Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	
	
	5d5ca0a3da 
 
						 
						
							
							
								
								
								correct tests and instructions  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2024-04-16 07:29:45 +00:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	4a4ae81a03  
						 
						
							
							
								
								
								initial commit of tests/1_host_configuration.sh v1.3.1  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2021-05-25 20:49:45 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	c67469d96b  
						 
						
							
							
								
								
								Fix systemctl error when running inside a container  
							
							
							
						 
						
							2021-03-29 16:20:01 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	d0443cc817  
						 
						
							
							
								
								
								Bug fixing and improving source code readability  
							
							
							
						 
						
							2021-03-29 15:22:14 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	8a934aebf1  
						 
						
							
							
								
								
								Remove the Debian family-specific installation command  
							
							
							
						 
						
							2021-03-28 09:47:49 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	7e89fdd364  
						 
						
							
							
								
								
								Add remediation stuff on host configuration  
							
							
							
						 
						
							2021-03-18 10:28:45 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	7144b947de  
						 
						
							
							
								
								
								Tests update  
							
							
							
						 
						
							2021-03-16 10:05:49 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	11886d47d8  
						 
						
							
							
								
								
								Fixed invalid JSON log  
							
							
							
						 
						
							2021-03-11 15:00:12 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	c623d3afdd  
						 
						
							
							
								
								
								Print the remediation measure only if the check is not passed  
							
							
							
						 
						
							2021-03-11 09:32:29 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	6c586b4e08  
						 
						
							
							
								
								
								Print remediation measures at the end of the logs  
							
							
							
						 
						
							2021-03-10 21:47:52 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	c00ef4330b  
						 
						
							
							
								
								
								Add details about remediations measure for host configuration tests  
							
							
							
						 
						
							2021-03-09 21:43:25 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Razvan Stoica 
								
							 
						 
						
							
							
								
							
							
	94900eedb9  
						 
						
							
							
								
								
								Change global variable used only locally to local variable for simplification  
							
							
							
						 
						
							2021-03-09 12:42:48 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									mark 
								
							 
						 
						
							
							
								
							
							
	d85c73316a  
						 
						
							
							
								
								
								Updated mountpoint check to support user namespace  
							
							
							
						 
						
							2020-09-29 12:41:25 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									mark 
								
							 
						 
						
							
							
								
							
							
	919816dbbf  
						 
						
							
							
								
								
								Changed to 'df' to support user namespaces  
							
							
							
						 
						
							2020-09-28 08:04:17 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	8aec461d46  
						 
						
							
							
								
								
								more flexible binary usage, better support for mac os  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2020-05-08 13:09:52 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	98acc66436  
						 
						
							
							
								
								
								map desc_ to benchmark headings  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2020-05-08 12:38:08 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Ilya Dus 
								
							 
						 
						
							
							
								
							
							
	d42fedc370  
						 
						
							
							
								
								
								fix(sh): check default ubuntu locations of docker.service and docker.socket files  
							
							... 
							
							
							
							Signed-off-by: Ilya Dus <ilyadoos@gmail.com> 
							
						 
						
							2020-04-10 16:26:25 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	ddad135d13  
						 
						
							
							
								
								
								shellcheck  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-10-16 09:49:18 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	71f63a192a  
						 
						
							
							
								
								
								tmp fix for json  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-28 12:36:49 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	17c6262d2f  
						 
						
							
							
								
								
								formating  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-28 12:14:35 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	bcd6e5dd55  
						 
						
							
							
								
								
								json sections  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-27 16:10:59 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	d963b93fcc  
						 
						
							
							
								
								
								update info output  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-26 15:13:50 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	28f16f0afd  
						 
						
							
							
								
								
								add 1.2.9, #ref  https://github.com/docker/docker-bench-security/pull/359  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-26 14:41:37 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	6105f02a16  
						 
						
							
							
								
								
								first pass on section 1  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2019-08-26 14:37:25 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	d5b900ce05  
						 
						
							
							
								
								
								use mountpoint and DockerRootDir  #332  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2018-10-23 15:26:41 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Mark Stemm 
								
							 
						 
						
							
							
								
							
							
	ec7d8ce690  
						 
						
							
							
								
								
								Improve docker-bench-security json output  
							
							... 
							
							
							
							Add a test object for each test performed by the script. Each object has
an id N.M, a desc property describing the test, and the result. Some
tests include additional information about the test e.g. "No TLS
Certificate Found". That can be found in an optional details property of
the test object.
Also, some tests might also return a list of containers, images, users,
etc. This is included in an optional items property of the test object.
Instead of having all test results as top-level objects, break the test
results into sections. Each section has an id + description e.g. "1" and
"Host Configuration". The tests for that section are an array below that
object.
All of the additional json output is implemented by adding new functions
startsectionjson(), endsectionjson(), starttestjson(), and
resulttestjson() that take the id/desc/etc as arguments and print the
proper json properties. It also required adding an "end" test to each
script that calls endsectionjson().
Signed-off-by: Mark Stemm <mark.stemm@gmail.com> 
							
						 
						
							2018-10-11 13:39:55 -07:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joe Williams 
								
							 
						 
						
							
							
								
							
							
	cfb3357a12  
						 
						
							
							
								
								
								fix docker user json output  
							
							... 
							
							
							
							This prints out the docker users in a similar fashion to the other tests, including `INFO` rather than just the system command output.
Signed-off-by: Joe Williams <joe.williams@github.com> 
							
						 
						
							2018-07-26 15:07:59 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	78700f2600  
						 
						
							
							
								
								
								consistent currentScore  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2018-07-01 20:04:20 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	8142de8334  
						 
						
							
							
								
								
								convert all checks to functions  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2018-01-16 13:46:49 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	ce5ab6b063  
						 
						
							
							
								
								
								update version check  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2018-01-12 11:42:52 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	3d532a29ac  
						 
						
							
							
								
								
								add score and totalChecks to 1_  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-10-23 15:39:18 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	a3612c574e  
						 
						
							
							
								
								
								check 1.x json log  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-10-10 14:33:32 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	809da21c4a  
						 
						
							
							
								
								
								skeleton json  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-10-10 13:54:59 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	d062b1edce  
						 
						
							
							
								
								
								Merge pull request  #256  from konstruktoid/date_255  
							
							... 
							
							
							
							busybox date conversion 
							
						 
						
							2017-10-06 09:57:41 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Julien Garcia Gonzalez 
								
							 
						 
						
							
							
								
							
							
	683a728364  
						 
						
							
							
								
								
								update 1.1  
							
							... 
							
							
							
							Signed-off-by: Julien Garcia Gonzalez <julien@giantswarm.io> 
							
						 
						
							2017-09-21 08:53:07 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	f8354c1017  
						 
						
							
							
								
								
								busybox date conversion  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-09-20 11:10:36 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	73afde56d0  
						 
						
							
							
								
								
								date conversion  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-07-07 12:38:21 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	6f0303ef56  
						 
						
							
							
								
								
								versioning  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-07-07 12:31:22 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	00c2d6e796  
						 
						
							
							
								
								
								docker date versioning  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-07-07 12:24:03 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	2dd6f2ebec  
						 
						
							
							
								
								
								update test names  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-07-07 10:21:38 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	e5afda701f  
						 
						
							
							
								
								
								auto update due to new versioning  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-05-08 14:58:16 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	986aaa67fb  
						 
						
							
							
								
								
								supress grep is auditd rules is missing  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-04-21 14:24:02 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	a97bdfbe0d  
						 
						
							
							
								
								
								add note tag on informal checks  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-03-23 11:29:58 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	bbdfa0015e  
						 
						
							
							
								
								
								new versioning  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-03-02 13:29:01 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	ea39505778  
						 
						
							
							
								
								
								use grep if auditctl isnt present,  closes   #150  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-25 10:22:08 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	ab6c2cd02f  
						 
						
							
							
								
								
								Update section 1 to 1.13  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-24 09:45:24 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	77617321df  
						 
						
							
							
								
								
								update info messages, not scored  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-23 17:06:10 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	6a2176b34e  
						 
						
							
							
								
								
								#182  messages and syntax  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-23 12:40:32 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	91e684da65  
						 
						
							
							
								
								
								1.13.0  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-20 11:53:18 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Thomas Sjögren 
								
							 
						 
						
							
							
								
							
							
	67c7562937  
						 
						
							
							
								
								
								1.12.6  
							
							... 
							
							
							
							Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com> 
							
						 
						
							2017-01-11 11:44:37 +01:00