GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-18 16:22:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

containerd.socket > containerd.sock

Browse source 
Signed-off-by: joshavant <830519+joshavant@users.noreply.github.com>
This commit is contained in:
joshavant 2024-02-10 20:13:32 -06:00
parent ba0b402ea5
commit cb1dd6e88c
No known key found for this signature in database
GPG key ID: 4463B60B0DD49BC4
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/1_host_configuration.sh
View file

@ -243,12 +243,12 @@ check_1_1_8() {
local id="1.1.8" local id="1.1.8"
local desc="Ensure auditing is configured for Docker files and directories - containerd.sock (Automated)" local desc="Ensure auditing is configured for Docker files and directories - containerd.sock (Automated)"
local remediation local remediation
remediation="Install auditd. Add -w $(get_service_file containerd.socket) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart." remediation="Install auditd. Add -w $(get_service_file containerd.sock) -k docker to the /etc/audit/rules.d/audit.rules file. Then restart the audit daemon using command service auditd restart."
local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions." local remediationImpact="Audit can generate large log files. So you need to make sure that they are rotated and archived periodically. Create a separate partition for audit logs to avoid filling up other critical partitions."
local check="$id - $desc" local check="$id - $desc"
starttestjson "$id" "$desc" starttestjson "$id" "$desc"
file="$(get_service_file containerd.socket)" file="$(get_service_file containerd.sock)"
if [ -e "$file" ]; then if [ -e "$file" ]; then
if command -v auditctl >/dev/null 2>&1; then if command -v auditctl >/dev/null 2>&1; then
if auditctl -l | grep "$file" >/dev/null 2>&1; then if auditctl -l | grep "$file" >/dev/null 2>&1; then