1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-29 18:08:08 +00:00

fixed grep string for 1.4.11 and 1.4.22

check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
This commit is contained in:
hutr 2018-05-28 15:39:07 +02:00 committed by GitHub
parent b502d09f8b
commit e4100a4435
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -942,8 +942,7 @@ groups:
- id: 1.4.11 - id: 1.4.11
text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)" text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)"
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
tests:
test_items: test_items:
- flag: "700" - flag: "700"
compare: compare:
@ -960,7 +959,7 @@ groups:
- id: 1.4.12 - id: 1.4.12
text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)" text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)"
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
tests: tests:
test_items: test_items:
- flag: "etcd:etcd" - flag: "etcd:etcd"