arno
/
kube-bench
mirror of https://github.com/aquasecurity/kube-bench.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Improve etcd data directory extraction

Browse Source 
- If data-dir is not the last argument, the remaining arguments
  are captured preventing the correct checking.

Signed-off-by: Konstantin Semenov <ksemenov@pivotal.io>
pull/90/head
Konstantinos Karampogias 6 years ago committed by Konstantin Semenov
parent be0134de95
commit 8fc6904093
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
cfg/1.8/master.yaml
Unescape View File

@ -942,7 +942,7 @@ groups:
- id: 1.4.11
text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)"
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %a
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | awk '{print $1}' | xargs stat -c %a
tests:
test_items:
- flag: "700"

Write Preview
Loading…
Cancel
Save