Razvan Stoica
11886d47d8
Fixed invalid JSON log
2021-03-11 15:00:12 +02:00
Razvan Stoica
c623d3afdd
Print the remediation measure only if the check is not passed
2021-03-11 09:32:29 +02:00
Razvan Stoica
6c586b4e08
Print remediation measures at the end of the logs
2021-03-10 21:47:52 +02:00
Razvan Stoica
c00ef4330b
Add details about remediations measure for host configuration tests
2021-03-09 21:43:25 +02:00
Razvan Stoica
94900eedb9
Change global variable used only locally to local variable for simplification
2021-03-09 12:42:48 +02:00
mark
d85c73316a
Updated mountpoint check to support user namespace
2020-09-29 12:41:25 +02:00
mark
919816dbbf
Changed to 'df' to support user namespaces
2020-09-28 08:04:17 +02:00
Thomas Sjögren
8aec461d46
more flexible binary usage, better support for mac os
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2020-05-08 13:09:52 +02:00
Thomas Sjögren
98acc66436
map desc_ to benchmark headings
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2020-05-08 12:38:08 +02:00
Ilya Dus
d42fedc370
fix(sh): check default ubuntu locations of docker.service and docker.socket files
...
Signed-off-by: Ilya Dus <ilyadoos@gmail.com>
2020-04-10 16:26:25 +03:00
Thomas Sjögren
ddad135d13
shellcheck
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-10-16 09:49:18 +02:00
Thomas Sjögren
71f63a192a
tmp fix for json
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-28 12:36:49 +02:00
Thomas Sjögren
17c6262d2f
formating
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-28 12:14:35 +02:00
Thomas Sjögren
bcd6e5dd55
json sections
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-27 16:10:59 +02:00
Thomas Sjögren
d963b93fcc
update info output
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-26 15:13:50 +02:00
Thomas Sjögren
28f16f0afd
add 1.2.9, #ref https://github.com/docker/docker-bench-security/pull/359
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-26 14:41:37 +02:00
Thomas Sjögren
6105f02a16
first pass on section 1
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2019-08-26 14:37:25 +02:00
Thomas Sjögren
d5b900ce05
use mountpoint and DockerRootDir #332
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2018-10-23 15:26:41 +02:00
Mark Stemm
ec7d8ce690
Improve docker-bench-security json output
...
Add a test object for each test performed by the script. Each object has
an id N.M, a desc property describing the test, and the result. Some
tests include additional information about the test e.g. "No TLS
Certificate Found". That can be found in an optional details property of
the test object.
Also, some tests might also return a list of containers, images, users,
etc. This is included in an optional items property of the test object.
Instead of having all test results as top-level objects, break the test
results into sections. Each section has an id + description e.g. "1" and
"Host Configuration". The tests for that section are an array below that
object.
All of the additional json output is implemented by adding new functions
startsectionjson(), endsectionjson(), starttestjson(), and
resulttestjson() that take the id/desc/etc as arguments and print the
proper json properties. It also required adding an "end" test to each
script that calls endsectionjson().
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2018-10-11 13:39:55 -07:00
Joe Williams
cfb3357a12
fix docker user json output
...
This prints out the docker users in a similar fashion to the other tests, including `INFO` rather than just the system command output.
Signed-off-by: Joe Williams <joe.williams@github.com>
2018-07-26 15:07:59 -04:00
Thomas Sjögren
78700f2600
consistent currentScore
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2018-07-01 20:04:20 +02:00
Thomas Sjögren
8142de8334
convert all checks to functions
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2018-01-16 13:46:49 +01:00
Thomas Sjögren
ce5ab6b063
update version check
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2018-01-12 11:42:52 +01:00
Thomas Sjögren
3d532a29ac
add score and totalChecks to 1_
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-10-23 15:39:18 +02:00
Thomas Sjögren
a3612c574e
check 1.x json log
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-10-10 14:33:32 +02:00
Thomas Sjögren
809da21c4a
skeleton json
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-10-10 13:54:59 +02:00
Thomas Sjögren
d062b1edce
Merge pull request #256 from konstruktoid/date_255
...
busybox date conversion
2017-10-06 09:57:41 +02:00
Julien Garcia Gonzalez
683a728364
update 1.1
...
Signed-off-by: Julien Garcia Gonzalez <julien@giantswarm.io>
2017-09-21 08:53:07 +02:00
Thomas Sjögren
f8354c1017
busybox date conversion
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-09-20 11:10:36 +02:00
Thomas Sjögren
73afde56d0
date conversion
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 12:38:21 +02:00
Thomas Sjögren
6f0303ef56
versioning
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 12:31:22 +02:00
Thomas Sjögren
00c2d6e796
docker date versioning
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 12:24:03 +02:00
Thomas Sjögren
2dd6f2ebec
update test names
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-07-07 10:21:38 +02:00
Thomas Sjögren
e5afda701f
auto update due to new versioning
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-05-08 14:58:16 +02:00
Thomas Sjögren
986aaa67fb
supress grep is auditd rules is missing
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-04-21 14:24:02 +02:00
Thomas Sjögren
a97bdfbe0d
add note tag on informal checks
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-23 11:29:58 +01:00
Thomas Sjögren
bbdfa0015e
new versioning
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-03-02 13:29:01 +01:00
Thomas Sjögren
ea39505778
use grep if auditctl isnt present, closes #150
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-25 10:22:08 +01:00
Thomas Sjögren
ab6c2cd02f
Update section 1 to 1.13
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-24 09:45:24 +01:00
Thomas Sjögren
77617321df
update info messages, not scored
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-23 17:06:10 +01:00
Thomas Sjögren
6a2176b34e
#182 messages and syntax
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-23 12:40:32 +01:00
Thomas Sjögren
91e684da65
1.13.0
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-20 11:53:18 +01:00
Thomas Sjögren
67c7562937
1.12.6
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2017-01-11 11:44:37 +01:00
Thomas Sjögren
27bb58c5cb
current version in 1.12.5
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-12-16 09:17:41 +01:00
Thomas Sjögren
2f6ddfd500
docker version 1.12.4
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-12-13 08:34:01 +01:00
Thomas Sjögren
7d4ee87105
bump version to 1.12.3
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-10-27 11:40:55 +02:00
Thomas Sjögren
e45d4e3bb8
1.12.2
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-10-13 22:15:35 +02:00
Thomas Sjögren
adfee878b8
1.12.1
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-08-19 23:11:03 +02:00
Thomas Sjögren
fdac630c36
bump docker version to 1.12
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-07-29 18:40:40 +02:00
Thomas Sjögren
9ba6afe0f2
1.11.2
...
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
2016-06-02 21:51:11 +02:00