testing

Makefile.in

@@ -174,7 +174,7 @@ test-compile: dist
  cd test/compile; ./compile.sh $(NAME)-$(VERSION)
 
 test-root:
- cd test/root; su -c ./start.sh
+ cd test/root; su -c ./root.sh | grep TESTING
 
 .PHONY: rpms
 rpms:

src/firejail/fs_bin.c

@@ -247,6 +247,9 @@ void fs_private_bin_list(void) {
  duplicate(ptr);
  free(dlist); 
  fs_logger_print();
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
  // wait for the child to finish

src/firejail/fs_etc.c

@@ -171,6 +171,9 @@ void fs_private_etc_list(void) {
  duplicate(ptr);
  free(dlist); 
  fs_logger_print();
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
  // wait for the child to finish

src/firejail/fs_mkdir.c

@@ -81,6 +81,9 @@ void fs_mkdir(const char *name) {
 
  // create directory
  mkdir_recursive(expanded);
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
  // wait for the child to finish
@@ -126,6 +129,9 @@ void fs_mkfile(const char *name) {
  (void) rv;
  fclose(fp);
  }
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
  // wait for the child to finish

src/firejail/ls.c

@@ -358,6 +358,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
  // copy the file
  if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600))
  _exit(1);
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 
@@ -381,6 +384,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
  // copy the file
  if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600))
  _exit(1);
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 
@@ -423,6 +429,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
  // copy the file
  if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600))
  _exit(1);
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 
@@ -452,6 +461,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
  // copy the file
  if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600))
  _exit(1);
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 

src/firejail/main.c

@@ -2461,6 +2461,9 @@ int main(int argc, char **argv) {
  network_main(child);
  if (arg_debug)
  printf("Host network configured\n"); 
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0); 
  }
 

src/firejail/x11.c

@@ -692,6 +692,9 @@ void x11_xorg(void) {
  execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", tmpfname,
  "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); 
 
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 

src/firemon/interface.c

@@ -146,6 +146,9 @@ static void print_sandbox(pid_t pid) {
  return;
  net_ifprint();
  printf("\n");
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
  _exit(0);
  }
 

src/firemon/procevent.c

@@ -192,6 +192,10 @@ static int procevent_monitor(const int sock, pid_t mypid) {
  tv.tv_usec = 0;
 
  while (1) {
+#ifdef HAVE_GCOV
+ __gcov_flush();
+#endif
+
 #define BUFFSIZE 4096 
  char __attribute__ ((aligned(NLMSG_ALIGNTO)))buf[BUFFSIZE];
 

test/fs/fs.sh

@@ -8,6 +8,15 @@ export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 
 rm -fr ~/_firejail_test_*
 echo "TESTING: mkdir/mkfile (test/fs/mkdir_mkfile.exp)"
+./mkdir_mkfile.exp
+rm -fr ~/_firejail_test_*
+
+mkdir ~/_firejail_test_dir
+touch ~/_firejail_test_dir/a
+mkdir ~/_firejail_test_dir/test1
+touch ~/_firejail_test_dir/test1/b
+echo "TESTING: read/write (test/fs/read-write.exp)"
+./read-write.exp
 rm -fr ~/_firejail_test_*
 
 echo "TESTING: /sys/fs access (test/fs/sys_fs.exp)"

test/fs/read-write.exp

@@ -0,0 +1,49 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+send -- "firejail --read-only=~/_firejail_test_dir --read-write=~/_firejail_test_dir/test1\r"
+expect {
+ timeout {puts "TESTING ERROR 0\n";exit}
+ "Child process initialized"
+}
+sleep 1
+
+send -- "echo mytest >~/_firejail_test_dir/a;echo done\r"
+expect {
+ timeout {puts "TESTING ERROR 1\n";exit}
+ "done"
+}
+
+send -- "echo mytest >~/_firejail_test_dir/test1/b;echo done\r"
+expect {
+ timeout {puts "TESTING ERROR 2\n";exit}
+ "done"
+}
+
+send -- "cat ~/_firejail_test_dir/a;echo done\r"
+expect {
+ timeout {puts "TESTING ERROR 3\n";exit}
+ "mytest" {puts "TESTING ERROR 4\n";exit}
+ "done"
+}
+
+
+send -- "cat ~/_firejail_test_dir/test1/b;echo done\r"
+expect {
+ timeout {puts "TESTING ERROR 5\n";exit}
+ "mytest"
+}
+expect {
+ timeout {puts "TESTING ERROR 6\n";exit}
+ "done"
+}
+
+after 100
+puts "\nall done\n"

test/root/firemon-events.exp

@@ -0,0 +1,72 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+# start firemon
+set firemon_id $spawn_id
+send -- "firemon\r"
+sleep 1
+
+# start firejail
+spawn $env(SHELL)
+set firejail_id $spawn_id
+send -- "firejail\r"
+expect {
+ timeout {puts "TESTING ERROR 0\n";exit}
+ "Child process initialized"
+}
+
+# get messages on firemon
+set spawn_id $firemon_id
+expect {
+ timeout {puts "TESTING ERROR 1\n";exit}
+ "exec"
+}
+expect {
+ timeout {puts "TESTING ERROR 2\n";exit}
+ "/bin/bash -c /bin/bash"
+}
+expect {
+ timeout {puts "TESTING ERROR 3\n";exit}
+ "exec"
+}
+expect {
+ timeout {puts "TESTING ERROR 4\n";exit}
+ "/bin/bash"
+}
+expect {
+ timeout {puts "TESTING ERROR 5\n";exit}
+ "fork"
+}
+expect {
+ timeout {puts "TESTING ERROR 6\n";exit}
+ "child"
+}
+expect {
+ timeout {puts "TESTING ERROR 7\n";exit}
+ "/bin/bash"
+}
+after 100
+
+# exit firejail
+set spawn_id $firejail_id
+send -- "exit\r"
+sleep 1
+
+# get messages on firemon
+set spawn_id $firemon_id
+expect {
+ timeout {puts "TESTING ERROR 8\n";exit}
+ "exit"
+}
+
+expect {
+ timeout {puts "TESTING ERROR 9\n";exit}
+ "EXIT SANDBOX"
+}
+
+
+puts "\nall done\n"
+