gcov test coverage update

Makefile

@@ -199,6 +199,7 @@ clean:
 	$(RM) -r ./$(TARNAME)-$(VERSION) ./$(TARNAME)-$(VERSION).tar.xz
 	$(RM) ./$(TARNAME)*.deb
 	$(RM) ./$(TARNAME)*.rpm
+	$(RM) -fr gcov-dir
 
 .PHONY: distclean
 distclean: clean

gcov.sh

@@ -4,59 +4,105 @@
 # License GPL v2
 
 # GCOV test setup
-# required: sudo, lcov (apt-get install lcov)
+# required: sudo, gcov (apt-get install gcovr)
-# setup: modify ./configure line below if necessary
+# Compile and install
+#    $ ./configure --prefix=/usr --enable-apparmor --enable-gcov
+#    $ make
+#    $ sudo make install
 # run as regular user: ./gcov.sh
 # result in gcov-dir/index.html
 
 gcov_generate() {
-	USER="$(whoami)"
+    rm -fr gcov-dir
-	find . -exec sudo chown "$USER:$USER" '{}' +
+    sleep 1
-	lcov -q --capture \
+    mkdir gcov-dir
-		-d src/firejail -d src/lib -d src/firecfg -d src/firemon \
+    USER="$(whoami)"
-		-d src/fnet -d src/fnetfilter -d src/fcopy \
+    find . -exec sudo chown "$USER:$USER" '{}' +
-		-d src/fseccomp --output-file gcov-file
+    sleep 1
-
+    gcovr --html-nested gcov-dir/index.html \
-	genhtml -q gcov-file --output-directory gcov-dir
+	  src/firejail src/firemon src/firecfg src/jailcheck \
+	  src/etc-cleanup \
+	  src/fbuilder \
+	  src/fbwrap \
+	  src/fcopy \
+	  src/fnet \
+	  src/fnetfilter \
+	  src/fnetlock \
+	  src/fnettrace \
+	  src/fnettrace-dns \
+	  src/fnettrace-icmp \
+	  src/fnettrace-sni \
+	  src/fseccomp \
+	  src/fsec-optimize \
+	  src/fsec-print \
+	  src/ftee \
+	  src/fzenity \
+	  src/lib \
+	  src/profstats
 }
 
-make distclean &&
+# --help - main programs
-./configure --prefix=/usr --enable-fatal-warnings \
+/usr/bin/firejail --help
-  --enable-apparmor --enable-gcov &&
+/usr/bin/firemon --help
-make -j "$(nproc)" &&
+/usr/bin/firecfg --help
-sudo make install
+/usr/bin/jailcheck --help
-
-rm -fr gcov-dir gcov-file
-make installcheck
 gcov_generate
 
-make test-firecfg | grep TESTING
+# --help -secondary programs
+/usr/lib/firejail/etc-cleanup --help
+/usr/lib/firejail/fbuilder --help
+/usr/lib/firejail/fbwrap --help
+/usr/lib/firejail/fcopy --help
+/usr/lib/firejail/fnet --help
+/usr/lib/firejail/fnetfilter --help
+/usr/lib/firejail/fnetlock --help
+/usr/lib/firejail/fnettrace --help
+/usr/lib/firejail/fnettrace-dns --help
+/usr/lib/firejail/fnettrace-icmp --help
+/usr/lib/firejail/fnettrace-sni --help
+/usr/lib/firejail/fseccomp --help
+/usr/lib/firejail/fseccomp-optimize --help
+/usr/lib/firejail/fseccomp-print --help
+/usr/lib/firejail/ftee --help
+/usr/lib/firejail/fzenity --help
+/usr/lib/firejail/profstats --help
 gcov_generate
-make test-capabilities | grep TESTING
+
+# test-main: .github/workflows/test.yml#L50
+make test-seccomp-extra
+make test-firecfg
+make test-capabilities
+make test-apparmor
+make test-appimage
+make test-chroot
+make test-fcopy
 gcov_generate
-make test-seccomp-extra | grep TESTING
+
+# test-fs: .github/workflows/test.yml#L99
+make test-private-etc
 gcov_generate
-make test-apparmor | grep TESTING
+make test-fs
 gcov_generate
-make test-network | grep TESTING
+
+# test-environment: .github/workflows/test.yml#L139
+make test-environment
 gcov_generate
-make test-appimage | grep TESTING
+make test-profiles
 gcov_generate
-make test-chroot | grep TESTING
+
+# test-utils: .github/workflows/test.yml#L179
+make test-utils
 gcov_generate
-make test-sysutils | grep TESTING
+
+# test-network: .github/workflows/test.yml#L221
+make test-fnetfilter
+make test-sysutils
 gcov_generate
-make test-private-etc | grep TESTING
+make test-network
-gcov_generate
-make test-profiles | grep TESTING
-gcov_generate
-make test-fcopy | grep TESTING
-gcov_generate
-make test-fnetfilter | grep TESTING
-gcov_generate
-make test-fs | grep TESTING
-gcov_generate
-make test-utils | grep TESTING
-gcov_generate
-make test-environment | grep TESTING
 gcov_generate
+
+
+
+
+
+

linecnt.sh

@@ -1,31 +1,56 @@
+# This script counts the number of lines of code throughout the
+# project. We let gcc determine what is executable and what is not.
+#
+# Install gcov (Debian)
+#     $ sudo apt install gcovr
+# Clean firejail directory
+#     $ cd firejail
+#     $ make distclean
+# Enable gcov instrumentation
+#     $ ./configure --enable-gcov --enable-apparmor
+#     $ make
+# Don't install the new firejail, just run this script
+#     $ ./linecnt.sh
+#     firejail       13321
+#     firemon        1143
+#     firecfg        624
+#     jailcheck      448
+#     -------------------------------
+#     fbuilder       712
+#     fbwrap         62
+#     fcopy          299
+#     fnet           615
+#     fnetfilter     89
+#     fnetlock       229
+#     fnettrace      803
+#     fnettrace-dns  113
+#     fnettrace-icmp 95
+#     fnettrace-sni  109
+#     fsec-optimize  116
+#     fsec-print     205
+#     ftee           135
+#     fzenity        122
+#     lib            975
+
 #!/bin/bash
-# This file is part of Firejail project
-# Copyright (C) 2014-2026 Firejail Authors
-# License GPL v2
 
-gcov_init() {
+printf "firejail       " && gcovr src/firejail 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	USER="$(whoami)"
+printf "firemon        " && gcovr src/firemon 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	firejail --help > /dev/null
+printf "firecfg        " && gcovr src/firecfg 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	firemon --help > /dev/null
+printf "jailcheck      " && gcovr src/jailcheck 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fnet --help > /dev/null
+echo "-------------------------------"
-	/usr/lib/firejail/fseccomp --help > /dev/null
+printf "fbuilder       " && gcovr src/fbuilder 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/ftee --help > /dev/null
+printf "fbwrap         " && gcovr src/fbwrap 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fcopy --help > /dev/null
+printf "fcopy          " && gcovr src/fcopy 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fldd --help > /dev/null
+printf "fnet           " && gcovr src/fnet 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	firecfg --help > /dev/null
+printf "fnetfilter     " && gcovr src/fnetfilter 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-
+printf "fnetlock       " && gcovr src/fnetlock 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fnetfilter --help > /dev/null
+printf "fnettrace      " && gcovr src/fnettrace 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fsec-print --help > /dev/null
+printf "fnettrace-dns  " && gcovr src/fnettrace-dns 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fsec-optimize --help > /dev/null
+printf "fnettrace-icmp " && gcovr src/fnettrace-icmp 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/faudit --help > /dev/null
+printf "fnettrace-sni  " && gcovr src/fnettrace-sni 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	/usr/lib/firejail/fbuilder --help > /dev/null
+printf "fsec-optimize  " && gcovr src/fsec-optimize 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-
+printf "fsec-print     " && gcovr src/fsec-print 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-	find . -exec sudo chown "$USER:$USER" '{}' +
+printf "ftee           " && gcovr src/ftee 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-}
+printf "fzenity        " && gcovr src/fzenity 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-
+printf "lib            " && gcovr src/lib 2>/dev/null | grep TOTAL | awk '{print msg $2}'
-rm -fr gcov-dir
-gcov_init
-lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder \
-	-d src/fcopy -d src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp \
-	-d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file
-genhtml -q gcov-file --output-directory gcov-dir

test/private-etc/hostname.exp

@@ -82,14 +82,14 @@ expect {
 sleep 1
 
 # ping test
-send --  "firejail --hostname=foo --private-etc ping -c 3 foo\r"
+send --  "firejail --noprofile --hostname=foo --private-etc ping -c 3 foo\r"
 expect {
 	timeout {puts "TESTING ERROR 6\n";exit}
 	"3 packets transmitted, 3 received"
 }
 sleep 1
 
-send --  "firejail --hosts-file=hosts-file --private-etc ping -c 3 blablabla\r"
+send --  "firejail --noprofile --hosts-file=hosts-file --private-etc ping -c 3 blablabla\r"
 expect {
 	timeout {puts "TESTING ERROR 7\n";exit}
 	"3 packets transmitted, 3 received"