mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-22 06:38:06 +00:00
Fix typo of 1.1.19 in cis-1.6 (#728)
This commit is contained in:
parent
8207532d16
commit
ff0ce661a8
@ -254,7 +254,7 @@ groups:
|
||||
use_multiple_values: true
|
||||
tests:
|
||||
test_items:
|
||||
- flag: "root root"
|
||||
- flag: "root:root"
|
||||
remediation: |
|
||||
Run the below command (based on the file location on your system) on the master node.
|
||||
For example,
|
||||
|
10
integration/testdata/cis-1.6/job-master.data
vendored
10
integration/testdata/cis-1.6/job-master.data
vendored
@ -18,7 +18,7 @@
|
||||
[PASS] 1.1.16 Ensure that the scheduler.conf file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive (Automated)
|
||||
[PASS] 1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root (Automated)
|
||||
[FAIL] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)
|
||||
[PASS] 1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)
|
||||
[INFO] 1.2 API Server
|
||||
@ -84,10 +84,6 @@ ps -ef | grep etcd
|
||||
Run the below command (based on the etcd data directory found above).
|
||||
For example, chown etcd:etcd /var/lib/etcd
|
||||
|
||||
1.1.19 Run the below command (based on the file location on your system) on the master node.
|
||||
For example,
|
||||
chown -R root:root /etc/kubernetes/pki/
|
||||
|
||||
1.2.1 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
|
||||
on the master node and set the below parameter.
|
||||
--anonymous-auth=false
|
||||
@ -177,7 +173,7 @@ on the master node and set the below parameter.
|
||||
|
||||
|
||||
== Summary ==
|
||||
43 checks PASS
|
||||
12 checks FAIL
|
||||
44 checks PASS
|
||||
11 checks FAIL
|
||||
10 checks WARN
|
||||
0 checks INFO
|
||||
|
10
integration/testdata/cis-1.6/job.data
vendored
10
integration/testdata/cis-1.6/job.data
vendored
@ -18,7 +18,7 @@
|
||||
[PASS] 1.1.16 Ensure that the scheduler.conf file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive (Automated)
|
||||
[PASS] 1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root (Automated)
|
||||
[FAIL] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Automated)
|
||||
[PASS] 1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)
|
||||
[PASS] 1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)
|
||||
[INFO] 1.2 API Server
|
||||
@ -84,10 +84,6 @@ ps -ef | grep etcd
|
||||
Run the below command (based on the etcd data directory found above).
|
||||
For example, chown etcd:etcd /var/lib/etcd
|
||||
|
||||
1.1.19 Run the below command (based on the file location on your system) on the master node.
|
||||
For example,
|
||||
chown -R root:root /etc/kubernetes/pki/
|
||||
|
||||
1.2.1 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
|
||||
on the master node and set the below parameter.
|
||||
--anonymous-auth=false
|
||||
@ -177,8 +173,8 @@ on the master node and set the below parameter.
|
||||
|
||||
|
||||
== Summary ==
|
||||
43 checks PASS
|
||||
12 checks FAIL
|
||||
44 checks PASS
|
||||
11 checks FAIL
|
||||
10 checks WARN
|
||||
0 checks INFO
|
||||
[INFO] 2 Etcd Node Configuration
|
||||
|
Loading…
Reference in New Issue
Block a user