GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity
831 commits 3 branches 11 tags 4.9 MiB
Commit graph

292 commits

Author SHA1 Message Date
Joe Williams
cfb3357a12 fix docker user json output 
This prints out the docker users in a similar fashion to the other tests, including `INFO` rather than just the system command output.

Signed-off-by: Joe Williams <joe.williams@github.com>
 2018-07-26 15:07:59 -04:00
Nigel Brown
167c3507a2 Fixes incorrect reporting of TLS configuration in test 2.6 
Signed-off-by: Nigel Brown <nigel@windsock.io>
 2018-07-10 14:35:30 +01:00
Thomas Sjögren
c8894d3b26 deprecated --disable-legacy-registry 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-07-01 20:53:20 +02:00
Thomas Sjögren
78700f2600 consistent currentScore 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-07-01 20:04:20 +02:00
Thomas Sjögren
ebfb20c65f 4.7 is not scored 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-07-01 20:01:10 +02:00
Daniele Marcocci
77074962b1 fix count total_containers for swarm mode 
Signed-off-by: Daniele Marcocci <daniele.marcocci@par-tec.it>
 2018-05-18 10:17:42 +02:00
Mike Ritter
a3094ac5c6 New Features 
Signed-off-by: Mike Ritter <mike.ritter@target.com>
 2018-02-27 08:43:51 -06:00
Thomas Sjögren
bdeaeaa05a fix 2.18 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-02-09 11:02:04 +01:00
Thomas Sjögren
2aa9719dd6 silence example check output 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-18 11:29:20 +01:00
Thomas Sjögren
8fe0b5ea02 add example community check 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-17 16:11:04 +01:00
Thomas Sjögren
8142de8334 convert all checks to functions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-16 13:46:49 +01:00
Thomas Sjögren
25b40c94a2
Merge branch 'master' into issue265 2018-01-12 11:49:04 +01:00
Thomas Sjögren
ce5ab6b063 update version check 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-12 11:42:52 +01:00
Thomas Sjögren
57acb04a96 catch seccomp:unconfined|seccomp=unconfined 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-12 11:36:14 +01:00
Thomas Sjögren
bdba64c8c0
Merge pull request #280 from konstruktoid/version 
adapt to 18.01 docker version
 2018-01-12 11:09:47 +01:00
Thomas Sjögren
e0a302eb40 adapt to 18.01 docker version 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-12 11:09:16 +01:00
Karol Babioch
997ce7330e Replace netstat by ss 
ss(8) is a modern replacement for netstat(8). The former is slowly replacing
the latter in major Linux distributions, which makes it necessary to switch
at some point.

This addresses #278.

Signed-off-by: Karol Babioch <kbabioch@suse.de>
 2018-01-11 16:52:54 +01:00
Thomas Sjögren
976463a87b add score and totalChecks to 7_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:41:15 +02:00
Thomas Sjögren
7ebe21823d add score and totalChecks to 6_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:41:03 +02:00
Thomas Sjögren
e32910172f add score and totalChecks to 5_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:40:52 +02:00
Thomas Sjögren
de82250274 add score and totalChecks to 4_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:40:12 +02:00
Thomas Sjögren
f9be3996f4 add score and totalChecks to 3_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:39:52 +02:00
Thomas Sjögren
ec4060ea2f add score and totalChecks to 2_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:39:32 +02:00
Thomas Sjögren
3d532a29ac add score and totalChecks to 1_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:39:18 +02:00
Thomas Sjögren
fa9b227a7b check 7.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-13 10:38:31 +02:00
Thomas Sjögren
e1adab029d check 6.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-13 10:28:42 +02:00
Thomas Sjögren
be4dd69f3f check 5.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-13 10:25:23 +02:00
Thomas Sjögren
b8fac4a7d2 check 4.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-13 10:02:48 +02:00
Thomas Sjögren
7a1b813cdc check 3.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-13 09:53:15 +02:00
Thomas Sjögren
78b1f5dc86 check 2.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-10 14:46:08 +02:00
Thomas Sjögren
a3612c574e check 1.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-10 14:33:32 +02:00
Thomas Sjögren
809da21c4a skeleton json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-10 13:54:59 +02:00
Thomas Sjögren
d062b1edce Merge pull request #256 from konstruktoid/date_255 
busybox date conversion
 2017-10-06 09:57:41 +02:00
Thomas Sjögren
4ec0962704 Merge pull request #257 from jgsqware/2-14-check-dockerd 
update 2.14
 2017-09-21 10:18:34 +02:00
Julien Garcia Gonzalez
683a728364 update 1.1 
Signed-off-by: Julien Garcia Gonzalez <julien@giantswarm.io>
 2017-09-21 08:53:07 +02:00
Julien Garcia Gonzalez
1d07abf659
update 2.14 2017-09-21 08:15:09 +02:00
Thomas Sjögren
f8354c1017 busybox date conversion 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-09-20 11:10:36 +02:00
Thomas Sjögren
44e46c63c3 spaces 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 13:06:23 +02:00
Thomas Sjögren
84baf80b7d no short forms 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 13:03:45 +02:00
Thomas Sjögren
565ef3fb3b redirect errors 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 13:03:10 +02:00
Thomas Sjögren
73afde56d0 date conversion 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:38:21 +02:00
Thomas Sjögren
6f0303ef56 versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:31:22 +02:00
Thomas Sjögren
00c2d6e796 docker date versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:24:03 +02:00
Thomas Sjögren
dac6a62ba1 space 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:10:37 +02:00
Thomas Sjögren
5bf4f824a4 pass 7.7 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:08:31 +02:00
Thomas Sjögren
125eaf90cd inspect requires images 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:07:00 +02:00
Thomas Sjögren
60afd7ec83 7.7 verify swarm 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:05:42 +02:00
Thomas Sjögren
789af6d8d6 add Docker Swarm Configuration tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 11:43:15 +02:00
Thomas Sjögren
e1e902b3ed update checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 11:19:02 +02:00
Thomas Sjögren
88b48315bc update checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 11:16:49 +02:00
Thomas Sjögren
efa3b4522f update check names 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 10:56:18 +02:00
Thomas Sjögren
03974c0854 update titles and tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 10:37:09 +02:00
Thomas Sjögren
d93bc6b075 update section 2, clean tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 10:23:40 +02:00
Thomas Sjögren
2dd6f2ebec update test names 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 10:21:38 +02:00
Thomas Sjögren
e5afda701f auto update due to new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-05-08 14:58:16 +02:00
Thomas Sjögren
986aaa67fb supress grep is auditd rules is missing 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-04-21 14:24:02 +02:00
Thomas Sjögren
5d9101cfc2 .Server.Experimental pre-1.13 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-04-21 13:51:09 +02:00
Thomas Sjögren
17ee45ba94 test tls get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 15:28:06 +01:00
Thomas Sjögren
a97bdfbe0d add note tag on informal checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 11:29:58 +01:00
Thomas Sjögren
6105ff6641 use stat when checking permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-22 15:23:04 +01:00
Thomas Sjögren
754e0ed02b tlsverify implies tls 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-21 16:17:08 +01:00
Thomas Sjögren
91e625b8e4 Modify get_docker_configuration_file_args in order to handle daemon.json better, 
and also address missing files issue.

Closes #231
Closes #232

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-21 14:49:42 +01:00
Thomas Sjögren
bbdfa0015e new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-02 13:29:01 +01:00
Thomas Sjögren
260a3a76f1 Merge pull request #225 from andreasstieger/netstat 
2.17: correct netstat usage and filtering
 2017-02-24 13:26:48 +01:00
Andreas Stieger
c30a43c1fd 2.17: account for :::2377 netstat output 
Fixes #224 - no. 4

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:24:02 +01:00
Andreas Stieger
421c6dd866 2.17: may incorrectly match 5 digit port numbers 
Fixes #224 - no. 3

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:57 +01:00
Andreas Stieger
7c66b6373a 2.17: grep -e recognizes IPv4 separator any character - escape 
Fixes #224 - no. 2

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:48 +01:00
Andreas Stieger
c15dc6c568 2.17: netstat non-numeric output may not interpreted correctly 
The port may be aliased in /etc/services
Fixes #224 - no. 1

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:33 +01:00
Thomas Sjögren
3d87e6d743 Merge pull request #218 from konstruktoid/issue_157 
Check configuration file settings
 2017-02-24 11:28:50 +01:00
Thomas Sjögren
011ec950e9 use docker info, as all other tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:07:33 +01:00
Thomas Sjögren
7787fc0ec9 correct check_2_21, closes #221 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:01:47 +01:00
Thomas Sjögren
91eb958dd3 get file locations from config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
7575020fd5 check config file settings 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:53 +01:00
Thomas Sjögren
584847e5b4 update swarm tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-22 10:11:44 +01:00
Thomas Sjögren
7d992029e6 remove code, if CMD instead of exit code 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-17 15:03:29 +01:00
Thomas Sjögren
bd236b1ac0 add host / as sensitive 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-13 11:36:16 +01:00
Thomas Sjögren
e78f1b8045 replace contains with grep 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-10 15:35:06 +01:00
Thomas Sjögren
4e126efdbb 5.25 check correction 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 11:00:36 +01:00
Thomas Sjögren
6c35842734 5.19 check correction 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 11:00:25 +01:00
Thomas Sjögren
7fc5dc33a7 sh if lint 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 10:59:57 +01:00
Thomas Sjögren
68ed3dd845 default capabilities are OK to add, closes #207 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-25 12:07:14 +01:00
Thomas Sjögren
ea39505778 use grep if auditctl isnt present, closes #150 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-25 10:22:08 +01:00
Thomas Sjögren
7f87db0768 1.13 Section 5 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-24 15:26:19 +01:00
Thomas Sjögren
69435a0b3e update section 2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-24 13:41:30 +01:00
Thomas Sjögren
ab6c2cd02f Update section 1 to 1.13 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-24 09:45:24 +01:00
Thomas Sjögren
b766037da8 update permission checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 17:26:07 +01:00
Thomas Sjögren
77617321df update info messages, not scored 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 17:06:10 +01:00
Thomas Sjögren
933f1b6da9 output formating 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 16:16:02 +01:00
Thomas Sjögren
7aa4682c87 #182 netsat 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 13:38:28 +01:00
Thomas Sjögren
95e6ac8253 #182 checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 13:13:48 +01:00
Thomas Sjögren
07dbba6400 #182 remove legacy code 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 12:52:31 +01:00
Thomas Sjögren
6a2176b34e #182 messages and syntax 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 12:40:32 +01:00
Thomas Sjögren
27773128f8 Merge branch 'master' into docker-benchmark-1.12.0 2017-01-23 12:14:23 +01:00
Thomas Sjögren
b3cd7a1755 Merge pull request #168 from MrSecure/fix-tls-verify 
Fixes #167 - use get_docker_cumulative_command_line_args to check TLS
 2017-01-20 12:08:12 +01:00
Thomas Sjögren
91e684da65 1.13.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-20 11:53:18 +01:00
Thomas Sjögren
67c7562937 1.12.6 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-11 11:44:37 +01:00
Ravi Kumar Vadapalli
6aae32f4e5 Support for 'CIS Docker Benchmark 1.12.0' 
Signed-off-by: Ravi Kumar Vadapalli <vadapalli.ravikumar@gmail.com>
 2016-12-20 20:31:58 +05:30
Thomas Sjögren
27bb58c5cb current version in 1.12.5 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-12-16 09:17:41 +01:00
Thomas Sjögren
2f6ddfd500 docker version 1.12.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-12-13 08:34:01 +01:00
Thomas Sjögren
7d4ee87105 bump version to 1.12.3 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-10-27 11:40:55 +02:00
Thomas Sjögren
84a764e3d8 Merge pull request #169 from kevinll/master 
fix test 2.2 check for log level
Close #166
 2016-10-13 22:26:56 +02:00
Thomas Sjögren
e45d4e3bb8 1.12.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-10-13 22:15:35 +02:00
Kevin Lim
89e4769877 fix test 2.2 check for log level 
Signed-off-by: Kevin Lim <kevin.lim@sap.com>
 2016-09-28 14:25:42 -07:00
Mr. Secure
ee3e8dedb3 Fixes #167 - use get_docker_cumulative_command_line_args to check TLS settings 
Additionally, split warning into 2 parts:  no TLS, TLS w/o verification

Signed-off-by: Mr. Secure <ben.github@mrsecure.org>
 2016-09-24 19:42:39 -05:00
Thomas Sjögren
adfee878b8 1.12.1 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-08-19 23:11:03 +02:00
Thomas Sjögren
fdac630c36 bump docker version to 1.12 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-07-29 18:40:40 +02:00
Thomas Sjögren
9ba6afe0f2 1.11.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-06-02 21:51:11 +02:00
Thomas Sjögren
80e571f759 new version 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-28 21:51:24 +02:00
Thomas Sjögren
81b093632a update chap 6 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-15 00:23:03 +02:00
Thomas Sjögren
9e94259903 update chap 5 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-15 00:12:00 +02:00
Thomas Sjögren
c544e417b0 update chap 4 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 23:15:16 +02:00
Thomas Sjögren
e3da5eacf0 update chap 3 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 22:57:25 +02:00
Thomas Sjögren
3cafe284dd update chap 2 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 22:25:11 +02:00
Thomas Sjögren
1454b300a0 add 1.4 again 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 21:27:24 +02:00
Thomas Sjögren
6be21785c4 update chap 1 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 21:15:33 +02:00
Thomas Sjögren
03ec1b96b7 docker_current_version 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 20:18:49 +02:00
Thomas Sjögren
8d6f1e81c2 ps flags not in output 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-03-29 23:52:39 +02:00
Thomas Sjögren
d3ff26c5fa version 1.10.3 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-03-11 22:01:32 +01:00
Thomas Sjögren
3d7f124b89 Merge pull request #118 from konstruktoid/issue117 
use stat to verify permissions
 2016-03-11 21:32:55 +01:00
Matt Fellows
4d8ffc5943 Fix spelling mistake (proccesses -> processes) 
Signed-off-by: Matt Fellows <matt.fellows@onegeek.com.au>
 2016-02-25 11:08:43 +11:00
Thomas Sjögren
94d8a611d8 1.10.2 release 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-23 21:24:27 +01:00
Thomas Sjögren
001811bf87 use stat to verify permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-16 23:23:27 +01:00
Thomas Sjögren
68082d0727 current version 1.10.1 and correct date 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-15 20:58:19 +01:00
Thomas Sjögren
7c6a637b62 update to v1.10.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-05 20:56:25 +01:00
Thomas Sjögren
00a1270c9b inspect output changed 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-12-22 19:46:32 +01:00
Thomas Sjögren
606f70f83f flexible paths for docker.socket as well 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-12-12 16:16:50 +01:00
Thomas Sjögren
e8c6b94143 check docker.service 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-12-12 16:08:46 +01:00
Thomas Sjögren
a53e1bec44 Merge pull request #105 from andreasstieger/version-check 
Improve version check, fixes #103
 2015-12-07 20:00:03 +01:00
Andreas Stieger
e285c472d6 Support remote users and groups for group check. Fixes #104 
Grepping /etc/group discards users and grous coming from NIS, LDAP, AD.
Use getent group which covers all.

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 16:17:48 +01:00
Andreas Stieger
3f538f537f Vendors now support docker packages, add language for #103 
Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 16:09:15 +01:00
Andreas Stieger
2c6285d4ef Improve statement of version check 1.6, fixes #103 
Add an as-of date.

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 15:43:13 +01:00
Thomas Sjögren
80794e5638 get .service file location from systemd 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-27 19:26:03 +01:00
Thomas Sjögren
eda8e3a963 Merge pull request #100 from andreasstieger/cli 
Fix command line option parsing issues 
Closes #97 #98 #99
 2015-11-27 18:45:23 +01:00
Andreas Stieger
d2ba1d9f72 Fix #97, #98, #99 by using new helper functions 
Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-11-27 15:35:37 +01:00
Thomas Sjögren
2e6d3b290a latest version is 1.9.1 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-21 20:51:05 +01:00
Thomas Sjögren
f2f1195550 Merge pull request #91 from MrSecure/29-tcp-required 
check for TCP socket before checking for TLS
 2015-11-14 20:54:41 +01:00
Mr. Secure
f791d06cff apply TLS checks to any socket other than unix:// or fd:// 
break the docker command line arguments into one option per line,
then find all socket items (H or host), exclude the unix:// and
fd:// sockets, and if there are any left, check for TLS options

Signed-off-by: Mr. Secure <ben.github@mrsecure.org>
 2015-11-13 19:51:46 -06:00
Andreas Stieger
cd7efa2afc Fix test 3.25, correctly check for root:docker ownership, fixes #95 
Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-11-11 18:58:03 +01:00
Andreas Stieger
c5cb9cdc5c POSIX test command requires -S for UNIX domain sockets, fixes #94 
Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-11-11 18:57:58 +01:00
Thomas Sjögren
9b9f17cabc 1.9.0 released 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-04 18:23:25 +01:00
MrSecure
81730f536a check for TCP listener 
Signed-off-by: Mr. Secure <ben.github@mrsecure.org>
 2015-10-30 07:48:11 -05:00
Thomas Sjögren
50dc806232 current version is 1.8.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-10-01 21:46:33 +02:00
Csaba Palfi
831a373a61 make process count check even simpler 
Signed-off-by: Csaba Palfi <csaba@palfi.me>
 2015-08-17 17:41:47 +01:00
Csaba Palfi
d7926a0f31 make process count check a bit easier to read 
Signed-off-by: Csaba Palfi <csaba@palfi.me>
 2015-08-17 17:29:42 +01:00
Thomas Sjögren
75a7f955cc prettier Docker exec fail output 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-08-13 22:06:03 +02:00
Thomas Sjögren
5f4bfdb98c 'CapAdd=<nil>' 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-08-13 21:46:21 +02:00
Thomas Sjögren
64bc5323e6 current version is 1.8.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-08-13 21:35:55 +02:00
Ivan Angelov
7ada35cd90 Count unique image ids only 
Signed-off-by: Ivan Angelov <iangelov@users.noreply.github.com>
 2015-08-10 17:19:06 +02:00
Thomas Sjögren
45671a70f3 catch server versions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-07-11 20:36:04 +02:00
Thomas Sjögren
4a289d9a15 Merge pull request #59 from konstruktoid/perm_checks 
Perm checks
 2015-07-10 02:11:10 +02:00