GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #243 from konstruktoid/missing_audit

Browse source 
supress grep is auditd rules is missing
This commit is contained in:
Thomas Sjögren 2017-04-21 14:24:45 +02:00 committed by GitHub
commit 0be551b31f
1 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
tests/1_host_configuration.sh
View file

@ -50,10 +50,10 @@ if command -v auditctl >/dev/null 2>&1; then
else else
warn "$check_1_5" warn "$check_1_5"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_5" pass "$check_1_5"
else else
warn "$check_1_5" warn "$check_1_5"
fi fi
# 1.6 # 1.6
@ -66,7 +66,7 @@ if [ -d "$directory" ]; then
else else
warn "$check_1_6" warn "$check_1_6"
fi fi
elif grep "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_6" pass "$check_1_6"
else else
warn "$check_1_6" warn "$check_1_6"
@ -86,7 +86,7 @@ if [ -d "$directory" ]; then
else else
warn "$check_1_7" warn "$check_1_7"
fi fi
elif grep "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_7" pass "$check_1_7"
else else
warn "$check_1_7" warn "$check_1_7"
@ -106,7 +106,7 @@ if [ -f "$file" ]; then
else else
warn "$check_1_8" warn "$check_1_8"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_8" pass "$check_1_8"
else else
warn "$check_1_8" warn "$check_1_8"
@ -126,7 +126,7 @@ if [ -e "$file" ]; then
else else
warn "$check_1_9" warn "$check_1_9"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_9" pass "$check_1_9"
else else
warn "$check_1_9" warn "$check_1_9"
@ -146,7 +146,7 @@ if [ -f "$file" ]; then
else else
warn "$check_1_10" warn "$check_1_10"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_10" pass "$check_1_10"
else else
warn "$check_1_10" warn "$check_1_10"
@ -166,7 +166,7 @@ if [ -f "$file" ]; then
else else
warn "$check_1_11" warn "$check_1_11"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_11" pass "$check_1_11"
else else
warn "$check_1_11" warn "$check_1_11"
@ -186,7 +186,7 @@ if [ -f "$file" ]; then
else else
warn "$check_1_12" warn "$check_1_12"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_12" pass "$check_1_12"
else else
warn "$check_1_12" warn "$check_1_12"
@ -206,7 +206,7 @@ if [ -f "$file" ]; then
else else
warn "$check_1_13" warn "$check_1_13"
fi fi
elif grep "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
pass "$check_1_13" pass "$check_1_13"
else else
warn "$check_1_13" warn "$check_1_13"