GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-31 22:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity
docker-bench-security/test/4_1_create_user_in_container.bats.template

18 lines
569 B
Text
Raw Blame History

#!/usr/bin/env bats
load "test_helper/bats-support/load"
load "test_helper/bats-assert/load"
load "$BATS_TEST_DIRNAME/../helper_lib.sh"
# 4.1
@test "4.1 - Create a user for the container {{c}}" {
local user=$(docker inspect --format 'User={{.Config.User}}' "{{c}}")
if [ "$user" = "User=" -o "$user" = "User=[]" -o "$user" = "User=<no value>" ]; then
# get PID 1 and check if it's running as root (uid=0)
local uid=$(docker exec {{c}} awk '/^Uid:/{print $2}' /proc/1/status)
if [ $uid -eq 0 ]; then
fail "Running as root: {{c}}"
fi
fi
}
Reference in a new issue View git blame Copy permalink