From c67469d96b052e49b3b6d67575886a7b254e6308 Mon Sep 17 00:00:00 2001 From: Razvan Stoica Date: Mon, 29 Mar 2021 16:20:01 +0300 Subject: [PATCH] Fix systemctl error when running inside a container --- tests/1_host_configuration.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/1_host_configuration.sh b/tests/1_host_configuration.sh index ef96286..9fc9402 100644 --- a/tests/1_host_configuration.sh +++ b/tests/1_host_configuration.sh @@ -223,7 +223,7 @@ check_1_2_6() { local id="1.2.6" local desc="Ensure auditing is configured for Docker files and directories - docker.service (Scored)" local remediation - remediation="Install auditd. Add -w $(systemctl show -p FragmentPath docker.service | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." + remediation="Install auditd. Add -w $(get_service_file docker.service) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions." local check="$id - $desc" starttestjson "$id" "$desc" @@ -258,7 +258,7 @@ check_1_2_7() { local id="1.2.7" local desc="Ensure auditing is configured for Docker files and directories - docker.socket (Scored)" local remediation - remediation="Install auditd. Add -w $(systemctl show -p FragmentPath docker.socket | sed 's/.*=//') -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." + remediation="Install auditd. Add -w $(get_service_file docker.socket) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions." local check="$id - $desc" starttestjson "$id" "$desc"