Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

fix grep string for check 1.4.11 and 1.4.12 #134

Merged
merged 5 commits into from
Jun 18, 2018
Merged

fix grep string for check 1.4.11 and 1.4.12 #134

merged 5 commits into from
Jun 18, 2018

Conversation

hutr
Copy link
Contributor

@hutr hutr commented May 28, 2018

check 1.4.11 and 1.4.22 shows FAIL even when permissions is correct.

@hutr
fixed grep string for 1.4.11 and 1.4.22
e4100a4 
check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
lizrice
lizrice suggested changes Jun 7, 2018
View reviewed changes
Copy link
Contributor

@lizrice lizrice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! Couple of small changes please

cfg/1.8/master.yaml Outdated
tests:
test_items:
audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
test_items:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this is missing tests:?

cfg/1.8/master.yaml Outdated
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
tests:
test_items:
audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think there is any need for the grep -v grep step now that we are checking for --data-dir

cfg/1.8/master.yaml Outdated
@@ -960,7 +959,7 @@ groups:

- id: 1.4.12
text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)"
audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think grep -v grep is now unnecessary here too

hutr added 2 commits June 7, 2018 16:08
@hutr
changes for 1.4.11 and 1.4.2
468f5fa 
added tests: for 1.4.11 and removed grep -v grep for both
@hutr
Merge branch 'master' into master
50a3725
@hutr hutr changed the title fix grep string for check 1.4.11 and 1.4.22 fix grep string for check 1.4.11 and 1.4.12 Jun 7, 2018
@hutr
Copy link
Contributor Author

hutr commented Jun 7, 2018

Thanks for the correction.

Added tests: for 1.4.11
Removed grep -v grep for 1.4.11 and 1.4.12
Also fixed sed string for 1.4.12 to fetch right --data-dir folder

lizrice
lizrice approved these changes Jun 18, 2018
View reviewed changes
Copy link
Contributor

@lizrice lizrice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@lizrice lizrice merged commit 83704a7 into aquasecurity:master Jun 18, 2018
@lizrice lizrice mentioned this pull request Jun 18, 2018
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@lizrice lizrice lizrice approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hutr @lizrice