Test 1.1.8 produce false positive
cesan3 opened this issue · 3 comments
cesan3 commented
The current cis-1.3.1 audit is giving me a false positive with docker-ce-20.10.21-3. This check 1.1.8:
test_file=$(grep 'containerd.sock' /etc/containerd/config.toml | awk -F "\"" '{print $2}')
if test -S "$test_file"; then
auditctl -l | grep $test_file
fi
I manually updated it to:
test_file=$(grep 'containerd.sock' /etc/containerd/config.toml | awk -F "=" '{print $2}' | sed -e 's/"//g')
if test -S $test_file; then
auditctl -l | grep $test_file
fi
And it passes now.
I can create a PR but before I'd like to confirm this is not caused by my environment/version.
I'm running docker-ce-20.10.21-3 on rocky8
y4ney commented