From e4100a443591ec068c22568e5e4c6f1b2ebb6eb4 Mon Sep 17 00:00:00 2001
From: hutr <Huy4936@gmail.com>
Date: Mon, 28 May 2018 15:39:07 +0200
Subject: [PATCH] fixed grep string for 1.4.11 and 1.4.22

check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
---
 cfg/1.8/master.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/cfg/1.8/master.yaml b/cfg/1.8/master.yaml
index 7fb9dfa..59117e8 100644
--- a/cfg/1.8/master.yaml
+++ b/cfg/1.8/master.yaml
@@ -942,9 +942,8 @@ groups:
 
   - id: 1.4.11
     text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)"
-    audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
-    tests:
-      test_items:
+    audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
+    test_items:
       - flag: "700"
         compare:
           op: eq
@@ -960,7 +959,7 @@ groups:
 
   - id: 1.4.12
     text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)"
-    audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
+    audit: ps -ef | grep $etcdbin | grep -- --data-dir | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
     tests:
       test_items:
       - flag: "etcd:etcd"
-- 
GitLab