fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added test scrpt and a mockup of zenity

Browse Source
This commit is contained in:
BritishTeapot 2025-03-18 09:48:05 +01:00
parent a65d37f3bc
commit 64abb1ed52
2 changed files with 62 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
test/mock/zenity Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
# fake-zenity: script that mocks the behavior of zenity based on the ./.fake-zenity-response file
if [[ $1 == "--set-fake-response" ]]; then
#someone knows we are fake :)
echo $2 >~/.fake_zenity_response
else
if [ -f ~/.fake_zenity_response ]; then
FAKE_ZENITY_RESPONSE=$(cat ~/.fake_zenity_response)
if [[ $FAKE_ZENITY_RESPONSE == "yes_tmp" ]]; then
printf "Allow this time\n"
exit 1
elif [[ $FAKE_ZENITY_RESPONSE == "no" ]]; then
exit 1
elif [[ $FAKE_ZENITY_RESPONSE == "yes" ]]; then
exit 0
fi
fi
fi
exit -1 # TODO: call actual zenity here

73
test/test.bash
View File

@ -2,8 +2,14 @@
# clean what was left from previous tests # clean what was left from previous tests
rm ./protected/first ./protected/second rm -rf ./protected
touch ./protected/this-only ./protected/do-not-remove ./protected/should-be-removed mkdir protected
touch ./protected/do-not-remove ./protected/should-be-removed
echo "Free code, free world." >./protected/this-only
# set up the fake-zenity
PATH="$(realpath ./mock/):$PATH"
# mount the filesystem # mount the filesystem
@ -12,40 +18,36 @@ valgrind -s ../build/icfs -o default_permissions ./protected &
sleep 1 sleep 1
# set up the fake-zenity
#export PATH="$(realpath ./mock/):$PATH"
# Try to touch files in the directory # Try to touch files in the directory
#echo \"manual\" >./protected/manual #echo \"manual\" >./protected/manual
#export FAKE_ZENITY_RESPONSE="0" zenity --set-fake-response no
parallel ::: "echo \"first\" >./protected/first 2> /dev/null \ echo "first" >./protected/first 2>/dev/null &&
&& echo \"[ICFS-TEST]: echo can create protected/first despite access being denied!\" \ echo "[ICFS-TEST]: echo can create protected/first despite access being denied!" ||
|| echo \"[ICFS-TEST]: OK\"" \ echo "[ICFS-TEST]: OK" # EACCESS
"sleep 0.7 && xdotool key Escape" # EACCESS
parallel ::: "echo \"second\" >./protected/second 2> /dev/null \ zenity --set-fake-response yes_tmp
&& echo \"[ICFS-TEST]: OK\" \ echo "second" >./protected/second 2>/dev/null &&
|| echo \"[ICFS-TEST]: echo cannot create protected/second despite access being permitted!\"" \ echo "[ICFS-TEST]: OK" ||
"sleep 0.7 && xdotool key KP_Enter" # OK echo "[ICFS-TEST]: echo cannot create protected/second despite access being permitted!" # OK
# Test whether permissons work # Test whether permissons work
parallel ::: "cat ./protected/first > /dev/null 2> /dev/null \ zenity --set-fake-response yes_tmp
&& echo \"[ICFS-TEST]: cat can read a non-existant file ./protected/first!\" \ cat ./protected/first >/dev/null 2>/dev/null &&
|| echo \"[ICFS-TEST]: OK\"" # ENOENT echo "[ICFS-TEST]: cat can read a non-existant file ./protected/first!" ||
echo "[ICFS-TEST]: OK" # ENOENT
parallel ::: "cat ./protected/second > /dev/null 2> /dev/null \ zenity --set-fake-response yes_tmp
&& echo \"[ICFS-TEST]: OK\" \ cat ./protected/second >/dev/null 2>/dev/null &&
|| echo \"[ICFS-TEST]: cat cannot open protected/second despite access being permitted!\"" \ echo "[ICFS-TEST]: OK" ||
"sleep 0.7 && xdotool key KP_Enter" # "second" echo "[ICFS-TEST]: cat cannot open protected/second despite access being permitted!" # "second"
parallel ::: "cat ./protected/this-only > /dev/null 2> /dev/null \ zenity --set-fake-response yes_tmp
&& echo \"[ICFS-TEST]: OK\" \ cat ./protected/this-only >/dev/null 2>/dev/null &&
|| echo \"[ICFS-TEST]: echo cannot create protected/second despite access being permitted!\"" \ echo "[ICFS-TEST]: OK" ||
"sleep 0.7 && xdotool key KP_Enter" # "Free code, free world." echo "[ICFS-TEST]: echo cannot create protected/second despite access being permitted!" # "Free code, free world."
#parallel ::: "cat ./protected/sudo-only > /dev/null 2> /dev/null \ #parallel ::: "cat ./protected/sudo-only > /dev/null 2> /dev/null \
# && echo \"[ICFS-TEST]: cat can access files owned by root!\" \ # && echo \"[ICFS-TEST]: cat can access files owned by root!\" \
@ -53,16 +55,19 @@ parallel ::: "cat ./protected/this-only > /dev/null 2> /dev/null \
# test the removal # test the removal
parallel ::: "rm ./protected/do-not-remove > /dev/null 2> /dev/null \ zenity --set-fake-response no
&& echo \"[ICFS-TEST]: rm can unlink protected/do-not-remove despite access being denied!\" \ rm ./protected/do-not-remove >/dev/null 2>/dev/null &&
|| echo \"[ICFS-TEST]: OK\"" \ echo "[ICFS-TEST]: rm can unlink protected/do-not-remove despite access being denied!" ||
"sleep 0.7 && xdotool key Escape" # EACCESS echo "[ICFS-TEST]: OK" # EACCESS
parallel ::: "rm ./protected/should-be-removed > /dev/null 2> /dev/null \ zenity --set-fake-response yes_tmp
&& echo \"[ICFS-TEST]: OK\" \ rm ./protected/should-be-removed >/dev/null 2>/dev/null &&
|| echo \"[ICFS-TEST]: rm cannot unlink protected/should-be-removed despite access being permitted!\"" \ echo "[ICFS-TEST]: OK" ||
"sleep 0.7 && xdotool key KP_Enter" # OK echo "[ICFS-TEST]: rm cannot unlink protected/should-be-removed despite access being permitted!" # OK
# unmount # unmount
sleep 0.5
#lsof +f -- $(realpath ./protected)
umount $(realpath ./protected) umount $(realpath ./protected)
sleep 0.5