issue #349: changes test 2.2.8 (#351)

5 years ago · d127512ab9
parent 336ca84998
commit d127512ab9
1 changed files with 8 additions and 2 deletions
--- a/cfg/1.13-json/node.yaml
+++ b/cfg/1.13-json/node.yaml
@ -434,8 +434,14 @@ groups:

    - id: 2.2.8
      text: "Ensure that the client certificate authorities file ownership is set to root:root (Scored)"
-      audit: "/bin/sh -c 'if test -e $ca-file; then stat -c %U:%G $ca-file; fi'"
-      type: manual
+      audit: "/bin/sh -c 'if test -e $kubeletcafile; then stat -c %U:%G $kubeletcafile; fi'"
+      tests:
+        test_items:
+          - flag: "root:root"
+            compare:
+              op: eq
+              value: root:root
+            set: true
      remediation: |
        Run the following command to modify the ownership of the --client-ca-file .
        chown root:root <filename>