mirror of
https://github.com/docker/docker-bench-security.git
synced 2025-01-18 16:22:33 +01:00
Remove the Debian family-specific installation command
This commit is contained in:
Razvan Stoica
parent
4b68c2e040
commit
8a934aebf1
1 changed files with 10 additions and 10 deletions
|
|
@ -129,7 +129,7 @@ check_1_2_2() {
|
|||
check_1_2_3() {
|
||||
local id="1.2.3"
|
||||
local desc="Ensure auditing is configured for the Docker daemon (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /usr/bin/dockerd -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /usr/bin/dockerd -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -155,7 +155,7 @@ check_1_2_3() {
|
|||
check_1_2_4() {
|
||||
local id="1.2.4"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /var/lib/docker (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /var/lib/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /var/lib/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -187,7 +187,7 @@ check_1_2_4() {
|
|||
check_1_2_5() {
|
||||
local id="1.2.5"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /etc/docker (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /etc/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /etc/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -220,7 +220,7 @@ check_1_2_6() {
|
|||
local id="1.2.6"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - docker.service (Scored)"
|
||||
local remediation
|
||||
remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w $(systemctl show -p FragmentPath docker.service | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
remediation="Install auditd. Add -w $(systemctl show -p FragmentPath docker.service | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -253,7 +253,7 @@ check_1_2_7() {
|
|||
local id="1.2.7"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - docker.socket (Scored)"
|
||||
local remediation
|
||||
remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w $(systemctl show -p FragmentPath docker.socket | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
remediation="Install auditd. Add -w $(systemctl show -p FragmentPath docker.socket | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -285,7 +285,7 @@ check_1_2_7() {
|
|||
check_1_2_8() {
|
||||
local id="1.2.8"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /etc/default/docker (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /etc/default/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /etc/default/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -317,7 +317,7 @@ check_1_2_8() {
|
|||
check_1_2_9() {
|
||||
local id="1.2.9"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /etc/sysconfig/docker (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /etc/sysconfig/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /etc/sysconfig/docker -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -349,7 +349,7 @@ check_1_2_9() {
|
|||
check_1_2_10() {
|
||||
local id="1.2.10"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /etc/docker/daemon.json -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /etc/docker/daemon.json -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -381,7 +381,7 @@ check_1_2_10() {
|
|||
check_1_2_11() {
|
||||
local id="1.2.11"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /usr/bin/containerd (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /usr/bin/containerd -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /usr/bin/containerd -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
@ -413,7 +413,7 @@ check_1_2_11() {
|
|||
check_1_2_12() {
|
||||
local id="1.2.12"
|
||||
local desc="Ensure auditing is configured for Docker files and directories - /usr/sbin/runc (Scored)"
|
||||
local remediation="Install and configure auditd using command sudo apt-get install auditd. Add -w /usr/sbin/runc -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediation="Install auditd. Add -w /usr/sbin/runc -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
|
||||
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
|
||||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
|
|
|||
Loading…
Reference in a new issue