GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2024-11-01 00:21:45 +01:00
Code Issues Projects Releases Packages Wiki Activity

correct tests and instructions

Browse source 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren 2024-04-16 07:29:45 +00:00
parent 820abe98c3
commit 5d5ca0a3da
No known key found for this signature in database
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/1_host_configuration.sh
View file

@ -243,12 +243,12 @@ check_1_1_8() {
local id="1.1.8" local id="1.1.8"
local desc="Ensure auditing is configured for Docker files and directories - containerd.sock (Automated)" local desc="Ensure auditing is configured for Docker files and directories - containerd.sock (Automated)"
local remediation local remediation
remediation="Install auditd. Add -w $(get_service_file containerd.socket) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." remediation="Install auditd. Add -w $(get_service_file containerd.sock) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions." local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
local check="$id - $desc" local check="$id - $desc"
starttestjson "$id" "$desc" starttestjson "$id" "$desc"
file="$(get_service_file containerd.socket)" file="$(get_service_file containerd.sock)"
if [ -e "$file" ]; then if [ -e "$file" ]; then
if command -v auditctl >/dev/null 2>&1; then if command -v auditctl >/dev/null 2>&1; then
if auditctl -l | grep "$file" >/dev/null 2>&1; then if auditctl -l | grep "$file" >/dev/null 2>&1; then