From 9a87d5e3a723a4d1bad4b69e59376fd11fc74967 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?=
 <konstruktoid@users.noreply.github.com>
Date: Thu, 11 Jun 2015 23:42:30 +0200
Subject: [PATCH] auditctl requires cap_audit_control
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
---
 README.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index bcedb95..11da0bc 100644
--- a/README.md
+++ b/README.md
@@ -14,8 +14,9 @@ The easiest way to run your hosts against the CIS Docker 1.6 benchmark is by run
 
 
 ```
-docker run -it --net host --pid host -v /var/run/docker.sock:/var/run/docker.sock \
--v /usr/lib/systemd:/usr/lib/systemd -v /etc:/etc --label docker-bench-security \
+docker run -it --cap-add audit_control --net host --pid host \
+-v /var/run/docker.sock:/var/run/docker.sock -v /usr/lib/systemd:/usr/lib/systemd \
+-v /etc:/etc --label docker-bench-security \
 diogomonica/docker-bench-security
 ```
 
@@ -30,8 +31,9 @@ If you wish to build and run this container yourself, you can follow the followi
 ```
 git clone https://github.com/diogomonica/docker-bench-security.git
 cd docker-bench-security; docker build -t docker-bench-security .
-docker run -it --net host --pid host -v /var/run/docker.sock:/var/run/docker.sock \
--v /usr/lib/systemd:/usr/lib/systemd -v /etc:/etc --label security-benchmark \
+docker run -it --cap-add audit_control --net host --pid host \
+-v /var/run/docker.sock:/var/run/docker.sock -v /usr/lib/systemd:/usr/lib/systemd \
+-v /etc:/etc --label security-benchmark \
 docker-bench-security
 ```