testing

README

@@ -15,6 +15,12 @@ License: GPL v2
 Firejail Authors:
 
 netblue30 (netblue30@yahoo.com)
+Peter Millerchip (https://github.com/pmillerchip)
+	- memory allocation fix
+	- --private.keep to --private-home transition
+	- support for files and directories starting with ~ in blacklist option
+	- support for files and directories with spaces in blacklist option
+	- lots of other fixes
 Patrick Toomey (http://sourceforge.net/u/ptoomey/profile/)
 	- user namespace implementation
 Reiner Herrmann - a number of build patches, man page fixes, Debian integration
@@ -27,10 +33,6 @@ G4JC (http://sourceforge.net/u/gaming4jc/profile/)
 dewbasaur (https://github.com/dewbasaur)
 	- block access to history files
 	- Firefox PDF.js exploit (CVE-2015-4495) fixes
-Peter Millerchip (https://github.com/pmillerchip)
-	- memory allocation fix
-	- --private.keep to --private-home transition
-	- lots of other fixes
 Michael Haas (https://github.com/mhaas)
 	- bugfixes
 mjudtmann (https://github.com/mjudtmann)

test/blacklist.exp

@@ -0,0 +1,76 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+# directory with ~
+send -- "firejail --blacklist=~/.config\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al ~/.config\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"cannot open directory"
+}
+
+send -- "exit\r"
+sleep 1
+
+# directory with ~ in profile file
+send -- "firejail --profile=blacklist1.profile\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al ~/.config\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"cannot open directory"
+}
+
+send -- "exit\r"
+sleep 1
+
+
+# directory with space
+send -- "firejail \"--blacklist=dir with space\"\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al \"dir with space\"\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	"cannot open directory"
+}
+
+send -- "exit\r"
+sleep 1
+
+# directory with space in profile
+send -- "firejail --profile=blacklist2.profile\r"
+expect {
+	timeout {puts "TESTING ERROR 7\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al \"dir with space\"\r"
+expect {
+	timeout {puts "TESTING ERROR 8\n";exit}
+	"cannot open directory"
+}
+
+
+
+puts "\n"
+

test/blacklist1.profile

@@ -0,0 +1 @@
+blacklist ~/.config

test/blacklist2.profile

@@ -0,0 +1 @@
+blacklist dir with space

test/private-etc.exp

@@ -0,0 +1,46 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+# directory with ~
+send -- "firejail --private-etc=passwd,group,resolv.conf,bash_completion.d,timezone\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al /etc\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"bash_completion.d"
+}
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"group"
+}
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"passwd"
+}
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"resolv.conf"
+}
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	"timezone"
+}
+
+send -- "ls -al /etc\r"
+expect {
+	timeout {puts "TESTING ERROR 7\n";exit}
+	"shadow" {puts "TESTING ERROR 8\n";exit}
+	"timezone"
+}
+
+sleep 1
+puts "\n"
+

test/test.sh

@@ -4,6 +4,14 @@
 
 ./fscheck.sh
 
+echo "TESTING: private-etc"
+./private-etc.exp
+
+mkdir dir\ with\ space
+echo "TESTING: blacklist"
+./blacklist.exp
+rm -fr dir\ with\ space
+
 echo "TESTING: version"
 ./option_version.exp