github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

gcov test coverage update

Browse source
This commit is contained in:
netblue30 2026-01-14 10:48:48 -05:00
parent f3b2d2927d
commit 65ca515ff8
4 changed files with 142 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Makefile
View file

@ -199,6 +199,7 @@ clean:
$(RM) -r ./$(TARNAME)-$(VERSION) ./$(TARNAME)-$(VERSION).tar.xz
$(RM) ./$(TARNAME)*.deb
$(RM) ./$(TARNAME)*.rpm
$(RM) -fr gcov-dir
.PHONY: distclean
distclean: clean

120
gcov.sh
View file

@ -4,59 +4,105 @@
# License GPL v2
# GCOV test setup
# required: sudo, lcov (apt-get install lcov)
# setup: modify ./configure line below if necessary
# required: sudo, gcov (apt-get install gcovr)
# Compile and install
# $ ./configure --prefix=/usr --enable-apparmor --enable-gcov
# $ make
# $ sudo make install
# run as regular user: ./gcov.sh
# result in gcov-dir/index.html
gcov_generate() {
rm -fr gcov-dir
sleep 1
mkdir gcov-dir
USER="$(whoami)"
find . -exec sudo chown "$USER:$USER" '{}' +
lcov -q --capture \
-d src/firejail -d src/lib -d src/firecfg -d src/firemon \
-d src/fnet -d src/fnetfilter -d src/fcopy \
-d src/fseccomp --output-file gcov-file
genhtml -q gcov-file --output-directory gcov-dir
sleep 1
gcovr --html-nested gcov-dir/index.html \
src/firejail src/firemon src/firecfg src/jailcheck \
src/etc-cleanup \
src/fbuilder \
src/fbwrap \
src/fcopy \
src/fnet \
src/fnetfilter \
src/fnetlock \
src/fnettrace \
src/fnettrace-dns \
src/fnettrace-icmp \
src/fnettrace-sni \
src/fseccomp \
src/fsec-optimize \
src/fsec-print \
src/ftee \
src/fzenity \
src/lib \
src/profstats
}
make distclean &&
./configure --prefix=/usr --enable-fatal-warnings \
--enable-apparmor --enable-gcov &&
make -j "$(nproc)" &&
sudo make install
rm -fr gcov-dir gcov-file
make installcheck
# --help - main programs
/usr/bin/firejail --help
/usr/bin/firemon --help
/usr/bin/firecfg --help
/usr/bin/jailcheck --help
gcov_generate
make test-firecfg | grep TESTING
# --help -secondary programs
/usr/lib/firejail/etc-cleanup --help
/usr/lib/firejail/fbuilder --help
/usr/lib/firejail/fbwrap --help
/usr/lib/firejail/fcopy --help
/usr/lib/firejail/fnet --help
/usr/lib/firejail/fnetfilter --help
/usr/lib/firejail/fnetlock --help
/usr/lib/firejail/fnettrace --help
/usr/lib/firejail/fnettrace-dns --help
/usr/lib/firejail/fnettrace-icmp --help
/usr/lib/firejail/fnettrace-sni --help
/usr/lib/firejail/fseccomp --help
/usr/lib/firejail/fseccomp-optimize --help
/usr/lib/firejail/fseccomp-print --help
/usr/lib/firejail/ftee --help
/usr/lib/firejail/fzenity --help
/usr/lib/firejail/profstats --help
gcov_generate
make test-capabilities | grep TESTING
# test-main: .github/workflows/test.yml#L50
make test-seccomp-extra
make test-firecfg
make test-capabilities
make test-apparmor
make test-appimage
make test-chroot
make test-fcopy
gcov_generate
make test-seccomp-extra | grep TESTING
# test-fs: .github/workflows/test.yml#L99
make test-private-etc
gcov_generate
make test-apparmor | grep TESTING
make test-fs
gcov_generate
make test-network | grep TESTING
# test-environment: .github/workflows/test.yml#L139
make test-environment
gcov_generate
make test-appimage | grep TESTING
make test-profiles
gcov_generate
make test-chroot | grep TESTING
# test-utils: .github/workflows/test.yml#L179
make test-utils
gcov_generate
make test-sysutils | grep TESTING
# test-network: .github/workflows/test.yml#L221
make test-fnetfilter
make test-sysutils
gcov_generate
make test-private-etc | grep TESTING
gcov_generate
make test-profiles | grep TESTING
gcov_generate
make test-fcopy | grep TESTING
gcov_generate
make test-fnetfilter | grep TESTING
gcov_generate
make test-fs | grep TESTING
gcov_generate
make test-utils | grep TESTING
gcov_generate
make test-environment | grep TESTING
make test-network
gcov_generate

83
linecnt.sh
View file

@ -1,31 +1,56 @@
# This script counts the number of lines of code throughout the
# project. We let gcc determine what is executable and what is not.
#
# Install gcov (Debian)
# $ sudo apt install gcovr
# Clean firejail directory
# $ cd firejail
# $ make distclean
# Enable gcov instrumentation
# $ ./configure --enable-gcov --enable-apparmor
# $ make
# Don't install the new firejail, just run this script
# $ ./linecnt.sh
# firejail 13321
# firemon 1143
# firecfg 624
# jailcheck 448
# -------------------------------
# fbuilder 712
# fbwrap 62
# fcopy 299
# fnet 615
# fnetfilter 89
# fnetlock 229
# fnettrace 803
# fnettrace-dns 113
# fnettrace-icmp 95
# fnettrace-sni 109
# fsec-optimize 116
# fsec-print 205
# ftee 135
# fzenity 122
# lib 975
#!/bin/bash
# This file is part of Firejail project
# Copyright (C) 2014-2026 Firejail Authors
# License GPL v2
gcov_init() {
USER="$(whoami)"
firejail --help > /dev/null
firemon --help > /dev/null
/usr/lib/firejail/fnet --help > /dev/null
/usr/lib/firejail/fseccomp --help > /dev/null
/usr/lib/firejail/ftee --help > /dev/null
/usr/lib/firejail/fcopy --help > /dev/null
/usr/lib/firejail/fldd --help > /dev/null
firecfg --help > /dev/null
/usr/lib/firejail/fnetfilter --help > /dev/null
/usr/lib/firejail/fsec-print --help > /dev/null
/usr/lib/firejail/fsec-optimize --help > /dev/null
/usr/lib/firejail/faudit --help > /dev/null
/usr/lib/firejail/fbuilder --help > /dev/null
find . -exec sudo chown "$USER:$USER" '{}' +
}
rm -fr gcov-dir
gcov_init
lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder \
-d src/fcopy -d src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp \
-d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file
genhtml -q gcov-file --output-directory gcov-dir
printf "firejail " && gcovr src/firejail 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "firemon " && gcovr src/firemon 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "firecfg " && gcovr src/firecfg 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "jailcheck " && gcovr src/jailcheck 2>/dev/null | grep TOTAL | awk '{print msg $2}'
echo "-------------------------------"
printf "fbuilder " && gcovr src/fbuilder 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fbwrap " && gcovr src/fbwrap 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fcopy " && gcovr src/fcopy 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnet " && gcovr src/fnet 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnetfilter " && gcovr src/fnetfilter 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnetlock " && gcovr src/fnetlock 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnettrace " && gcovr src/fnettrace 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnettrace-dns " && gcovr src/fnettrace-dns 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnettrace-icmp " && gcovr src/fnettrace-icmp 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fnettrace-sni " && gcovr src/fnettrace-sni 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fsec-optimize " && gcovr src/fsec-optimize 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fsec-print " && gcovr src/fsec-print 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "ftee " && gcovr src/ftee 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "fzenity " && gcovr src/fzenity 2>/dev/null | grep TOTAL | awk '{print msg $2}'
printf "lib " && gcovr src/lib 2>/dev/null | grep TOTAL | awk '{print msg $2}'

4
test/private-etc/hostname.exp
View file

@ -82,14 +82,14 @@ expect {
sleep 1
# ping test
send -- "firejail --hostname=foo --private-etc ping -c 3 foo\r"
send -- "firejail --noprofile --hostname=foo --private-etc ping -c 3 foo\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
"3 packets transmitted, 3 received"
}
sleep 1
send -- "firejail --hosts-file=hosts-file --private-etc ping -c 3 blablabla\r"
send -- "firejail --noprofile --hosts-file=hosts-file --private-etc ping -c 3 blablabla\r"
expect {
timeout {puts "TESTING ERROR 7\n";exit}
"3 packets transmitted, 3 received"