github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

testing

Browse source
This commit is contained in:
netblue30 2026-01-16 08:28:49 -05:00
parent b32f72dff8
commit 096c99664f
38 changed files with 166 additions and 2481 deletions
Download patch file Download diff file Expand all files Collapse all files

41
Makefile
View file

@ -335,8 +335,6 @@ DISTFILES = \
DISTFILES_TEST = \
test/Makefile \
test/apps \
test/apps-x11 \
test/apps-x11-xorg \
test/capabilities \
test/compile \
test/environment \
@ -420,7 +418,7 @@ sort-profiles: $(PROFILES_INC) $(PROFILES_PRO)
# make test
#
TESTS=profiles capabilities apps apps-x11 apps-x11-xorg sysutils utils environment filters fs fcopy fnettrace fnetfilter private-etc seccomp-extra
TESTS=profiles capabilities apps sysutils utils environment filters fs fcopy fnettrace fnetfilter private-etc seccomp-extra
TEST_TARGETS=$(patsubst %,test-%,$(TESTS))
$(TEST_TARGETS):
@ -435,42 +433,5 @@ lab-setup:; uname -r; ldd --version | grep GLIBC; pwd; whoami; ip addr show; cat
test: lab-setup test-profiles test-fcopy test-fnettrace test-fnetfilter test-fs test-private-etc test-utils test-sysutils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-seccomp-extra
echo "TEST COMPLETE"
# not included in "make dist" and "make test"
.PHONY: test-appimage
test-appimage:
$(MAKE) -C test $(subst test-,,$@)
# using sudo; not included in "make dist" and "make test"
.PHONY: test-chroot
test-chroot:
$(MAKE) -C test $(subst test-,,$@)
# using sudo; not included in "make dist" and "make test"
.PHONY: test-network
test-network:
$(MAKE) -C test $(subst test-,,$@)
# using sudo; not included in "make dist" and "make test"
.PHONY: test-apparmor
test-apparmor:
$(MAKE) -C test $(subst test-,,$@)
# using sudo; not included in "make dist" and "make test"
.PHONY: test-firecfg
test-firecfg:
$(MAKE) -C test $(subst test-,,$@)
##########################################
# Individual tests, some of them require root access
# The tests are very intrusive, by the time you are done
# with them you will need to restart your computer.
##########################################
# private-lib is disabled by default in /etc/firejail/firejail.config
.PHONY: test-private-lib
test-private-lib:
$(MAKE) -C test $(subst test-,,$@)
# Root access, network devices are created before the test
# restart your computer to get rid of these devices
# For testing hidepid system, the command to set it up is "mount -o remount,rw,hidepid=2 /proc"

40
test/apps-x11-xorg/apps-x11-xorg.sh
View file

@ -1,40 +0,0 @@
#!/bin/bash
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
export LC_ALL=C
if command -v firefox
then
echo "TESTING: firefox x11 xorg"
./firefox.exp
else
echo "TESTING SKIP: firefox not found"
fi
if command -v transmission-gtk
then
echo "TESTING: transmission-gtk x11 xorg"
./transmission-gtk.exp
else
echo "TESTING SKIP: transmission-gtk not found"
fi
if command -v transmission-qt
then
echo "TESTING: transmission-qt x11 xorg"
./transmission-qt.exp
else
echo "TESTING SKIP: transmission-qt not found"
fi
if command -v thunderbird
then
echo "TESTING: thunderbird x11 xorg"
./thunderbird.exp
else
echo "TESTING SKIP: thunderbird not found"
fi

90
test/apps-x11-xorg/firefox.exp
View file

@ -1,90 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xorg --ignore=net --ignore=netfilter --ignore=iprange firefox -no-remote www.gentoo.org\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"firefox" {puts "firefox detected\n";}
"iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 3.2\n";exit}
"no-remote"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp --wrap\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps --wrap\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

85
test/apps-x11-xorg/thunderbird.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xorg --ignore=net --ignore=netfilter --ignore=iprange thunderbird\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"thunderbird"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp --wrap\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"thunderbird"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 2
send -- "firemon --caps --wrap\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"thunderbird"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

85
test/apps-x11-xorg/transmission-gtk.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xorg --ignore=net --ignore=netfilter --ignore=iprange transmission-gtk\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"transmission-gtk"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp --wrap\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"transmission-gtk"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps --wrap\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"transmission-gtk"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

85
test/apps-x11-xorg/transmission-qt.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xorg --ignore=net --ignore=netfilter --ignore=iprange transmission-qt\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"transmission-qt"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp --wrap\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"transmission-qt"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps --wrap\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"transmission-qt"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

78
test/apps-x11/apps-x11.sh
View file

@ -1,78 +0,0 @@
#!/bin/bash
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
export LC_ALL=C
echo "TESTING: no x11 (test/apps-x11/x11-none.exp)"
./x11-none.exp
if command -v xterm
then
echo "TESTING: xterm x11 xorg"
./xterm-xorg.exp
if command -v xpra
then
echo "TESTING: xterm x11 xpra"
./xterm-xpra.exp
fi
if command -v Xephyr
then
echo "TESTING: xterm x11 xephyr"
./xterm-xephyr.exp
fi
else
echo "TESTING SKIP: xterm not found"
fi
# check xpra/xephyr
if command -v xpra
then
echo "xpra found"
else
echo "xpra not found"
if command -v Xephyr
then
echo "Xephyr found"
else
echo "TESTING SKIP: xpra and/or Xephyr not found"
exit
fi
fi
if command -v firefox
then
echo "TESTING: firefox x11"
./firefox.exp
else
echo "TESTING SKIP: firefox not found"
fi
if command -v chromium
then
echo "TESTING: chromium x11"
./chromium.exp
else
echo "TESTING SKIP: chromium not found"
fi
if command -v transmission-gtk
then
echo "TESTING: transmission-gtk x11"
./transmission-gtk.exp
else
echo "TESTING SKIP: transmission-gtk not found"
fi
if command -v thunderbird
then
echo "TESTING: thunderbird x11"
./thunderbird.exp
else
echo "TESTING SKIP: thunderbird not found"
fi

85
test/apps-x11/chromium.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11 chromium www.gentoo.org\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"chromium"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"chromium"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"Seccomp: 0"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"chromium"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"00240000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

90
test/apps-x11/firefox.exp
View file

@ -1,90 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11 firefox -no-remote www.gentoo.org\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"firefox" {puts "firefox detected\n";}
"iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 3.2\n";exit}
"no-remote"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

85
test/apps-x11/thunderbird.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11 thunderbird\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"thunderbird"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"thunderbird"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 2
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"thunderbird"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

85
test/apps-x11/transmission-gtk.exp
View file

@ -1,85 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11 transmission-gtk\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"transmission-gtk"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"transmission-gtk"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"transmission-gtk"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

97
test/apps-x11/xterm-xpra.exp
View file

@ -1,97 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xpra xterm\r"
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"xterm"
}
sleep 1
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"xterm"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"xterm"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firemon --x11\r"
expect {
timeout {puts "TESTING ERROR 7\n";exit}
"name=test xterm"
}
expect {
timeout {puts "TESTING ERROR 7.1\n";exit}
"DISPLAY"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
puts "\nall done\n"

8
test/apps/apps.sh
View file

@ -7,14 +7,16 @@ export MALLOC_CHECK_=3
export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
export LC_ALL=C
apps=(firefox midori chromium opera transmission-qt qbittorrent uget-gtk filezilla gthumb thunderbird vlc fbreader deluge gnome-mplayer xchat wine kcalc ktorrent hexchat)
apps=(dsdfasdf firefox qbittorrent firefox-xephyr galculator lowriter firefox-xorg \
x11-none xterm-xorg xterm-xephyr)
for app in "${apps[@]}"; do
if command -v "$app"
if file -v "$app".exp
then
echo "TESTING: $app"
./$app.exp
./"$app".exp
else
echo "TESTING SKIP: $app not found"
fi
sleep 1
done

83
test/apps/chromium.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail chromium www.gentoo.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/chromium.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"chromium"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail chromium"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"Seccomp: 0"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail chromium"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"00240000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"

83
test/apps/deluge.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail deluge\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/deluge.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"deluge"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail deluge"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail deluge"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"

83
test/apps/fbreader.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail fbreader\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/fbreader.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"fbreader"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail fbreader"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail fbreader"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/filezilla.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail filezilla\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/filezilla.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"filezilla"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail filezilla"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail filezilla"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

45
test/apps-x11/x11-xephyr.exp → test/apps/firefox-xephyr.exp
View file

@ -7,52 +7,43 @@ set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xephyr xterm\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
exit
sleep 5
send -- "firejail --name=firefox-test --xephyr-screen=1024x768 --private --x11 firefox --no-remote www.debian.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"use network namespace in firejail"
"Reading profile /etc/firejail/firefox.profile"
}
sleep 1
send -- "firejail --name=test --net=none --x11=none\r"
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 1
sleep 5
send -- "ls -al /tmp/.X11-unix\r"
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"cannot open directory"
"firejail"
}
after 100
send -- "xterm\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"DISPLAY is not set"
"firefox"
}
after 100
send -- "export DISPLAY=:0.0\r"
after 100
send -- "xterm\r"
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"Xt error"
"firefox"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"Seccomp: 2"
}
after 100
send -- "firejail --shutdown=firefox-test\r"
sleep 3
puts "\nall done\n"

45
test/apps/firefox-xorg.exp Executable file
View file

@ -0,0 +1,45 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --private --x11=xorg firefox --no-remote www.debian.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/firefox.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"firejail"
}
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"firefox"
}
after 100
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"firefox"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"Seccomp: 2"
}
after 100
puts "\nall done\n"

80
test/apps/firefox.exp
View file

@ -7,7 +7,7 @@ set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail firefox -no-remote www.gentoo.org\r"
send -- "firejail --private firefox --no-remote www.debian.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/firefox.profile"
@ -16,84 +16,30 @@ expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 10
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"firejail"
}
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"firefox" {puts "firefox detected\n";}
"iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 3.2\n";exit}
"no-remote"
"firefox"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"firefox"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 5.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
" firefox" {puts "firefox detected\n";}
" iceweasel" {puts "iceweasel detected\n";}
}
expect {
timeout {puts "TESTING ERROR 6.0\n";exit}
"no-remote"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
sleep 1
puts "\n"
puts "\nall done\n"

45
test/apps/galculator.exp Executable file
View file

@ -0,0 +1,45 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --private galculator\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/galculator.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"firejail"
}
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"galculator"
}
after 100
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"galculator"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"Seccomp: 2"
}
after 100
puts "\nall done\n"

83
test/apps/gnome-mplayer.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail gnome-mplayer\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/gnome-mplayer.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"gnome-mplayer"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail gnome-mplayer"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail gnome-mplayer"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/gthumb.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail gthumb\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/gthumb.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"gthumb"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail gthumb"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail gthumb"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/hexchat.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail hexchat\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/hexchat.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"hexchat"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail hexchat"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail hexchat"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/kcalc.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail kcalc\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/kcalc.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"kcalc"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail kcalc"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail kcalc"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/ktorrent.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail ktorrent\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/ktorrent.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"ktorrent"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail ktorrent"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail ktorrent"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

23
test/apps/wine.exp → test/apps/lowriter.exp
View file

@ -7,26 +7,39 @@ set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail wine --help\r"
send -- "firejail lowriter\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/wine.profile"
"Reading profile /etc/firejail/lowriter.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 2\n";exit}
"Usage: wine PROGRAM"
"firejail"
}
expect {
timeout {puts "TESTING ERROR 3\n";exit}
"wine --version"
"lowriter"
}
after 100
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"Parent is shutting down, bye..."
"lowriter"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"Seccomp: 2"
}
after 100
puts "\nall done\n"

84
test/apps/midori.exp
View file

@ -1,84 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail midori www.gentoo.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/midori.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"midori"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail midori"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail midori"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3n";exit}
"name=blablabla"
}
after 100
puts "\n"

83
test/apps/opera.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail opera www.gentoo.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/opera.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"opera"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail opera"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"Seccomp: 0"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail opera"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"fffffffff"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"

56
test/apps/qbittorrent.exp
View file

@ -7,7 +7,7 @@ set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail qbittorrent\r"
send -- "firejail --private qbittorrent\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/qbittorrent.profile"
@ -16,68 +16,30 @@ expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
timeout {puts "TESTING ERROR 2\n";exit}
"firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
timeout {puts "TESTING ERROR 3\n";exit}
"qbittorrent"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
"qbittorrent"
}
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail qbittorrent"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail qbittorrent"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"

83
test/apps/thunderbird.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail thunderbird\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/thunderbird.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"thunderbird"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail thunderbird"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail thunderbird"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/transmission-qt.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --ignore=quiet transmission-qt\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/transmission-qt.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"transmission-qt"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail --ignore=quiet transmission-qt"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail --ignore=quiet transmission-qt"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/uget-gtk.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail uget-gtk\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/uget-gtk.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"uget-gtk"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail uget-gtk"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail uget-gtk"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

83
test/apps/vlc.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail vlc\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/vlc.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"vlc"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail vlc"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail vlc"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\nall done\n"

2
test/apps-x11/x11-none.exp → test/apps/x11-none.exp
View file

@ -10,7 +10,7 @@ match_max 100000
send -- "firejail --name=test --x11=none\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"use network namespace in firejail"
"Additional setup required"
}
sleep 1

83
test/apps/xchat.exp
View file

@ -1,83 +0,0 @@
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail xchat\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/xchat.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 3
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"xchat"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
" xchat"
}
expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
" xchat"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"

35
test/apps-x11/xterm-xephyr.exp → test/apps/xterm-xephyr.exp
View file

@ -7,8 +7,8 @@ set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xephyr xterm\r"
sleep 10
send -- "firejail --name=test --x11 xterm\r"
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
@ -20,24 +20,8 @@ expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"xterm"
}
sleep 1
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
@ -52,11 +36,8 @@ expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
@ -74,12 +55,8 @@ expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
after 100
puts "\nall done\n"

33
test/apps-x11/xterm-xorg.exp → test/apps/xterm-xorg.exp
View file

@ -8,7 +8,7 @@ spawn $env(SHELL)
match_max 100000
send -- "firejail --name=test --x11=xorg xterm\r"
sleep 10
sleep 5
spawn $env(SHELL)
send -- "firejail --list\r"
@ -20,24 +20,8 @@ expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"xterm"
}
sleep 1
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
@ -52,11 +36,8 @@ expect {
timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
"Seccomp: 2"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
sleep 1
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
@ -74,12 +55,8 @@ expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"0000000000000000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
sleep 1
send -- "firejail --shutdown=test\r"
sleep 3
after 100
puts "\nall done\n"