hidepid part 5

2026-05-21 06:45:29 -06:00 · 2016-11-11 12:52:05 -05:00 · 2016-11-11 12:52:05 -05:00 · bb5b4077e6
commit bb5b4077e6
parent cffa48d80c
33 changed files with 38 additions and 6 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -251,3 +251,4 @@ test-root:
 test-overlay:
 	cd test/overlay; ./overlay.sh | grep TESTING

+# mount -o remount,rw,hidepid=2 /proc
--- a/test/apps-x11-xorg/firefox.exp
+++ b/test/apps-x11-xorg/firefox.exp
@ -44,6 +44,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	" firefox" {puts "firefox detected\n";}
 	" iceweasel" {puts "iceweasel detected\n";}
 }
--- a/test/apps-x11-xorg/icedove.exp
+++ b/test/apps-x11-xorg/icedove.exp
@ -41,6 +41,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps-x11-xorg/transmission-gtk.exp
+++ b/test/apps-x11-xorg/transmission-gtk.exp
@ -41,6 +41,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps-x11/chromium.exp
+++ b/test/apps-x11/chromium.exp
@ -40,6 +40,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps-x11/firefox.exp
+++ b/test/apps-x11/firefox.exp
@ -44,6 +44,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	" firefox" {puts "firefox detected\n";}
 	" iceweasel" {puts "iceweasel detected\n";}
 }
--- a/test/apps-x11/icedove.exp
+++ b/test/apps-x11/icedove.exp
@ -41,6 +41,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps-x11/transmission-gtk.exp
+++ b/test/apps-x11/transmission-gtk.exp
@ -41,6 +41,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps-x11/xterm.exp
+++ b/test/apps-x11/xterm.exp
@ -41,6 +41,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail"
 }
 expect {
--- a/test/apps/chromium.exp
+++ b/test/apps/chromium.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail chromium"
 }
 expect {
--- a/test/apps/deluge.exp
+++ b/test/apps/deluge.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail deluge"
 }
 expect {
--- a/test/apps/evince.exp
+++ b/test/apps/evince.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail evince"
 }
 expect {
--- a/test/apps/fbreader.exp
+++ b/test/apps/fbreader.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail fbreader"
 }
 expect {
--- a/test/apps/filezilla.exp
+++ b/test/apps/filezilla.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail filezilla"
 }
 expect {
--- a/test/apps/firefox.exp
+++ b/test/apps/firefox.exp
@ -55,6 +55,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	" firefox" {puts "firefox detected\n";}
 	" iceweasel" {puts "iceweasel detected\n";}
 }
--- a/test/apps/gnome-mplayer.exp
+++ b/test/apps/gnome-mplayer.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail gnome-mplayer"
 }
 expect {
--- a/test/apps/gthumb.exp
+++ b/test/apps/gthumb.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail gthumb"
 }
 expect {
--- a/test/apps/hexchat.exp
+++ b/test/apps/hexchat.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	"hexchat"
 }
 expect {
--- a/test/apps/icedove.exp
+++ b/test/apps/icedove.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail icedove"
 }
 expect {
--- a/test/apps/midori.exp
+++ b/test/apps/midori.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail midori"
 }
 expect {
--- a/test/apps/opera.exp
+++ b/test/apps/opera.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail opera"
 }
 expect {
--- a/test/apps/qbittorrent.exp
+++ b/test/apps/qbittorrent.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail qbittorrent"
 }
 expect {
--- a/test/apps/transmission-gtk.exp
+++ b/test/apps/transmission-gtk.exp
@ -44,6 +44,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail transmission-gtk"
 }
 expect {
--- a/test/apps/transmission-qt.exp
+++ b/test/apps/transmission-qt.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail transmission-qt"
 }
 expect {
--- a/test/apps/uget-gtk.exp
+++ b/test/apps/uget-gtk.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail uget-gtk"
 }
 expect {
--- a/test/apps/vlc.exp
+++ b/test/apps/vlc.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	":firejail vlc"
 }
 expect {
--- a/test/apps/xchat.exp
+++ b/test/apps/xchat.exp
@ -49,6 +49,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
 	" xchat"
 }
 expect {
--- a/test/utils/firemon-caps.exp
+++ b/test/utils/firemon-caps.exp
@ -66,6 +66,7 @@ spawn $env(SHELL)
 send -- "firemon --caps\r"
 expect {
 	timeout {puts "TESTING ERROR 8.1\n";exit}
+	"need to be root" {puts "TESTING SKIP: /proc mounted as hidepid\n"; exit}
 	"bingo1"
 }
 expect {
--- a/test/utils/firemon-cgroup.exp
+++ b/test/utils/firemon-cgroup.exp
@ -27,6 +27,7 @@ send --  "firemon --cgroup\r"
 sleep 4
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
+	"need to be root" {puts "TESTING SKIP: /proc mounted as hidepid\n"; exit}
 	"name=test1"
 }
 expect {
--- a/test/utils/firemon-cpu.exp
+++ b/test/utils/firemon-cpu.exp
@ -27,6 +27,7 @@ send --  "firemon --cpu\r"
 sleep 4
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
+	"need to be root" {puts "TESTING SKIP: /proc mounted as hidepid\n"; exit}
 	"name=test1"
 }
 expect {
--- a/test/utils/firemon-seccomp.exp
+++ b/test/utils/firemon-seccomp.exp
@ -29,6 +29,7 @@ spawn $env(SHELL)
 send -- "firemon --seccomp\r"
 expect {
 	timeout {puts "TESTING ERROR 1\n";exit}
+	"need to be root" {puts "TESTING SKIP: /proc mounted as hidepid\n"; exit}
 	"bingo1"
 }
 expect {
--- a/test/utils/utils.sh
+++ b/test/utils/utils.sh
@ -82,18 +82,18 @@ rm -f index.html*
 ./trace.exp
 rm -f index.html*

-echo "TESTING: firemon --seccomp (test/utils/seccomp.exp)"
-./seccomp.exp
-
-echo "TESTING: firemon --caps (test/utils/caps.exp)"
-./caps.exp
-
 echo "TESTING: top (test/utils/top.exp)"
 ./top.exp

 echo "TESTING: file transfer (test/utils/ls.exp)"
 ./ls.exp

+echo "TESTING: firemon --seccomp (test/utils/firemon-seccomp.exp)"
+./firemon-seccomp.exp
+
+echo "TESTING: firemon --caps (test/utils/firemon-caps.exp)"
+./firemon-caps.exp
+
 echo "TESTING: firemon cpu (test/utils/firemon-cpu.exp)"
 ./firemon-cpu.exp

--- a/1
+++ b/1
@ -284,5 +284,6 @@ removable media, partitions, software RAID volumes, logical volumes, and files.
    free(dbus_path);
 }

+29. grsecurity - move test after "firejail --name=blablabla" in /test/apps*