Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Examples not working #58

Closed
Nutomic opened this issue Mar 11, 2019 · 7 comments
Closed

Examples not working #58

Nutomic opened this issue Mar 11, 2019 · 7 comments
Labels
Hacktoberfest
Projects
Hacktoberfest 2019

Comments

@Nutomic
Copy link

Nutomic commented Mar 11, 2019

I tried the following commands, but both of them only result in an error Input 'container_capadd' is required and does not have a value.. The readme says I need a yml attribute file, but there is no mention how this file can be passed to the script.

# run profile locally
$ git clone https://github.com/dev-sec/cis-docker-benchmark
$ inspec exec cis-docker-benchmark

# run profile locally and directly from Github
$ inspec exec https://github.com/dev-sec/cis-docker-benchmark

OS / Environment
Ubuntu 18.04.2 LTS

Inspec Version

3.7.1

Baseline Version

a281d230fbe52f9ef7f88c5a4147dbce6af07ae9
@chris-rock
Copy link
Member

Hi @Nutomic thank you for the feedback. The project includes a sample attributes file and you can execute it via:

# run profile on remote host via SSH with sudo and define attribute value
inspec exec cis-docker-benchmark --attrs sample_attributes.yml

It is mentioned in the readme but maybe not prominent enough.

@Nutomic
Copy link
Author

Nutomic commented Mar 12, 2019

Right, I only looked at the first examples for running locally, and there is not mention how I can pass the attributes. It worked now, but I still had to edit the sample file. Would be good if it worked out of the box.

@chris-rock
Copy link
Member

@Nutomic would you like to open a PR to improve it?

@Nutomic
Copy link
Author

Nutomic commented Mar 13, 2019

Sorry but I dont have the time.

@chris-rock
Copy link
Member

Would it be possible to share your updated attributes within this issue?

@Nutomic
Copy link
Author

Nutomic commented Mar 13, 2019

here is the diff (though i'm not sure what container_capadd should be)

diff --git a/sample_attributes.yml b/sample_attributes.yml
index 8392f1c..c3cb15d 100644
--- a/sample_attributes.yml
+++ b/sample_attributes.yml
@@ -4,9 +4,10 @@ registry_cert_path: /etc/docker/certs.d
 registry_name: /etc/docker/certs.d/registry_hostname:port
 registry_ca_file: /etc/docker/certs.d/registry_hostname:port/ca.crt
 container_user: vagrant
-container_capadd: null
+container_capadd: NET_ADMIN,SYS_ADMIN
 authorization_plugin: authz-broker
 log_driver: syslog
 log_opts: /syslog-address/
 app_armor_profile: docker-default
 selinux_profile: /label\:level\:s0-s0\:c1023/
+benchmark_version: 1.12.0

@chris-rock chris-rock added this to Up for grabs in Hacktoberfest 2019 via automation Oct 5, 2019
@chris-rock chris-rock mentioned this issue Oct 8, 2019
Closed
commjoen added a commit to commjoen/cis-docker-benchmark that referenced this issue Oct 9, 2019
@commjoen
Simple fix for dev-sec#58 including cleanups and readable readme.md
fb5655e
commjoen added a commit to commjoen/cis-docker-benchmark that referenced this issue Oct 9, 2019
@commjoen
Simple fix for dev-sec#58 including cleanups and readable readme.md
4bbef5f 
Signed-off-by: Jeroen Willemsen <jwillemsen@xebia.com>
@commjoen commjoen mentioned this issue Oct 9, 2019
Merged
chris-rock pushed a commit that referenced this issue Oct 9, 2019
@commjoen @chris-rock
Simple fix for #58 (#61)
836c54f 
* Simple fix for #58 including cleanups and readable readme.md

Signed-off-by: Jeroen Willemsen <jwillemsen@xebia.com>

* processed feedback of @chris-rock

Signed-off-by: Jeroen Willemsen <jwillemsen@xebia.com>
@chris-rock
Copy link
Member

fixed in #61

Hacktoberfest 2019 automation moved this from Up for grabs to Done Oct 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Hacktoberfest
Projects
No open projects
Hacktoberfest 2019
  
Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Nutomic @chris-rock