From d127512ab987261394b7ed598fbce5d691feee56 Mon Sep 17 00:00:00 2001
From: Roberto Rojas <robertojrojas@gmail.com>
Date: Wed, 10 Jul 2019 10:54:09 -0400
Subject: [PATCH] issue #349: changes test 2.2.8 (#351)

---
 cfg/1.13-json/node.yaml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/cfg/1.13-json/node.yaml b/cfg/1.13-json/node.yaml
index 7724bd3..7140943 100644
--- a/cfg/1.13-json/node.yaml
+++ b/cfg/1.13-json/node.yaml
@@ -434,8 +434,14 @@ groups:
 
     - id: 2.2.8
       text: "Ensure that the client certificate authorities file ownership is set to root:root (Scored)"
-      audit: "/bin/sh -c 'if test -e $ca-file; then stat -c %U:%G $ca-file; fi'"
-      type: manual
+      audit: "/bin/sh -c 'if test -e $kubeletcafile; then stat -c %U:%G $kubeletcafile; fi'"
+      tests:
+        test_items:
+          - flag: "root:root"
+            compare:
+              op: eq
+              value: root:root
+            set: true
       remediation: |
         Run the following command to modify the ownership of the --client-ca-file .
         chown root:root <filename>