rework make test-compile

test/compile/compile.sh

@@ -12,40 +12,38 @@
 #  --enable-analyzer       enable GCC 10 static analyzer
 
 # shellcheck source=config.sh
+rm -fr firejail
 . "$(dirname "$0")/../../config.sh" || exit 1
 
-arr[1]="TEST 1: standard compilation"
+arr[1]="1: standard compilation"
-arr[2]="TEST 2: compile dbus proxy disabled"
+arr[2]="2: compile --disable-dbusproxy"
-arr[3]="TEST 3: compile chroot disabled"
+arr[3]="3: compile --disable-chroot"
-arr[4]="TEST 4: compile firetunnel disabled"
+arr[4]="4: compile --disable-userns"
-arr[5]="TEST 5: compile user namespace disabled"
+arr[5]="5: compile --disable-network"
-arr[6]="TEST 6: compile network disabled"
+arr[6]="6: compile --disable-x11"
-arr[7]="TEST 7: compile X11 disabled"
+arr[7]="7: compile --enable-selinux"
-arr[8]="TEST 8: compile selinux"
+arr[8]="8: compile --disable-file-transfer"
-arr[9]="TEST 9: compile file transfer disabled"
+arr[9]="9: compile --enable-apparmor"
-arr[10]="TEST 10: compile disable whitelist"
+arr[10]="10: compile --enable-busybox-workaround"
-arr[12]="TEST 12: compile apparmor"
+arr[11]="11: compile --disable-private-home"
-arr[13]="TEST 13: compile busybox"
+arr[12]="12: compile --disable-man"
-arr[15]="TEST 15: compile private-home disabled"
+arr[13]="13: compile --disable-usertmpfs"
-arr[16]="TEST 16: compile disable manpages"
+arr[14]="14: compile --disable-sandbox-check"
-arr[17]="TEST 17: disable tmpfs as regular user"
+arr[15]="15: compile --disable-landlock"
-arr[18]="TEST 18: disable private home"
+arr[16]="16: compile --disable-output"
-
+arr[17]="17: compile --disable-man"
-# remove previous reports and output file
+arr[18]="18: compile --disable-private-lib"
-cleanup() {
+arr[19]="19: compile --disable-suid"
-	rm -f report*
+arr[20]="20: compile --enable-contrib-install"
-	rm -fr firejail
+arr[21]="21: compile --enable-only-syscfg-profiles"
-	rm -f oc* om*
+arr[22]="22: compile --enable-force-nonewprivs"
-	rm -f output-configure
-	rm -f output-make
-}
 
 print_title() {
 	echo
 	echo
 	echo
 	echo "**************************************************"
-	echo "$1"
+	echo "TESTING $1"
 	echo "**************************************************"
 }
 
@@ -53,7 +51,7 @@ DIST="$TARNAME-$VERSION"
 while [[ $# -gt 0 ]]; do    # Until you run out of parameters . . .
 	case "$1" in
 	--clean)
-		cleanup
+		rm -fr firejail
 		exit
 		;;
 	--help)
@@ -64,8 +62,10 @@ while [[ $# -gt 0 ]]; do    # Until you run out of parameters . . .
 	shift       # Check next set of parameters.
 done
 
-cleanup
+rm -fr firejail
-
+echo "$DIST"
+tar -xJvf ../../"$DIST.tar.xz"
+mv "$DIST" firejail
 
 #*****************************************************************
 # TEST 1
@@ -73,21 +73,21 @@ cleanup
 # - checkout source code
 #*****************************************************************
 print_title "${arr[1]}"
-echo "$DIST"
-tar -xJvf ../../"$DIST.tar.xz"
-mv "$DIST" firejail
-
 cd firejail || exit 1
-./configure --prefix=/usr --enable-fatal-warnings \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test1
-grep Error output-configure output-make >> ./report-test1
-cp output-configure oc1
-cp output-make om1
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 2
@@ -96,18 +96,19 @@ rm output-configure output-make
 #*****************************************************************
 print_title "${arr[2]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-dbusproxy \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-dbusproxy 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
 cd ..
-grep Warning output-configure output-make > ./report-test2
-grep Error output-configure output-make >> ./report-test2
-cp output-configure oc2
-cp output-make om2
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 3
@@ -117,37 +118,42 @@ rm output-configure output-make
 print_title "${arr[3]}"
 cd firejail || exit 1
 make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-chroot \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-chroot 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test3
-grep Error output-configure output-make >> ./report-test3
-cp output-configure oc3
-cp output-make om3
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 4
 #*****************************************************************
-# - disable firetunnel configuration
+# - disable user namespace configuration
 #*****************************************************************
 print_title "${arr[4]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-firetunnel \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-userns 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test4
-grep Error output-configure output-make >> ./report-test4
-cp output-configure oc4
-cp output-make om4
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 5
@@ -156,267 +162,396 @@ rm output-configure output-make
 #*****************************************************************
 print_title "${arr[5]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-userns \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-network 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test5
-grep Error output-configure output-make >> ./report-test5
-cp output-configure oc5
-cp output-make om5
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 6
 #*****************************************************************
-# - disable user namespace configuration
+# - disable X11 support
-# - check compilation
 #*****************************************************************
 print_title "${arr[6]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-network \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-x11 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test6
-grep Error output-configure output-make >> ./report-test6
-cp output-configure oc6
-cp output-make om6
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 7
 #*****************************************************************
-# - disable X11 support
+# - enable selinux
 #*****************************************************************
 print_title "${arr[7]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-x11 \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --enable-selinux 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test7
-grep Error output-configure output-make >> ./report-test7
-cp output-configure oc7
-cp output-make om7
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 8
 #*****************************************************************
-# - enable selinux
+# - disable file transfer
 #*****************************************************************
 print_title "${arr[8]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --enable-selinux \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-file-transfer 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test8
-grep Error output-configure output-make >> ./report-test8
-cp output-configure oc8
-cp output-make om8
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 9
 #*****************************************************************
-# - disable file transfer
+# - enable apparmor
 #*****************************************************************
 print_title "${arr[9]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-file-transfer \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --enable-apparmor 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test9
-grep Error output-configure output-make >> ./report-test9
-cp output-configure oc9
-cp output-make om9
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 10
 #*****************************************************************
-# - disable whitelist
+# - enable busybox workaround
 #*****************************************************************
 print_title "${arr[10]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-whitelist \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --enable-busybox-workaround 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
+cd ..
+
+#*****************************************************************
+# TEST 11
+#*****************************************************************
+# - disable private home
+#*****************************************************************
+print_title "${arr[11]}"
+cd firejail || exit 1
+
+./configure --enable-fatal-warnings --disable-private-home 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test10
-grep Error output-configure output-make >> ./report-test10
-cp output-configure oc10
-cp output-make om10
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 12
 #*****************************************************************
-# - enable apparmor
+# - disable manpages
 #*****************************************************************
 print_title "${arr[12]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --enable-apparmor \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-man 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test12
-grep Error output-configure output-make >> ./report-test12
-cp output-configure oc12
-cp output-make om12
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 13
 #*****************************************************************
-# - enable busybox workaround
+# - disable tmpfs as regular user"
 #*****************************************************************
 print_title "${arr[13]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --enable-busybox-workaround \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-usertmpfs 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
+cd ..
+
+#*****************************************************************
+# TEST 14
+#*****************************************************************
+# - disable sandbox check
+#*****************************************************************
+print_title "${arr[14]}"
+cd firejail || exit 1
+
+./configure --enable-fatal-warnings --disable-sandbox-check 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test13
-grep Error output-configure output-make >> ./report-test13
-cp output-configure oc13
-cp output-make om13
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 15
 #*****************************************************************
-# - disable private home
+# - disable landlock
 #*****************************************************************
 print_title "${arr[15]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-private-home \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-landlock 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test15
-grep Error output-configure output-make >> ./report-test15
-cp output-configure oc15
-cp output-make om15
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 16
 #*****************************************************************
-# - disable manpages
+# - disable --output logging
 #*****************************************************************
 print_title "${arr[16]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-man \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-output 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
 cd ..
-grep Warning output-configure output-make > ./report-test16
-grep Error output-configure output-make >> ./report-test16
-cp output-configure oc16
-cp output-make om16
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 17
 #*****************************************************************
-# - disable tmpfs as regular user"
+# - disable man pages
 #*****************************************************************
 print_title "${arr[17]}"
 cd firejail || exit 1
-make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-usertmpfs \
-  2>&1 | tee ../output-configure
 
-make -j "$(nproc)" 2>&1 | tee ../output-make
+./configure --enable-fatal-warnings --disable-man 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
 cd ..
-grep Warning output-configure output-make > ./report-test17
-grep Error output-configure output-make >> ./report-test17
-cp output-configure oc17
-cp output-make om17
-rm output-configure output-make
 
 #*****************************************************************
 # TEST 18
 #*****************************************************************
-# - disable private home feature
+# - disable private-lib
 #*****************************************************************
 print_title "${arr[18]}"
 cd firejail || exit 1
+
+./configure --enable-fatal-warnings --disable-private-lib 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
 make distclean
-./configure --prefix=/usr --enable-fatal-warnings \
-  --disable-private-home \
-  2>&1 | tee ../output-configure
-
-make -j "$(nproc)" 2>&1 | tee ../output-make
 cd ..
-grep Warning output-configure output-make > ./report-test18
-grep Error output-configure output-make >> ./report-test18
-cp output-configure oc18
-cp output-make om18
-rm output-configure output-make
 
 #*****************************************************************
-# PRINT REPORTS
+# TEST 19
 #*****************************************************************
-echo
+# - disable suid
-echo
+#*****************************************************************
-echo
+print_title "${arr[19]}"
-echo
+cd firejail || exit 1
-echo "**********************************************************"
-echo "TEST RESULTS"
-echo "**********************************************************"
 
-wc -l report-test*
+./configure --enable-fatal-warnings --disable-suid 2>&1 | tee output
-echo
+if grep -E '(WARNING|ERROR)' output; then
-echo "Legend:"
+    echo "TESTING ERROR";
-echo "${arr[1]}"
+    exit 1
-echo "${arr[2]}"
+fi
-echo "${arr[3]}"
+
-echo "${arr[4]}"
+make -j4 2>&1 | tee output
-echo "${arr[5]}"
+if grep -E -i 'error:' output; then
-echo "${arr[6]}"
+    echo "TESTING ERROR";
-echo "${arr[7]}"
+    exit 1
-echo "${arr[8]}"
+fi
-echo "${arr[9]}"
+make distclean
-echo "${arr[10]}"
+cd ..
-echo "${arr[12]}"
+
-echo "${arr[13]}"
+#*****************************************************************
-echo "${arr[15]}"
+# TEST 20
-echo "${arr[16]}"
+#*****************************************************************
-echo "${arr[17]}"
+# - enable contrib install
-echo "${arr[18]}"
+#*****************************************************************
+print_title "${arr[20]}"
+cd firejail || exit 1
+
+./configure --enable-fatal-warnings --enable-contrib-install 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
+cd ..
+
+#*****************************************************************
+# TEST 21
+#*****************************************************************
+# --enable-only-syscfg-profile
+#*****************************************************************
+print_title "${arr[21]}"
+cd firejail || exit 1
+
+./configure --enable-fatal-warnings --enable-only-syscfg-profiles 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
+cd ..
+
+#*****************************************************************
+# TEST 22
+#*****************************************************************
+# - enable force nonewprivs
+#*****************************************************************
+print_title "${arr[22]}"
+cd firejail || exit 1
+
+./configure --enable-fatal-warnings  --enable-force-nonewprivs 2>&1 | tee output
+if grep -E '(WARNING|ERROR)' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+
+make -j4 2>&1 | tee output
+if grep -E -i 'error:' output; then
+    echo "TESTING ERROR";
+    exit 1
+fi
+make distclean
+cd ..
+
+
+#*****************************************************************
+# cleanup
+#*****************************************************************
+rm -fr firejail