GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fix the bug that a container may not have ps command

Browse source
This commit is contained in:
Nitro Cao 2021-09-01 11:03:50 +08:00
parent dfb3a90f67
commit fd9ad44344
No known key found for this signature in database
GPG key ID: CC98954D729E9CD6
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docker-bench-security.sh
View file

@ -24,7 +24,7 @@ readonly myname
export PATH="$PATH:/bin:/sbin:/usr/bin:/usr/local/bin:/usr/sbin/" export PATH="$PATH:/bin:/sbin:/usr/bin:/usr/local/bin:/usr/sbin/"
# Check for required program(s) # Check for required program(s)
req_programs 'awk docker grep stat tee tail wc xargs truncate sed' req_programs 'awk docker grep stat tee tail wc xargs truncate sed pgrep'
# Ensure we can connect to docker daemon # Ensure we can connect to docker daemon
if ! docker ps -q >/dev/null 2>&1; then if ! docker ps -q >/dev/null 2>&1; then

2
tests/5_container_runtime.sh
View file

@ -254,7 +254,7 @@ check_5_6() {
printcheck=0 printcheck=0
for c in $containers; do for c in $containers; do
processes=$(docker exec "$c" ps -el 2>/dev/null | grep -c sshd | awk '{print $1}') processes=$(docker inspect "$c" --format '{{ .State.Pid }}' 2>/dev/null | xargs pgrep -a -P 2>/dev/null | grep -c sshd | awk '{print $1}')
if [ "$processes" -ge 1 ]; then if [ "$processes" -ge 1 ]; then
# If it's the first container, fail the test # If it's the first container, fail the test
if [ $fail -eq 0 ]; then if [ $fail -eq 0 ]; then