mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-15 12:29:04 +00:00
fixed grep string for 1.4.11 and 1.4.22
check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
This commit is contained in:
hutr
GitHub
parent
b502d09f8b
commit
e4100a4435
@ -942,9 +942,8 @@ groups:
|
||||
|
||||
- id: 1.4.11
|
||||
text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)"
|
||||
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
|
||||
tests:
|
||||
test_items:
|
||||
audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
|
||||
test_items:
|
||||
- flag: "700"
|
||||
compare:
|
||||
op: eq
|
||||
@ -960,7 +959,7 @@ groups:
|
||||
|
||||
- id: 1.4.12
|
||||
text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)"
|
||||
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
|
||||
audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
|
||||
tests:
|
||||
test_items:
|
||||
- flag: "etcd:etcd"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user