mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-26 08:28:08 +00:00
Merge branch 'master' into fix-1.3.7
This commit is contained in:
commit
48489637c5
@ -460,7 +460,7 @@ groups:
|
||||
|
||||
- id: 2.2.9
|
||||
text: "Ensure that the kubelet configuration file ownership is set to root:root (Scored)"
|
||||
audit: "/bin/sh -c 'if test -e $/var/lib/kubelet/config.yaml; then stat -c %U:%G $/var/lib/kubelet/config.yaml; fi'"
|
||||
audit: "/bin/sh -c 'if test -e /var/lib/kubelet/config.yaml; then stat -c %U:%G /var/lib/kubelet/config.yaml; fi'"
|
||||
tests:
|
||||
test_items:
|
||||
- flag: "root:root"
|
||||
@ -472,7 +472,7 @@ groups:
|
||||
|
||||
- id: 2.2.10
|
||||
text: "Ensure that the kubelet configuration file has permissions set to 644 or more restrictive (Scored)"
|
||||
audit: "/bin/sh -c 'if test -e $/var/lib/kubelet/config.yaml; then stat -c %a $/var/lib/kubelet/config.yaml; fi'"
|
||||
audit: "/bin/sh -c 'if test -e /var/lib/kubelet/config.yaml; then stat -c %a /var/lib/kubelet/config.yaml; fi'"
|
||||
tests:
|
||||
bin_op: or
|
||||
test_items:
|
||||
|
Loading…
Reference in New Issue
Block a user