GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-31 14:22:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

crt dir and permissions

Browse source 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren 2015-06-18 00:32:20 +02:00
parent 0c61ddb6dd
commit 1e0ef4cf97
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/3_docker_daemon_configuration_files.sh
View file

@ -250,7 +250,7 @@ check_3_17="3.17 - Verify that registry certificate file ownership is set to roo
directory="/etc/docker/certs.d/" directory="/etc/docker/certs.d/"
if [ -d "$directory" ]; then if [ -d "$directory" ]; then
fail=0 fail=0
owners=$(ls -lL "$directory"/*.crt | awk '{print "$3", "$4"}') owners=$(ls -lL $directory | grep ".crt" | awk '{print $3, $4}')
for p in $owners; do for p in $owners; do
printf "%s" "$p" | grep "root" >/dev/null 2>&1 printf "%s" "$p" | grep "root" >/dev/null 2>&1
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
@ -273,7 +273,7 @@ check_3_18="3.18 - Verify that registry certificate file permissions are set to
directory="/etc/docker/certs.d/" directory="/etc/docker/certs.d/"
if [ -d "$directory" ]; then if [ -d "$directory" ]; then
fail=0 fail=0
perms=$(ls -lL "$directory"/*.crt | awk '{print $1}') perms=$(ls -lL $directory | grep ".crt" | awk '{print $1}')
for p in $perms; do for p in $perms; do
if [ "$p" != "-r--r--r--." -a "$p" = "-r--------." ]; then if [ "$p" != "-r--r--r--." -a "$p" = "-r--------." ]; then
fail=1 fail=1