![]() It must be audited, if applicable.Īdd the line -w /etc/default/docker -k docker into the /etc/audit/les file. It holds various parameters for Docker daemon. Its behavior depends on some key files and directories. Restart the audit daemon by running the command: service auditd restartĮnsure auditing is configured for Docker files and directories - /etc/default/docker (1.10)ĭescription: Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. It must be audited, if applicable.įind out the 'rvice' file location by running: systemctl show -p FragmentPath rvice and add the line -w is the file path you have found earlier. The rvice file might be present if the daemon parameters have been changed by an administrator. Then, restart the audit daemon by running the command: service auditd restartĮnsure auditing is configured for Docker files and directories - rvice (1.08)ĭescription: Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. It must be audited.Īdd the line -w /etc/docker -k docker into the /etc/audit/les file. It holds various certificates and keys used for TLS communication between Docker daemon and Docker client. Then, restart the audit daemon by running the command: service auditd restartĮnsure auditing is configured for Docker files and directories - /etc/docker (1.07)ĭescription: Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. It must be audited.Īdd the line -w /var/lib/docker -k docker into the /etc/audit/les file. It holds all the information about containers. ![]() Then, restart the audit daemon by running the command: service auditd restartĮnsure auditing is configured for Docker files and directories - /var/lib/docker (1.06)ĭescription: Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. ![]() ![]() It's thus necessary to audit its activities and usage.Īdd the line -w /usr/bin/docker -k docker into the /etc/audit/les file. For systems that were previously installed, use the Logical Volume Manager (LVM) to create partitions.Įnsure docker version is up-to-date (1.03)ĭescription: Using up-to-date docker version will keep your host secureįollow the docker documentation in aim to upgrade your versionĮnsure auditing is configured for the docker daemon (1.05)ĭescription: Apart from auditing your regular Linux file system and system calls, audit Docker daemon as well. So, it's advisable to create a separate partition (logical volume) for storing Docker files.įor new installations, create a separate partition for /var/lib/docker mount point. This directory might fill up fast and soon Docker and the host could become unusable. General security controls Name (CCEID)Įnsure a separate partition for containers has been created (1.01)ĭescription: Docker depends on /var/lib/docker as the default directory where all Docker related files, including the images, are stored. Overview of the Azure Security Benchmark (V2).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |