elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-08-04 14:21:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
damcava35/deb12_scripts_4
debian-cis/tests/docker/Dockerfile.debian12
damien cavagnini a7bc6a47f9 feat: add new checks for debian12 
systemd_timesyncd_is_enabled_and_running.sh	-> 2.3.2.2
rpcbind_is_disabled.sh				-> 2.1.12
ftp_client_not_installed.sh			-> 2.2.6
chrony_with_chrony_user.sh			-> 2.3.3.2
ipv6_is_enabled.sh				-> 3.1.1
2025-07-31 11:43:37 +02:00

22 lines
764 B
Docker
Raw Permalink Blame History

FROM debian:bookworm
LABEL vendor="OVH"
LABEL project="debian-cis"
LABEL url="https://github.com/ovh/debian-cis"
LABEL description="This image is used to run tests"
RUN groupadd -g 500 secaudit && useradd -u 500 -g 500 -s /bin/bash secaudit && install -m 700 -o secaudit -g secaudit -d /home/secaudit
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y openssh-server sudo syslog-ng net-tools auditd cron iproute2 procps
COPY --chown=500:500 . /opt/debian-cis/
COPY debian/default /etc/default/cis-hardening
RUN sed -i 's#cis-hardening#debian-cis#' /etc/default/cis-hardening
COPY cisharden.sudoers /etc/sudoers.d/secaudit
RUN sed -i 's#cisharden#secaudit#' /etc/sudoers.d/secaudit
ENTRYPOINT ["/opt/debian-cis/tests/launch_tests.sh"]
Reference in New Issue View Git Blame Copy Permalink