GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #41 from konstruktoid/exclude_container

Browse source 
consistent labeling
This commit is contained in:
Thomas Sjögren 2015-06-19 23:34:36 +02:00
commit 2a0241d839
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -38,7 +38,7 @@ docker run -it --net host --pid host --cap-add audit_control \
-v /var/lib:/var/lib \ -v /var/lib:/var/lib \
-v /var/run/docker.sock:/var/run/docker.sock \ -v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/lib/systemd:/usr/lib/systemd \ -v /usr/lib/systemd:/usr/lib/systemd \
-v /etc:/etc --label security-benchmark \ -v /etc:/etc --label docker-bench-security \
docker-bench-security docker-bench-security
``` ```

4
docker-bench-security.sh
View file

@ -73,11 +73,11 @@ done
main () { main () {
# List all running containers # List all running containers
containers=$(docker ps -q) containers=$(docker ps -q)
# If there is a container with label docker-bench, memorize it: # If there is a container with label docker-bench-security, memorize it:
benchcont="nil" benchcont="nil"
for c in $containers; do for c in $containers; do
labels=$(docker inspect --format '{{ .Config.Labels }}' "$c") labels=$(docker inspect --format '{{ .Config.Labels }}' "$c")
contains "$labels" "docker-bench" && benchcont="$c" contains "$labels" "docker-bench-security" && benchcont="$c"
done done
# List all running containers except docker-bench # List all running containers except docker-bench
containers=$(docker ps -q | grep -v "$benchcont") containers=$(docker ps -q | grep -v "$benchcont")