From 2a325bd60df20d5d2f3256541279e2bba1ea3557 Mon Sep 17 00:00:00 2001
From: Kevin W Monroe <kevin.monroe@canonical.com>
Date: Tue, 21 Jul 2020 09:43:39 -0500
Subject: [PATCH] make the kubelet cafile test posix compliant (#643)

---
 cfg/cis-1.3/node.yaml | 4 +---
 cfg/cis-1.4/node.yaml | 4 +---
 cfg/cis-1.5/node.yaml | 4 +---
 3 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/cfg/cis-1.3/node.yaml b/cfg/cis-1.3/node.yaml
index 0cd83e8..ede4bcc 100644
--- a/cfg/cis-1.3/node.yaml
+++ b/cfg/cis-1.3/node.yaml
@@ -458,9 +458,7 @@ groups:
         text: Ensure that the client certificate authorities file ownership is set to root:root (Scored)
         audit: |
           CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
-          if [[ -z $CAFILE ]]; then
-            CAFILE=$kubeletcafile
-          fi
+          if test -z $CAFILE; then CAFILE=$kubeletcafile; fi
           if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items:
diff --git a/cfg/cis-1.4/node.yaml b/cfg/cis-1.4/node.yaml
index 8b7161b..cad30b7 100644
--- a/cfg/cis-1.4/node.yaml
+++ b/cfg/cis-1.4/node.yaml
@@ -449,9 +449,7 @@ groups:
         text: Ensure that the client certificate authorities file ownership is set to root:root (Scored)
         audit: |
           CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
-          if [[ -z $CAFILE ]]; then
-            CAFILE=$kubeletcafile
-          fi
+          if test -z $CAFILE; then CAFILE=$kubeletcafile; fi
           if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items:
diff --git a/cfg/cis-1.5/node.yaml b/cfg/cis-1.5/node.yaml
index bdf0ffc..e70daf5 100644
--- a/cfg/cis-1.5/node.yaml
+++ b/cfg/cis-1.5/node.yaml
@@ -119,9 +119,7 @@ groups:
         text: "Ensure that the client certificate authorities file ownership is set to root:root (Scored)"
         audit: |
           CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
-          if [[ -z $CAFILE ]]; then
-            CAFILE=$kubeletcafile
-          fi
+          if test -z $CAFILE; then CAFILE=$kubeletcafile; fi
           if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items: