From 6b7d77c41e9c7c91b8ccf55cbd97eeaf5dbfec67 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 21 Jan 2026 15:48:06 -0500 Subject: [PATCH] testing --tmpfs as root and regular user --- test/fs/fs.sh | 6 ++++++ test/fs/tmpfs-root.exp | 46 ++++++++++++++++++++++++++++++++++++++++++ test/fs/tmpfs.exp | 36 +++++++++++++++++++++++++++++++++ test/fs/tmpfs.profile | 1 + 4 files changed, 89 insertions(+) create mode 100755 test/fs/tmpfs-root.exp create mode 100755 test/fs/tmpfs.exp create mode 100644 test/fs/tmpfs.profile diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 3fa3e1404..9d3f6e196 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh @@ -10,6 +10,12 @@ export LC_ALL=C # These directories are required by some tests: mkdir -p ~/Desktop ~/Documents ~/Downloads ~/Music ~/Pictures ~/Videos +echo "TESTING: tmpfs as regular user (test/fs/tmpfs.exp)" +./tmpfs.exp + +echo "TESTING: tmpfs as rooot (test/fs/tmpfs-root.exp)" +sudo ./tmpfs-root.exp + echo "TESTING: tab completion (test/fs/tab.exp)" ./tab.exp diff --git a/test/fs/tmpfs-root.exp b/test/fs/tmpfs-root.exp new file mode 100755 index 000000000..a2f7e4c22 --- /dev/null +++ b/test/fs/tmpfs-root.exp @@ -0,0 +1,46 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2026 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --tmpfs=/var\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + -re "you are not allowed to mount a tmpfs" {puts "TESTING ERROR 2\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +after 500 + +send -- "ls /var/tmp\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + -re "cannot access" +} +after 100 + +send -- "exit\r" +after 500 + +send -- "firejail --profile=./tmpfs.profile\r" +expect { + timeout {puts "TESTING ERROR 4\n";exit} + -re "you are not allowed to mount a tmpfs" {puts "TESTING ERROR 5\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +after 500 + +send -- "ls /var/tmp\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + -re "cannot access" +} +after 100 + +send -- "exit\r" +after 100 + +puts "\nall done\n" diff --git a/test/fs/tmpfs.exp b/test/fs/tmpfs.exp new file mode 100755 index 000000000..85d686d0d --- /dev/null +++ b/test/fs/tmpfs.exp @@ -0,0 +1,36 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2026 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --tmpfs=/var\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + -re "you are not allowed to mount a tmpfs" +} +expect { + timeout {puts "TESTING ERROR 2\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +after 500 +send -- "exit\r" +after 500 + +send -- "firejail --profile=./tmpfs.profile\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + -re "you are not allowed to mount a tmpfs" +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +after 500 +send -- "exit\r" +after 100 + +puts "\nall done\n" diff --git a/test/fs/tmpfs.profile b/test/fs/tmpfs.profile new file mode 100644 index 000000000..55a6f7ebc --- /dev/null +++ b/test/fs/tmpfs.profile @@ -0,0 +1 @@ +tmpfs /var