Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Remediation example for --reques-timeout is invalid #113

Closed
tuminoid opened this issue Apr 23, 2018 · 2 comments
Closed

Remediation example for --reques-timeout is invalid #113

tuminoid opened this issue Apr 23, 2018 · 2 comments

Comments

@tuminoid
Copy link

Remediation example for --request-timeout is invalid, as parameter needs to have unit defined, ie. 300s or 5m, and not just integer.

  - id: 1.1.37
    text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
    audit: "ps -ef | grep $apiserverbin | grep -v grep"
    type: "manual"
    remediation: |
      Edit the API server pod specification file $apiserverconf
      and set the below parameter as appropriate and if needed. For example,
      --request-timeout=300
    scored: true
@ttousai
Copy link
Contributor

ttousai commented Apr 23, 2018

Thank you @tuminoid for catching that. The remediation is straight from the CIS kubernetes benchmark. We can fix it in kube-bench and we will have to notify CIS.
cc @lizrice

@lizrice lizrice mentioned this issue May 11, 2018
Merged
@lizrice
Copy link
Contributor

lizrice commented May 11, 2018
edited
Loading

I have proposed the change to the CIS, and corrected it in our config file too.

@lizrice lizrice closed this as completed May 15, 2018
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lizrice @tuminoid @ttousai