1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
#!/usr/bin/expect -f
# This file is part of Firejail project
# Copyright (C) 2014-2025 Firejail Authors
# License GPL v2
set timeout 10
spawn $env(SHELL)
match_max 100000
send -- "firejail chromium www.gentoo.org\r"
expect {
timeout {puts "TESTING ERROR 0\n";exit}
"Reading profile /etc/firejail/chromium.profile"
}
expect {
timeout {puts "TESTING ERROR 1\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 10
spawn $env(SHELL)
send -- "firejail --list\r"
expect {
timeout {puts "TESTING ERROR 3\n";exit}
":firejail"
}
expect {
timeout {puts "TESTING ERROR 3.1\n";exit}
"chromium"
}
after 100
# grsecurity exit
send -- "file /proc/sys/kernel/grsecurity\r"
expect {
timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
"cannot open" {puts "grsecurity not present\n"}
}
send -- "firejail --name=blablabla\r"
expect {
timeout {puts "TESTING ERROR 4\n";exit}
-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
}
sleep 2
spawn $env(SHELL)
send -- "firemon --seccomp\r"
expect {
timeout {puts "TESTING ERROR 5\n";exit}
"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
":firejail chromium"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"Seccomp: 0"
}
expect {
timeout {puts "TESTING ERROR 5.1\n";exit}
"name=blablabla"
}
after 100
send -- "firemon --caps\r"
expect {
timeout {puts "TESTING ERROR 6\n";exit}
":firejail chromium"
}
expect {
timeout {puts "TESTING ERROR 6.1\n";exit}
"CapBnd:"
}
expect {
timeout {puts "TESTING ERROR 6.2\n";exit}
"00240000"
}
expect {
timeout {puts "TESTING ERROR 6.3\n";exit}
"name=blablabla"
}
after 100
puts "\n"
|
