Fix ownership related to Calico (#8072)
kube-bench scan outputs warning related to Calico like: * text: "Ensure that the Container Network Interface file permissions are set to 644 or more restrictive (Manual)" * text: "Ensure that the Container Network Interface file ownership is set to root:root (Manual)" This fixes these warnings.
This commit is contained in:
parent
6a5b87dda4
commit
19d07a4f2e
2 changed files with 2 additions and 2 deletions
|
@ -36,7 +36,7 @@
|
|||
file:
|
||||
path: /etc/cni/net.d
|
||||
state: directory
|
||||
owner: kube
|
||||
owner: root
|
||||
mode: 0755
|
||||
- name: Setup CNI
|
||||
copy:
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
template:
|
||||
src: "cni-calico.conflist.j2"
|
||||
dest: "/etc/cni/net.d/calico.conflist.template"
|
||||
owner: kube
|
||||
owner: root
|
||||
register: calico_conflist
|
||||
notify: reset_calico_cni
|
||||
|
||||
|
|
Loading…
Reference in a new issue