Skip to content

Commit fb28d00

Browse files
konstruktoidkonstruktoid
authored
Merge pull request #238 from konstruktoid/tls_test
test tls get_docker_configuration_file_args
2 parents 6bafeb5 + 17ee45b commit fb28d00

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

tests/3_docker_daemon_configuration_files.sh

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,7 @@ fi
139139

140140
# 3.9
141141
check_3_9="3.9 - Verify that TLS CA certificate file ownership is set to root:root"
142-
if get_docker_configuration_file_args 'tlscacert' 2>/dev/null 1>&2; then
142+
if ! [ -z $(get_docker_configuration_file_args 'tlscacert') ]; then
143143
tlscacert=$(get_docker_configuration_file_args 'tlscacert')
144144
else
145145
tlscacert=$(get_docker_effective_command_line_args '--tlscacert' | sed -n 's/.*tlscacert=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)
@@ -158,7 +158,7 @@ fi
158158

159159
# 3.10
160160
check_3_10="3.10 - Verify that TLS CA certificate file permissions are set to 444 or more restrictive"
161-
if get_docker_configuration_file_args 'tlscacert' 2>/dev/null 1>&2; then
161+
if ! [ -z $(get_docker_configuration_file_args 'tlscacert') ]; then
162162
tlscacert=$(get_docker_configuration_file_args 'tlscacert')
163163
else
164164
tlscacert=$(get_docker_effective_command_line_args '--tlscacert' | sed -n 's/.*tlscacert=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)
@@ -177,7 +177,7 @@ fi
177177

178178
# 3.11
179179
check_3_11="3.11 - Verify that Docker server certificate file ownership is set to root:root"
180-
if get_docker_configuration_file_args 'tlscert' 2>/dev/null 1>&2; then
180+
if ! [ -z $(get_docker_configuration_file_args 'tlscert') ]; then
181181
tlscert=$(get_docker_configuration_file_args 'tlscert')
182182
else
183183
tlscert=$(get_docker_effective_command_line_args '--tlscert' | sed -n 's/.*tlscert=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)
@@ -196,7 +196,7 @@ fi
196196

197197
# 3.12
198198
check_3_12="3.12 - Verify that Docker server certificate file permissions are set to 444 or more restrictive"
199-
if get_docker_configuration_file_args 'tlscert' 2>/dev/null 1>&2; then
199+
if ! [ -z $(get_docker_configuration_file_args 'tlscert') ]; then
200200
tlscert=$(get_docker_configuration_file_args 'tlscert')
201201
else
202202
tlscert=$(get_docker_effective_command_line_args '--tlscert' | sed -n 's/.*tlscert=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)
@@ -215,7 +215,7 @@ fi
215215

216216
# 3.13
217217
check_3_13="3.13 - Verify that Docker server key file ownership is set to root:root"
218-
if get_docker_configuration_file_args 'tlskey' 2>/dev/null 1>&2; then
218+
if ! [ -z $(get_docker_configuration_file_args 'tlskey') ]; then
219219
tlskey=$(get_docker_configuration_file_args 'tlskey')
220220
else
221221
tlskey=$(get_docker_effective_command_line_args '--tlskey' | sed -n 's/.*tlskey=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)
@@ -234,7 +234,7 @@ fi
234234

235235
# 3.14
236236
check_3_14="3.14 - Verify that Docker server key file permissions are set to 400 or more restrictive"
237-
if get_docker_configuration_file_args 'tlskey' 2>/dev/null 1>&2; then
237+
if ! [ -z $(get_docker_configuration_file_args 'tlskey') ]; then
238238
tlskey=$(get_docker_configuration_file_args 'tlskey')
239239
else
240240
tlskey=$(get_docker_effective_command_line_args '--tlskey' | sed -n 's/.*tlskey=\([^s]\)/\1/p' | sed 's/--/ --/g' | cut -d " " -f 1)

0 commit comments

Comments
 (0)