GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2024-11-01 08:31:44 +01:00
Code Issues Projects Releases Packages Wiki Activity

Remove container after run.

Browse source
This commit is contained in:
Constantin Bugneac 2020-11-17 21:49:07 +00:00
parent 6ad1a1ef77
commit 1ea667f2f0
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -21,7 +21,7 @@ The easiest way to run your hosts against the Docker Bench for Security is by
running our pre-built container: running our pre-built container:
```sh ```sh
docker run -it --net host --pid host --userns host --cap-add audit_control \ docker run --rm --net host --pid host --userns host --cap-add audit_control \
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \ -e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
-v /etc:/etc:ro \ -v /etc:/etc:ro \
-v /usr/bin/containerd:/usr/bin/containerd:ro \ -v /usr/bin/containerd:/usr/bin/containerd:ro \
@ -40,7 +40,7 @@ Some examples are:
binaries. binaries.
```sh ```sh
docker run -it --net host --pid host --userns host --cap-add audit_control \ docker run --rm --net host --pid host --userns host --cap-add audit_control \
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \ -e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
-v /etc:/etc \ -v /etc:/etc \
-v /var/lib:/var/lib:ro \ -v /var/lib:/var/lib:ro \
@ -53,7 +53,7 @@ docker run -it --net host --pid host --userns host --cap-add audit_control \
`/lib/systemd/system` folder by default. `/lib/systemd/system` folder by default.
```sh ```sh
docker run -it --net host --pid host --userns host --cap-add audit_control \ docker run --rm --net host --pid host --userns host --cap-add audit_control \
-e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \ -e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
-v /etc:/etc:ro \ -v /etc:/etc:ro \
-v /lib/systemd/system:/lib/systemd/system:ro \ -v /lib/systemd/system:/lib/systemd/system:ro \