrent uget-gtk filezilla gthumb thunderbird vlc fbreader deluge gnome-mplayer xchat wine kcalc ktorrent hexchat) -for app in $LIST; do - which $app 2>/dev/null - if [ "$?" -eq 0 ]; +for app in "${apps[@]}"; do + if command -v "$app" then echo "TESTING: $app" ./$app.exp diff --git a/test/chroot/chroot.sh b/test/chroot/chroot.sh index 3c3e7311b23..f5ccf3549ba 100755 --- a/test/chroot/chroot.sh +++ b/test/chroot/chroot.sh @@ -17,6 +17,4 @@ echo "TESTING: chroot (test/chroot/fs_chroot.exp)" echo "TESTING: unchroot as root (test/chroot/unchroot-as-root.exp)" sudo ./unchroot-as-root.exp - - rm -f unchroot diff --git a/test/compile/compile.sh b/test/compile/compile.sh index 6b994ba7009..0285c893579 100755 --- a/test/compile/compile.sh +++ b/test/compile/compile.sh @@ -31,7 +31,7 @@ arr[15]="TEST 15: compile private-home disabled" arr[16]="TEST 16: compile disable manpages" arr[17]="TEST 17: disable tmpfs as regular user" arr[18]="TEST 18: disable private home" -arr[18]="TEST 19: enable ids" +arr[19]="TEST 19: enable ids" # remove previous reports and output file cleanup() { @@ -47,23 +47,23 @@ print_title() { echo echo echo "**************************************************" - echo $1 + echo "$1" echo "**************************************************" } DIST="$1" -while [ $# -gt 0 ]; do # Until you run out of parameters . . . - case "$1" in - --clean) - cleanup - exit - ;; - --help) - echo "./compile.sh [--clean|--help]" - exit - ;; - esac - shift # Check next set of parameters. +while [[ $# -gt 0 ]]; do # Until you run out of parameters . . . + case "$1" in + --clean) + cleanup + exit + ;; + --help) + echo "./compile.sh [--clean|--help]" + exit + ;; + esac + shift # Check next set of parameters. done cleanup @@ -76,8 +76,8 @@ cleanup #***************************************************************** print_title "${arr[1]}" echo "$DIST" -tar -xJvf ../../$DIST.tar.xz -mv $DIST firejail +tar -xJvf ../../"$DIST.tar.xz" +mv "$DIST" firejail cd firejail ./configure --prefix=/usr --enable-fatal-warnings 2>&1 | tee ../output-configure @@ -89,7 +89,6 @@ cp output-configure oc1 cp output-make om1 rm output-configure output-make - #***************************************************************** # TEST 2 #***************************************************************** @@ -98,7 +97,7 @@ rm output-configure output-make print_title "${arr[2]}" cd firejail make distclean -./configure --prefix=/usr --disable-dbusproxy --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-dbusproxy --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test2 @@ -115,7 +114,7 @@ rm output-configure output-make print_title "${arr[3]}" cd firejail make distclean -./configure --prefix=/usr --disable-chroot --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-chroot --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test3 @@ -132,7 +131,7 @@ rm output-configure output-make print_title "${arr[4]}" cd firejail make distclean -./configure --prefix=/usr --disable-firetunnel --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-firetunnel --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test4 @@ -149,7 +148,7 @@ rm output-configure output-make print_title "${arr[5]}" cd firejail make distclean -./configure --prefix=/usr --disable-userns --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-userns --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test5 @@ -167,7 +166,7 @@ rm output-configure output-make print_title "${arr[6]}" cd firejail make distclean -./configure --prefix=/usr --disable-network --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-network --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test6 @@ -184,7 +183,7 @@ rm output-configure output-make print_title "${arr[7]}" cd firejail make distclean -./configure --prefix=/usr --disable-x11 --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-x11 --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test7 @@ -218,7 +217,7 @@ rm output-configure output-make print_title "${arr[9]}" cd firejail make distclean -./configure --prefix=/usr --disable-file-transfer --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-file-transfer --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test9 @@ -235,7 +234,7 @@ rm output-configure output-make print_title "${arr[10]}" cd firejail make distclean -./configure --prefix=/usr --disable-whitelist --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-whitelist --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test10 @@ -252,7 +251,7 @@ rm output-configure output-make print_title "${arr[11]}" cd firejail make distclean -./configure --prefix=/usr --disable-globalcfg --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-globalcfg --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test11 @@ -269,7 +268,7 @@ rm output-configure output-make print_title "${arr[12]}" cd firejail make distclean -./configure --prefix=/usr --enable-apparmor --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --enable-apparmor --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test12 @@ -354,7 +353,7 @@ rm output-configure output-make print_title "${arr[17]}" cd firejail make distclean -./configure --prefix=/usr --disable-usertmpfs --enable-fatal-warnings 2>&1 | tee ../output-configure +./configure --prefix=/usr --disable-usertmpfs --enable-fatal-warnings 2>&1 | tee ../output-configure make -j4 2>&1 | tee ../output-make cd .. grep Warning output-configure output-make > ./report-test17 @@ -410,23 +409,23 @@ echo "**********************************************************" wc -l report-test* echo -echo "Legend:" -echo ${arr[1]} -echo ${arr[2]} -echo ${arr[3]} -echo ${arr[4]} -echo ${arr[5]} -echo ${arr[6]} -echo ${arr[7]} -echo ${arr[8]} -echo ${arr[9]} -echo ${arr[10]} -echo ${arr[11]} -echo ${arr[12]} -echo ${arr[13]} -echo ${arr[14]} -echo ${arr[15]} -echo ${arr[16]} -echo ${arr[17]} -echo ${arr[18]} -echo ${arr[19]} +echo "Legend:" +echo "${arr[1]}" +echo "${arr[2]}" +echo "${arr[3]}" +echo "${arr[4]}" +echo "${arr[5]}" +echo "${arr[6]}" +echo "${arr[7]}" +echo "${arr[8]}" +echo "${arr[9]}" +echo "${arr[10]}" +echo "${arr[11]}" +echo "${arr[12]}" +echo "${arr[13]}" +echo "${arr[14]}" +echo "${arr[15]}" +echo "${arr[16]}" +echo "${arr[17]}" +echo "${arr[18]}" +echo "${arr[19]}" diff --git a/test/environment/environment.sh b/test/environment/environment.sh index da9c170b940..c88c91741bc 100755 --- a/test/environment/environment.sh +++ b/test/environment/environment.sh @@ -7,7 +7,6 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C - echo "TESTING: timeout (test/environment/timeout.exp)" ./timeout.exp @@ -39,13 +38,12 @@ echo "TESTING: environment variables (test/environment/env.exp)" echo "TESTING: firejail in firejail - single sandbox (test/environment/firejail-in-firejail.exp)" ./firejail-in-firejail.exp -which aplay 2>/dev/null -if [ "$?" -eq 0 ] && [ "$(aplay -l | grep -c "List of PLAYBACK")" -gt 0 ]; +if command -v aplay && [[ $(aplay -l | grep -c "List of PLAYBACK") -gt 0 ]] then - echo "TESTING: sound (test/environment/sound.exp)" - ./sound.exp + echo "TESTING: sound (test/environment/sound.exp)" + ./sound.exp else - echo "TESTING SKIP: no aplay or sound card found" + echo "TESTING SKIP: no aplay or sound card found" fi echo "TESTING: nice (test/environment/nice.exp)" @@ -54,26 +52,24 @@ echo "TESTING: nice (test/environment/nice.exp)" echo "TESTING: quiet (test/environment/quiet.exp)" ./quiet.exp -which strace 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v strace then - echo "TESTING: --allow-debuggers (test/environment/allow-debuggers.exp)" - ./allow-debuggers.exp + echo "TESTING: --allow-debuggers (test/environment/allow-debuggers.exp)" + ./allow-debuggers.exp else - echo "TESTING SKIP: strace not found" + echo "TESTING SKIP: strace not found" fi # to install ibus: # $ sudo apt-get install ibus-table-array30 # $ ibus-setup -find ~/.config/ibus/bus | grep unix-0 -if [ "$?" -eq 0 ]; +if find ~/.config/ibus/bus | grep unix-0 then echo "TESTING: ibus (test/environment/ibus.exp)" ./ibus.exp else - echo "TESTING SKIP: ibus not configured" + echo "TESTING SKIP: ibus not configured" fi echo "TESTING: rlimit (test/environment/rlimit.exp)" diff --git a/test/environment/output.sh b/test/environment/output.sh index 329cb40c732..ba06f918410 100755 --- a/test/environment/output.sh +++ b/test/environment/output.sh @@ -5,8 +5,8 @@ i="0" -while [ $i -lt 150000 ] +while [[ $i -lt 150000 ]] do - echo message number $i - i=$[$i+1] + echo "message number $i" + i=$((i+1)) done diff --git a/test/fcopy/fcopy.sh b/test/fcopy/fcopy.sh index fca599889f2..72b87d14cfe 100755 --- a/test/fcopy/fcopy.sh +++ b/test/fcopy/fcopy.sh @@ -7,7 +7,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -if [ -f /etc/debian_version ]; then +if [[ -f /etc/debian_version ]]; then libdir=$(dirname "$(dpkg -L firejail | grep fcopy)") export PATH="$PATH:$libdir" fi @@ -29,4 +29,4 @@ echo "TESTING: fcopy directory (test/fcopy/dircopy.exp)" ./dircopy.exp rm -fr dest/* -rm -f src/dircopy.exp \ No newline at end of file +rm -f src/dircopy.exp diff --git a/test/features/test.sh b/test/features/test.sh index b507c6d3773..44677aaa783 100755 --- a/test/features/test.sh +++ b/test/features/test.sh @@ -8,28 +8,25 @@ OVERLAY="overlay" CHROOT="chroot" NETWORK="network" -while [ $# -gt 0 ]; do # Until you run out of parameters . . . - case "$1" in - --nooverlay) - OVERLAY="none" - ;; - --nochroot) - CHROOT="none" - ;; - --nonetwork) - NETWORK="none" - ;; - --help) - echo "./test.sh [--nooverlay|--nochroot|--nonetwork|--help] | grep TESTING" - exit - ;; - esac - shift # Check next set of parameters. +while [[ $# -gt 0 ]]; do # Until you run out of parameters . . . + case "$1" in + --nooverlay) + OVERLAY="none" + ;; + --nochroot) + CHROOT="none" + ;; + --nonetwork) + NETWORK="none" + ;; + --help) + echo "./test.sh [--nooverlay|--nochroot|--nonetwork|--help] | grep TESTING" + exit + ;; + esac + shift # Check next set of parameters. done - - - # # Feature testing # @@ -38,85 +35,85 @@ done # Default features #################### echo "TESTING: 1.1 disable /boot" -./1.1.exp $OVERLAY $CHROOT +./1.1.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.2 new /proc" -./1.2.exp $OVERLAY $CHROOT +./1.2.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.4 mask other users" -./1.4.exp $OVERLAY $CHROOT +./1.4.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.5 PID namespace" -./1.5.exp $OVERLAY $CHROOT +./1.5.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.6 new /var/log" -./1.6.exp $OVERLAY $CHROOT +./1.6.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.7 new /var/tmp" -./1.7.exp $OVERLAY $CHROOT +./1.7.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.8 disable firejail config and run time information" -./1.8.exp $OVERLAY $CHROOT +./1.8.exp "$OVERLAY" "$CHROOT" echo "TESTING: 1.10 disable /selinux" -./1.10.exp $OVERLAY $CHROOT +./1.10.exp "$OVERLAY" "$CHROOT" #################### # networking features #################### -if [ $NETWORK == "network" ] +if [[ $NETWORK == "network" ]] then echo "TESTING: 2.1 hostname" - ./2.1.exp $OVERLAY $CHROOT + ./2.1.exp "$OVERLAY" "$CHROOT" echo "TESTING: 2.2 DNS" - ./2.2.exp $OVERLAY $CHROOT + ./2.2.exp "$OVERLAY" "$CHROOT" echo "TESTING: 2.3 mac-vlan" - ./2.3.exp $OVERLAY $CHROOT + ./2.3.exp "$OVERLAY" "$CHROOT" echo "TESTING: 2.4 bridge" - ./2.4.exp $OVERLAY $CHROOT + ./2.4.exp "$OVERLAY" "$CHROOT" echo "TESTING: 2.5 interface" - ./2.5.exp $OVERLAY $CHROOT + ./2.5.exp "$OVERLAY" "$CHROOT" echo "TESTING: 2.6 Default gateway" - ./2.6.exp $OVERLAY $CHROOT + ./2.6.exp "$OVERLAY" "$CHROOT" fi #################### # filesystem features #################### echo "TESTING: 3.1 private (fails on OpenSUSE)" -./3.1.exp $OVERLAY $CHROOT +./3.1.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.2 read-only" -./3.2.exp $OVERLAY $CHROOT +./3.2.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.3 blacklist" -./3.3.exp $OVERLAY $CHROOT +./3.3.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.4 whitelist home (fails on OpenSUSE)" -./3.4.exp $OVERLAY $CHROOT +./3.4.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.5 private-dev" -./3.5.exp $OVERLAY $CHROOT +./3.5.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.6 private-etc" -./3.6.exp notworking $CHROOT +./3.6.exp notworking "$CHROOT" echo "TESTING: 3.7 private-tmp" -./3.7.exp $OVERLAY $CHROOT +./3.7.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.8 private-bin" ./3.8.exp notworking notworking echo "TESTING: 3.9 whitelist dev" -./3.9.exp $OVERLAY $CHROOT +./3.9.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.10 whitelist tmp" -./3.10.exp $OVERLAY $CHROOT +./3.10.exp "$OVERLAY" "$CHROOT" echo "TESTING: 3.11 mkdir" -./3.11.exp $OVERLAY $CHROOT +./3.11.exp "$OVERLAY" "$CHROOT" diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 04d7080d68d..3b4a6b4923d 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh @@ -7,37 +7,37 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -if [ -f /etc/debian_version ]; then +if [[ -f /etc/debian_version ]]; then libdir=$(dirname "$(dpkg -L firejail | grep fseccomp)") export PATH="$PATH:$libdir" fi export PATH="$PATH:/usr/lib/firejail:/usr/lib64/firejail" -if [ -f /sys/kernel/security/apparmor/profiles ]; then +if [[ -f /sys/kernel/security/apparmor/profiles ]]; then echo "TESTING: apparmor (test/filters/apparmor.exp)" ./apparmor.exp else echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)" fi -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)" - ./memwrexe.exp -elif [ "$(uname -m)" = "i686" ]; then - echo "TESTING: memory-deny-write-execute (test/filters/memwrexe-32.exp)" - ./memwrexe-32.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)" + ./memwrexe.exp +elif [[ $(uname -m) == "i686" ]]; then + echo "TESTING: memory-deny-write-execute (test/filters/memwrexe-32.exp)" + ./memwrexe-32.exp else - echo "TESTING SKIP: memwrexe binary only running on x86_64 and i686." + echo "TESTING SKIP: memwrexe binary only running on x86_64 and i686." fi echo "TESTING: debug options (test/filters/debug.exp)" ./debug.exp -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: seccomp run files (test/filters/seccomp-run-files.exp)" - ./seccomp-run-files.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: seccomp run files (test/filters/seccomp-run-files.exp)" + ./seccomp-run-files.exp else - echo "TESTING SKIP: seccomp-run-files test implemented only for x86_64." + echo "TESTING SKIP: seccomp-run-files test implemented only for x86_64." fi echo "TESTING: seccomp postexec (test/filters/seccomp-postexec.exp)" @@ -61,33 +61,33 @@ echo "TESTING: capabilities join (test/filters/caps-join.exp)" ./caps-join.exp rm -f seccomp-test-file -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: fseccomp (test/filters/fseccomp.exp)" - ./fseccomp.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: fseccomp (test/filters/fseccomp.exp)" + ./fseccomp.exp else - echo "TESTING SKIP: fseccomp test implemented only for x86_64" + echo "TESTING SKIP: fseccomp test implemented only for x86_64" fi rm -f seccomp-test-file -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: protocol (test/filters/protocol.exp)" - ./protocol.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: protocol (test/filters/protocol.exp)" + ./protocol.exp else - echo "TESTING SKIP: protocol, running only on x86_64" + echo "TESTING SKIP: protocol, running only on x86_64" fi echo "TESTING: seccomp bad empty (test/filters/seccomp-bad-empty.exp)" ./seccomp-bad-empty.exp -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: seccomp debug (test/filters/seccomp-debug.exp)" +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: seccomp debug (test/filters/seccomp-debug.exp)" ./seccomp-debug.exp -elif [ "$(uname -m)" = "i686" ]; then - echo "TESTING: seccomp debug (test/filters/seccomp-debug-32.exp)" +elif [[ $(uname -m) == "i686" ]]; then + echo "TESTING: seccomp debug (test/filters/seccomp-debug-32.exp)" ./seccomp-debug-32.exp else - echo "TESTING SKIP: protocol, running only on x86_64 and i686" + echo "TESTING SKIP: protocol, running only on x86_64 and i686" fi echo "TESTING: seccomp errno (test/filters/seccomp-errno.exp)" @@ -96,12 +96,11 @@ echo "TESTING: seccomp errno (test/filters/seccomp-errno.exp)" echo "TESTING: seccomp su (test/filters/seccomp-su.exp)" ./seccomp-su.exp -which strace 2>/dev/null -if [ $? -eq 0 ]; then - echo "TESTING: seccomp ptrace (test/filters/seccomp-ptrace.exp)" - ./seccomp-ptrace.exp +if command -v strace; then + echo "TESTING: seccomp ptrace (test/filters/seccomp-ptrace.exp)" + ./seccomp-ptrace.exp else - echo "TESTING SKIP: ptrace, strace not found" + echo "TESTING SKIP: ptrace, strace not found" fi echo "TESTING: seccomp chmod - seccomp lists (test/filters/seccomp-chmod.exp)" @@ -115,16 +114,16 @@ echo "TESTING: seccomp chmod profile - seccomp lists (test/filters/seccomp-chmod echo "TESTING: seccomp empty (test/filters/seccomp-empty.exp)" ./seccomp-empty.exp -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: seccomp numeric (test/filters/seccomp-numeric.exp)" - ./seccomp-numeric.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: seccomp numeric (test/filters/seccomp-numeric.exp)" + ./seccomp-numeric.exp else - echo "TESTING SKIP: seccomp numeric test implemented only for x86_64" + echo "TESTING SKIP: seccomp numeric test implemented only for x86_64" fi -if [ "$(uname -m)" = "x86_64" ]; then - echo "TESTING: seccomp join (test/filters/seccomp-join.exp)" - ./seccomp-join.exp +if [[ $(uname -m) == "x86_64" ]]; then + echo "TESTING: seccomp join (test/filters/seccomp-join.exp)" + ./seccomp-join.exp else - echo "TESTING SKIP: seccomp join test implemented only for x86_64" + echo "TESTING SKIP: seccomp join test implemented only for x86_64" fi diff --git a/test/fnetfilter/fnetfilter.sh b/test/fnetfilter/fnetfilter.sh index 9ad822753a1..52f9212328f 100755 --- a/test/fnetfilter/fnetfilter.sh +++ b/test/fnetfilter/fnetfilter.sh @@ -7,7 +7,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -if [ -f /etc/debian_version ]; then +if [[ -f /etc/debian_version ]]; then libdir=$(dirname "$(dpkg -L firejail | grep fcopy)") export PATH="$PATH:$libdir" fi diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 36ff3093406..697c86d3df5 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh @@ -34,7 +34,7 @@ rm -f ~/_firejail_test_dir echo "TESTING: /sys/fs access (test/fs/sys_fs.exp)" ./sys_fs.exp -if [ -c /dev/kmsg ]; then +if [[ -c /dev/kmsg ]]; then echo "TESTING: kmsg access (test/fs/kmsg.exp)" ./kmsg.exp else @@ -45,27 +45,27 @@ echo "TESTING: read/write /var/tmp (test/fs/fs_var_tmp.exp)" ./fs_var_tmp.exp rm -f /var/tmp/_firejail_test_file -if [ "$(uname -m)" = "x86_64" ]; then - fjconfig=/etc/firejail/firejail.config - printf 'private-lib yes\n' | sudo tee -a "$fjconfig" >/dev/null - echo "TESTING: private-lib (test/fs/private-lib.exp)" - ./private-lib.exp - printf '%s\n' "$(sed '/^private-lib yes$/d' "$fjconfig")" | - sudo tee "$fjconfig" >/dev/null +if [[ $(uname -m) == "x86_64" ]]; then + fjconfig=/etc/firejail/firejail.config + printf 'private-lib yes\n' | sudo tee -a "$fjconfig" >/dev/null + echo "TESTING: private-lib (test/fs/private-lib.exp)" + ./private-lib.exp + printf '%s\n' "$(sed '/^private-lib yes$/d' "$fjconfig")" | + sudo tee "$fjconfig" >/dev/null else - echo "TESTING SKIP: private-lib test implemented only for x86_64." + echo "TESTING SKIP: private-lib test implemented only for x86_64." fi echo "TESTING: read/write /var/lock (test/fs/fs_var_lock.exp)" ./fs_var_lock.exp rm -f /var/lock/_firejail_test_file -if [ -w /dev/shm ]; then - echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)" - ./fs_dev_shm.exp - rm -f /dev/shm/_firejail_test_file +if [[ -w /dev/shm ]]; then + echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)" + ./fs_dev_shm.exp + rm -f /dev/shm/_firejail_test_file else - echo "TESTING SKIP: /dev/shm not writable" + echo "TESTING SKIP: /dev/shm not writable" fi echo "TESTING: private (test/fs/private.exp)" diff --git a/test/overlay/overlay.sh b/test/overlay/overlay.sh index 490b180e1fa..a0519d1ad64 100755 --- a/test/overlay/overlay.sh +++ b/test/overlay/overlay.sh @@ -22,8 +22,7 @@ rm -fr ~/_firejail_test_* ./fs-tmpfs.exp rm -fr ~/_firejail_test_* -which firefox 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v firefox then echo "TESTING: overlay firefox" ./firefox.exp @@ -31,8 +30,7 @@ else echo "TESTING SKIP: firefox not found" fi -which firefox 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v firefox then echo "TESTING: overlay firefox x11 xorg" ./firefox.exp @@ -40,26 +38,22 @@ else echo "TESTING SKIP: firefox not found" fi - # check xpra/xephyr -which xpra 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v xpra then - echo "xpra found" + echo "xpra found" else - echo "xpra not found" - which Xephyr 2>/dev/null - if [ "$?" -eq 0 ]; + echo "xpra not found" + if command -v Xephyr then - echo "Xephyr found" + echo "Xephyr found" else - echo "TESTING SKIP: xpra and/or Xephyr not found" + echo "TESTING SKIP: xpra and/or Xephyr not found" exit fi fi -which firefox 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v firefox then echo "TESTING: overlay firefox x11" ./firefox-x11.exp diff --git a/test/private-lib/private-lib.sh b/test/private-lib/private-lib.sh index d168c2b1b40..6b7d433c832 100755 --- a/test/private-lib/private-lib.sh +++ b/test/private-lib/private-lib.sh @@ -7,12 +7,10 @@ export MALLOC_CHECK_=3g export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -LIST="gnome-logs gnome-system-log gnome-nettool pavucontrol dig evince whois galculator gnome-calculator gedit leafpad mousepad pluma transmission-gtk xcalc atril gpicview eom eog" +apps=(gnome-logs gnome-system-log gnome-nettool pavucontrol dig evince whois galculator gnome-calculator gedit leafpad mousepad pluma transmission-gtk xcalc atril gpicview eom eog) - -for app in $LIST; do - which $app 2>/dev/null - if [ "$?" -eq 0 ]; +for app in "${apps[@]}"; do + if command -v "$app" then echo "TESTING: private-lib $app" ./$app.exp diff --git a/test/profiles/all-profiles.sh b/test/profiles/all-profiles.sh index cc17b6b00bf..a550afe2361 100755 --- a/test/profiles/all-profiles.sh +++ b/test/profiles/all-profiles.sh @@ -37,11 +37,11 @@ echo "TESTING: profile read-only links (test/profiles/profile_readonly.exp)" echo "TESTING: profile no permissions (test/profiles/profile_noperm.exp)" ./profile_noperm.exp -PROFILES=`ls /etc/firejail/*.profile` +profiles=( /etc/firejail/*.profile ) echo "TESTING: default profiles installed in /etc" -for PROFILE in $PROFILES +for profile in "${profiles[@]}" do - echo "TESTING: $PROFILE" - ./test-profile.exp $PROFILE + echo "TESTING: $profile" + ./test-profile.exp "$profile" done diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh index 8808bc9d2f6..90c88aaf5e7 100755 --- a/test/profiles/profiles.sh +++ b/test/profiles/profiles.sh @@ -37,11 +37,11 @@ echo "TESTING: profile read-only links (test/profiles/profile_readonly.exp)" echo "TESTING: profile no permissions (test/profiles/profile_noperm.exp)" ./profile_noperm.exp -PROFILES=`ls /etc/firejail/transmission*.profile /etc/firejail/fi*.profile /etc/firejail/fl*.profile /etc/firejail/free*.profile` +profiles=( /etc/firejail/transmission*.profile /etc/firejail/fi*.profile /etc/firejail/fl*.profile /etc/firejail/free*.profile ) echo "TESTING: small number of default profiles installed in /etc" -for PROFILE in $PROFILES +for profile in "${profiles[@]}" do - echo "TESTING: $PROFILE" - ./test-profile.exp $PROFILE + echo "TESTING: $profile" + ./test-profile.exp "$profile" done diff --git a/test/root/root.sh b/test/root/root.sh index e8c0ec1ac3a..a39525b6ea7 100755 --- a/test/root/root.sh +++ b/test/root/root.sh @@ -11,8 +11,7 @@ export LC_ALL=C #******************************** # firecfg #******************************** -which less 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v less then echo "TESTING: firecfg (test/root/firecfg.exp)" mv /home/netblue/.local/share/applications /home/netblue/.local/share/applications-store @@ -25,24 +24,24 @@ fi #******************************** # servers #******************************** -if [ -f /etc/init.d/snmpd ] +if [[ -f /etc/init.d/snmpd ]] then echo "TESTING: snmpd (test/root/snmpd.exp)" ./snmpd.exp else - echo "TESTING SKIP: snmpd not found" + echo "TESTING SKIP: snmpd not found" fi -if [ -f /etc/init.d/apache2 ] +if [[ -f /etc/init.d/apache2 ]] then echo "TESTING: apache2 (test/root/apache2.exp)" ./apache2.exp else - echo "TESTING SKIP: apache2 not found" + echo "TESTING SKIP: apache2 not found" fi -if [ -f /etc/init.d/isc-dhcp-server ] +if [[ -f /etc/init.d/isc-dhcp-server ]] then echo "TESTING: isc dhcp server (test/root/isc-dhscp.exp)" ./isc-dhcp.exp @@ -50,20 +49,20 @@ else echo "TESTING SKIP: isc dhcp server not found" fi -if [ -f /etc/init.d/unbound ] +if [[ -f /etc/init.d/unbound ]] then echo "TESTING: unbound (test/root/unbound.exp)" ./unbound.exp else - echo "TESTING SKIP: unbound not found" + echo "TESTING SKIP: unbound not found" fi -if [ -f /etc/init.d/nginx ] +if [[ -f /etc/init.d/nginx ]] then echo "TESTING: nginx (test/root/nginx.exp)" ./nginx.exp else - echo "TESTING SKIP: nginx not found" + echo "TESTING SKIP: nginx not found" fi #******************************** diff --git a/test/stress/stress.sh b/test/stress/stress.sh index 675cb06144e..2b4d8147d0c 100755 --- a/test/stress/stress.sh +++ b/test/stress/stress.sh @@ -14,7 +14,7 @@ mkdir ~/fj-stress-test rm blacklist.profile rm noblacklist.profile rm env.profile -for i in `seq 1 100`; +for i in {1..100} do echo "hello" > ~/fj-stress-test/testfile$i echo "blacklist ~/fj-stress-test/testfile$i" >> blacklist.profile diff --git a/test/sysutils/sysutils.sh b/test/sysutils/sysutils.sh index a903c7c6bb3..bfe7230473d 100755 --- a/test/sysutils/sysutils.sh +++ b/test/sysutils/sysutils.sh @@ -7,8 +7,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -which cpio 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v cpio then echo "TESTING: cpio" ./cpio.exp @@ -16,8 +15,7 @@ else echo "TESTING SKIP: cpio not found" fi -#which strings -#if [ "$?" -eq 0 ]; +#if command -v strings #then # echo "TESTING: strings" # ./strings.exp @@ -25,8 +23,7 @@ fi # echo "TESTING SKIP: strings not found" #fi -which gzip 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v gzip then echo "TESTING: gzip" ./gzip.exp @@ -34,8 +31,7 @@ else echo "TESTING SKIP: gzip not found" fi -which xzdec 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v xzdec then echo "TESTING: xzdec" ./xzdec.exp @@ -43,8 +39,7 @@ else echo "TESTING SKIP: xzdec not found" fi -which xz 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v xz then echo "TESTING: xz" ./xz.exp @@ -52,8 +47,7 @@ else echo "TESTING SKIP: xz not found" fi -which less 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v less then echo "TESTING: less" ./less.exp @@ -61,8 +55,7 @@ else echo "TESTING SKIP: less not found" fi -which file 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v file then echo "TESTING: file" ./file.exp @@ -70,8 +63,7 @@ else echo "TESTING SKIP: file not found" fi -which tar 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v tar then echo "TESTING: tar" ./tar.exp @@ -79,8 +71,7 @@ else echo "TESTING SKIP: tar not found" fi -which ping 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v ping then echo "TESTING: ping" ./ping.exp diff --git a/test/utils/catchsignal.sh b/test/utils/catchsignal.sh index 11717914340..cef00b2a51d 100755 --- a/test/utils/catchsignal.sh +++ b/test/utils/catchsignal.sh @@ -4,20 +4,20 @@ # License GPL v2 _term() { - echo "Caught Signal" - echo 1 - sleep 1 - echo 2 - sleep 1 - echo 3 - sleep 1 - echo 4 - sleep 1 - echo 5 - sleep 1 + echo "Caught Signal" + echo 1 + sleep 1 + echo 2 + sleep 1 + echo 3 + sleep 1 + echo 4 + sleep 1 + echo 5 + sleep 1 - kill $pid - exit + kill $pid + exit } trap _term SIGTERM diff --git a/test/utils/catchsignal2.sh b/test/utils/catchsignal2.sh index 1bd7852cdbf..21f29943013 100755 --- a/test/utils/catchsignal2.sh +++ b/test/utils/catchsignal2.sh @@ -4,42 +4,42 @@ # License GPL v2 _term() { - echo "Caught Signal" - echo 1 - sleep 1 - echo 2 - sleep 1 - echo 3 - sleep 1 - echo 4 - sleep 1 - echo 5 - sleep 1 + echo "Caught Signal" + echo 1 + sleep 1 + echo 2 + sleep 1 + echo 3 + sleep 1 + echo 4 + sleep 1 + echo 5 + sleep 1 - echo 10 - sleep 1 - echo 20 - sleep 1 - echo 30 - sleep 1 - echo 40 - sleep 1 - echo 50 - sleep 1 + echo 10 + sleep 1 + echo 20 + sleep 1 + echo 30 + sleep 1 + echo 40 + sleep 1 + echo 50 + sleep 1 - echo 100 - sleep 1 - echo 200 - sleep 1 - echo 300 - sleep 1 - echo 400 - sleep 1 - echo 500 - sleep 1 + echo 100 + sleep 1 + echo 200 + sleep 1 + echo 300 + sleep 1 + echo 400 + sleep 1 + echo 500 + sleep 1 - kill $pid - exit + kill $pid + exit } trap _term SIGTERM diff --git a/test/utils/utils.sh b/test/utils/utils.sh index 102c8df1775..647cbfb341e 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh @@ -7,7 +7,7 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C -if [ -f /etc/debian_version ]; then +if [[ -f /etc/debian_version ]]; then libdir=$(dirname "$(dpkg -L firejail | grep fcopy)") export PATH="$PATH:$libdir" fi @@ -33,13 +33,12 @@ echo "TESTING: version (test/utils/version.exp)" echo "TESTING: help (test/utils/help.exp)" ./help.exp -which man 2>/dev/null -if [ "$?" -eq 0 ]; +if command -v man then - echo "TESTING: man (test/utils/man.exp)" - ./man.exp + echo "TESTING: man (test/utils/man.exp)" + ./man.exp else - echo "TESTING SKIP: man not found" + echo "TESTING SKIP: man not found" fi echo "TESTING: list (test/utils/list.exp)" @@ -48,12 +47,12 @@ echo "TESTING: list (test/utils/list.exp)" echo "TESTING: tree (test/utils/tree.exp)" ./tree.exp -if [ $(grep -c ^processor /proc/cpuinfo) -gt 1 ]; +if [[ $(grep -c ^processor /proc/cpuinfo) -gt 1 ]] then - echo "TESTING: cpu.print (test/utils/cpu-print.exp)" - ./cpu-print.exp + echo "TESTING: cpu.print (test/utils/cpu-print.exp)" + ./cpu-print.exp else - echo "TESTING SKIP: cpu.print, not enough CPUs" + echo "TESTING SKIP: cpu.print, not enough CPUs" fi echo "TESTING: fs.print (test/utils/fs-print.exp)"