1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-26 01:49:28 +00:00

mount /etc/passwd and /etc/group for etcd ownership related checks (#868)

This commit is contained in:
Huang Huang 2021-05-09 19:25:14 +08:00 committed by GitHub
parent a1bd51db99
commit 182e64753e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -53,6 +53,12 @@ spec:
- name: opt-cni-bin - name: opt-cni-bin
mountPath: /opt/cni/bin/ mountPath: /opt/cni/bin/
readOnly: true readOnly: true
- name: etc-passwd
mountPath: /etc/passwd
readOnly: true
- name: etc-group
mountPath: /etc/group
readOnly: true
restartPolicy: Never restartPolicy: Never
volumes: volumes:
- name: var-lib-etcd - name: var-lib-etcd
@ -88,3 +94,9 @@ spec:
- name: opt-cni-bin - name: opt-cni-bin
hostPath: hostPath:
path: "/opt/cni/bin/" path: "/opt/cni/bin/"
- name: etc-passwd
hostPath:
path: "/etc/passwd"
- name: etc-group
hostPath:
path: "/etc/group"