Commit graph

815 commits

Author SHA1 Message Date
Thomas Sjögren
e1e902b3ed update checks
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 11:19:02 +02:00
Thomas Sjögren
88b48315bc update checks
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 11:16:49 +02:00
Thomas Sjögren
efa3b4522f update check names
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:56:18 +02:00
Thomas Sjögren
03974c0854 update titles and tests
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:37:09 +02:00
Thomas Sjögren
d93bc6b075 update section 2, clean tests
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:23:40 +02:00
Thomas Sjögren
2226ad1b90 update versions, CIS Docker Community Edition Benchmark
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:22:57 +02:00
Thomas Sjögren
e8d553b4c0 Update to CIS Docker Community Edition Benchmark
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:22:27 +02:00
Thomas Sjögren
2dd6f2ebec update test names
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:21:38 +02:00
Thomas Sjögren
7d0def16df Merge pull request from konstruktoid/alpine
alpine 3.6
2017-05-29 12:03:57 +02:00
Thomas Sjögren
f262f7d5b5 alpine 3.6
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-05-29 12:03:04 +02:00
Thomas Sjögren
d2936821b2 Merge pull request from konstruktoid/version
auto update due to new versioning
2017-05-08 15:22:11 +02:00
Thomas Sjögren
e5afda701f auto update due to new versioning
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-05-08 14:58:16 +02:00
Thomas Sjögren
0be551b31f Merge pull request from konstruktoid/missing_audit
supress grep is auditd rules is missing
2017-04-21 14:24:45 +02:00
Thomas Sjögren
986aaa67fb supress grep is auditd rules is missing
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-04-21 14:24:02 +02:00
Thomas Sjögren
7e6ac47467 Merge pull request from konstruktoid/issue_241
.Server.Experimental pre-1.13
2017-04-21 13:53:10 +02:00
Thomas Sjögren
5d9101cfc2 .Server.Experimental pre-1.13
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-04-21 13:51:09 +02:00
Thomas Sjögren
fb28d00c02 Merge pull request from konstruktoid/tls_test
test tls get_docker_configuration_file_args
2017-03-23 15:29:48 +01:00
Thomas Sjögren
17ee45ba94 test tls get_docker_configuration_file_args
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-23 15:28:06 +01:00
Thomas Sjögren
6bafeb5386 Merge pull request from konstruktoid/version
bump to 1.3.2
2017-03-23 11:40:06 +01:00
Thomas Sjögren
a3dd83a529 bump to 1.3.2
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-23 11:37:15 +01:00
Thomas Sjögren
48b210dcfb Merge pull request from konstruktoid/notes
add note tag on informational checks
2017-03-23 11:32:08 +01:00
Thomas Sjögren
a97bdfbe0d add note tag on informal checks
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-23 11:29:58 +01:00
Thomas Sjögren
3ba6138958 Merge pull request from konstruktoid/configuration_file_args
Modify get_docker_configuration_file_args
2017-03-23 11:11:14 +01:00
Thomas Sjögren
6105ff6641 use stat when checking permissions
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-22 15:23:04 +01:00
Thomas Sjögren
754e0ed02b tlsverify implies tls
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-21 16:17:08 +01:00
Thomas Sjögren
91e625b8e4 Modify get_docker_configuration_file_args in order to handle daemon.json better,
and also address missing files issue.

Closes 
Closes 

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-21 14:49:42 +01:00
Thomas Sjögren
d5894203c6 Merge pull request from LorensK/patch-1
Minor clarification
2017-03-13 14:44:29 +01:00
LorensK
e1fcdb8c3d Minor clarification
i spent too many seconds pondering whether non-systemd OSs are supported. Using "might" instead of "may" removes the ambiguity.

Signed-off-by: Lorens Kockum <LorensK@users.noreply.github.com>
2017-03-13 12:41:09 +01:00
Thomas Sjögren
8d1174d569 Merge pull request from konstruktoid/versioning
new version
2017-03-02 13:29:42 +01:00
Thomas Sjögren
bbdfa0015e new versioning
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-02 13:29:01 +01:00
Thomas Sjögren
260a3a76f1 Merge pull request from andreasstieger/netstat
2.17: correct netstat usage and filtering
2017-02-24 13:26:48 +01:00
Andreas Stieger
c30a43c1fd 2.17: account for :::2377 netstat output
Fixes  - no. 4

Signed-off-by: Andreas Stieger <astieger@suse.com>
2017-02-24 13:24:02 +01:00
Andreas Stieger
421c6dd866 2.17: may incorrectly match 5 digit port numbers
Fixes  - no. 3

Signed-off-by: Andreas Stieger <astieger@suse.com>
2017-02-24 13:23:57 +01:00
Andreas Stieger
7c66b6373a 2.17: grep -e recognizes IPv4 separator any character - escape
Fixes  - no. 2

Signed-off-by: Andreas Stieger <astieger@suse.com>
2017-02-24 13:23:48 +01:00
Andreas Stieger
c15dc6c568 2.17: netstat non-numeric output may not interpreted correctly
The port may be aliased in /etc/services
Fixes  - no. 1

Signed-off-by: Andreas Stieger <astieger@suse.com>
2017-02-24 13:23:33 +01:00
Thomas Sjögren
3d87e6d743 Merge pull request from konstruktoid/issue_157
Check configuration file settings
2017-02-24 11:28:50 +01:00
Thomas Sjögren
c92e8a142e Merge pull request from konstruktoid/issue_221
Issue 221
2017-02-23 17:08:21 +01:00
Thomas Sjögren
011ec950e9 use docker info, as all other tests
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 17:07:33 +01:00
Thomas Sjögren
7787fc0ec9 correct check_2_21, closes
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 17:01:47 +01:00
Thomas Sjögren
8aea40f72a Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
2017-02-23 16:47:03 +01:00
Thomas Sjögren
e6522494a9 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:46:26 +01:00
Thomas Sjögren
c1d4a1bd01 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args
2017-02-23 16:42:25 +01:00
Thomas Sjögren
65ff6d1015 null if no config file
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:33:54 +01:00
Thomas Sjögren
072ff1cce3 fallback to default daemon.json
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:33:54 +01:00
Thomas Sjögren
91eb958dd3 get file locations from config file
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:33:54 +01:00
Thomas Sjögren
7575020fd5 check config file settings
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:33:53 +01:00
Thomas Sjögren
7410cdf9f6 add get_docker_configuration_file_args
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-02-23 16:33:53 +01:00
Thomas Sjögren
7c20138161 Merge pull request from willfarrell/master
Add HEALTHCHECK -> removes warning from 4.6
2017-02-23 12:24:45 +01:00
will Farrell
cee1e59860 force Healthcheck to healthy
This will prevent:
```bash
# Docker Bench for Security v1.3.0
[WARN] 4.6  - Add HEALTHCHECK instruction to the container image
[WARN]      * No Healthcheck found: [docker-bench-security:latest]
```

Signed-off-by: will Farrell <will.farrell@gmail.com>
2017-02-22 16:19:19 -07:00
Thomas Sjögren
1caa7f4344 Merge pull request from konstruktoid/swarm_tests
update swarm tests
2017-02-22 10:13:15 +01:00