From 24ebbdba689aecfefd8b04195f15f7903e9685fc Mon Sep 17 00:00:00 2001 From: daemon1024 Date: Mon, 21 Oct 2024 18:30:26 +0530 Subject: [PATCH] fix(tests): make test policies compatible with newer ubuntu Signed-off-by: daemon1024 --- .../k8s_env/blockposture/res/ksp-wordpress-allow-file.yaml | 4 +++- .../configmap/manifests/ksp-partialyAnnotated-allow.yaml | 2 +- .../k8s_env/configmap/manifests/ksp-unannotated-allow.yaml | 2 ++ tests/k8s_env/ksp/ksp_test.go | 2 +- .../ksp-group-1-block-proc-path-from-source.yaml | 4 ++-- .../ksp/multiubuntu/ksp-group-1-block-proc-path.yaml | 4 ++-- .../ksp-group-2-allow-file-path-from-source-path.yaml | 5 +++-- .../ksp-group-2-allow-file-path-owner-from-source-path.yaml | 5 +++-- .../ksp-group-2-audit-file-path-from-source-path.yaml | 2 +- .../ksp-group-2-audit-file-path-owner-from-source-path.yaml | 2 +- .../ksp/multiubuntu/ksp-group-2-audit-proc-path.yaml | 2 +- .../ksp-group-2-block-file-path-from-source-path.yaml | 2 +- .../ksp-group-2-block-file-path-owner-from-source-path.yaml | 2 +- .../ksp/multiubuntu/ksp-ubuntu-3-allow-file-path-owner.yaml | 4 ++-- .../ksp/multiubuntu/ksp-ubuntu-3-allow-proc-dir.yaml | 3 +++ .../ksp/multiubuntu/ksp-ubuntu-3-allow-proc-path-owner.yaml | 2 ++ ...u-4-allow-file-path-owner-readonly-from-source-path.yaml | 6 ++++-- ...-ubuntu-4-allow-file-path-readonly-from-source-path.yaml | 2 +- .../multicontainer/manifests/container-1-ls-block.yaml | 2 +- .../multicontainer/manifests/empty-array-ls-block.yaml | 2 +- .../multicontainer/manifests/empty-label-ls-block.yaml | 2 +- .../manifests/malformated-array-ls-block.yaml | 2 +- .../privileged/manifests/caps-container-block-ls.yaml | 2 +- .../privileged/manifests/priv-container-block-ls.yaml | 2 +- .../ksp-ubuntu-1-proc-path-block-from-source.yaml | 4 ++-- .../ksp-ubuntu-1-file-path-block-from-source.yaml | 2 +- .../ksp-ubuntu-1-file-path-allow-from-source.yaml | 2 +- tests/k8s_env/smoke/res/ksp-wordpress-allow-tcp.yaml | 2 +- tests/k8s_env/smoke/res/ksp-wordpress-block-config.yaml | 2 +- tests/k8s_env/smoke/res/ksp-wordpress-lenient-allow-sa.yaml | 2 +- tests/k8s_env/smoke/res/ksp-wordpress-two-policies.yaml | 4 ++-- .../matchpaths/unlink-dir-recursive-fromsource-dir.yaml | 2 +- .../matchpaths/unlink-dir-recursive-fromsource-path.yaml | 2 +- 33 files changed, 51 insertions(+), 38 deletions(-) diff --git a/tests/k8s_env/blockposture/res/ksp-wordpress-allow-file.yaml b/tests/k8s_env/blockposture/res/ksp-wordpress-allow-file.yaml index 107d362a89..acec7adfe1 100644 --- a/tests/k8s_env/blockposture/res/ksp-wordpress-allow-file.yaml +++ b/tests/k8s_env/blockposture/res/ksp-wordpress-allow-file.yaml @@ -17,6 +17,7 @@ spec: recursive: true - dir: /lib/x86_64-linux-gnu/ - dir: /bin/ + - dir: /usr/bin/ - dir: /pts/ recursive: true - dir: /dev/ @@ -27,11 +28,12 @@ spec: - path: /dev/tty - path: /lib/terminfo/x/xterm - fromSource: - - path: /bin/cat + - path: /usr/bin/cat path: /var/www/html/readme.html process: matchDirectories: - dir: /bin/ + - dir: /usr/bin/ recursive: true # http://[NodeIP]:30080 diff --git a/tests/k8s_env/configmap/manifests/ksp-partialyAnnotated-allow.yaml b/tests/k8s_env/configmap/manifests/ksp-partialyAnnotated-allow.yaml index 0fa7935253..efaa4a7b45 100644 --- a/tests/k8s_env/configmap/manifests/ksp-partialyAnnotated-allow.yaml +++ b/tests/k8s_env/configmap/manifests/ksp-partialyAnnotated-allow.yaml @@ -15,7 +15,7 @@ spec: - path: /usr/bin/curl process: matchDirectories: - - dir: /bin/ # required to change root to user1 + - dir: /usr/bin/ # required to change root to user1 recursive: true - dir: /usr/bin/ # used in changing accounts recursive: true diff --git a/tests/k8s_env/configmap/manifests/ksp-unannotated-allow.yaml b/tests/k8s_env/configmap/manifests/ksp-unannotated-allow.yaml index e44a82dd72..3998bdd559 100644 --- a/tests/k8s_env/configmap/manifests/ksp-unannotated-allow.yaml +++ b/tests/k8s_env/configmap/manifests/ksp-unannotated-allow.yaml @@ -21,6 +21,7 @@ spec: - dir: /pts/ - dir: /bin/ - dir: /usr/bin/ + - dir: /usr/bin/ - dir: /proc/ recursive: true - dir: /dev/ @@ -33,6 +34,7 @@ spec: process: matchDirectories: - dir: /bin/ # required to change root to user1 + - dir: /usr/bin/ # required to change root to user1 - dir: /usr/bin/ # used in changing accounts action: Allow diff --git a/tests/k8s_env/ksp/ksp_test.go b/tests/k8s_env/ksp/ksp_test.go index 37d48b5218..7be8d5e6e5 100644 --- a/tests/k8s_env/ksp/ksp_test.go +++ b/tests/k8s_env/ksp/ksp_test.go @@ -1832,7 +1832,7 @@ var _ = Describe("Ksp", func() { ) expectLog := protobuf.Log{ - Source: "/bin/cat /dev/shm/new", + Source: "/usr/bin/cat /dev/shm/new", Result: "Passed", } diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path-from-source.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path-from-source.yaml index 6680be01f0..d25f6479f2 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path-from-source.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path-from-source.yaml @@ -11,9 +11,9 @@ spec: group: group-1 process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls fromSource: - - path: /bin/dash + - path: /usr/bin/dash action: Block diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path.yaml index c19e78a629..788720e7de 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-1-block-proc-path.yaml @@ -11,7 +11,7 @@ spec: group: group-1 process: matchPaths: - - path: /bin/sleep + - path: /usr/bin/sleep action: Block @@ -19,4 +19,4 @@ spec: # test # $ sleep 1 -# bash: /bin/sleep: Permission denied +# bash: /usr/bin/sleep: Permission denied diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-from-source-path.yaml index 4e70b9e368..4a78ac03f9 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-from-source-path.yaml @@ -12,12 +12,12 @@ spec: process: matchDirectories: - dir: /bin/ - recursive: true + - dir: /usr/bin/ file: matchPaths: - path: /secret.txt fromSource: - - path: /bin/cat + - path: /usr/bin/cat - path: /dev/tty - path: /lib/terminfo/x/xterm matchDirectories: @@ -29,6 +29,7 @@ spec: recursive: true - dir: /lib/x86_64-linux-gnu/ - dir: /bin/ + - dir: /usr/bin/ action: Allow diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-owner-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-owner-from-source-path.yaml index 5066e93a2b..93afc1bdc0 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-owner-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-allow-file-path-owner-from-source-path.yaml @@ -11,6 +11,7 @@ spec: process: # base whitelisting rules matchDirectories: - dir: /bin/ # required to change root to user1 / try 'su - user1' + - dir: /usr/bin/ # required to change root to user1 / try 'su - user1' recursive: true - dir: /usr/bin/ # used in changing accounts recursive: true @@ -19,8 +20,8 @@ spec: - path: /home/user1/secret_data1.txt ownerOnly: true fromSource: - - path: /bin/cat - # - path: /bin/su + - path: /usr/bin/cat + # - path: /usr/bin/su - path: /root/.bashrc # used by root - path: /root/.bash_history # used by root - path: /home/user1/.profile # used by user1 diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-from-source-path.yaml index d03ddadc48..2cae95985e 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-from-source-path.yaml @@ -13,7 +13,7 @@ spec: matchPaths: - path: /secret.txt fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Audit diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-owner-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-owner-from-source-path.yaml index 3497bd1937..074aafc611 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-owner-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-file-path-owner-from-source-path.yaml @@ -13,7 +13,7 @@ spec: - path: /home/user1/secret_data1.txt ownerOnly: true fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Audit diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-proc-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-proc-path.yaml index 6910a55f3c..820d271aff 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-proc-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-audit-proc-path.yaml @@ -10,7 +10,7 @@ spec: group: group-2 process: matchPaths: - - path: /bin/sleep + - path: /usr/bin/sleep action: Audit diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-from-source-path.yaml index dad9d9939b..4f1b60a63f 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-from-source-path.yaml @@ -13,7 +13,7 @@ spec: matchPaths: - path: /secret.txt fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Block diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-owner-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-owner-from-source-path.yaml index 3dad131055..6ef52b9926 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-owner-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-group-2-block-file-path-owner-from-source-path.yaml @@ -13,7 +13,7 @@ spec: - path: /home/user1/secret_data1.txt ownerOnly: true fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Block diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-file-path-owner.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-file-path-owner.yaml index 54f487a9a6..441c4603f7 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-file-path-owner.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-file-path-owner.yaml @@ -10,7 +10,7 @@ spec: container: ubuntu-3 process: matchDirectories: - - dir: /bin/ # required to change root to user1 + - dir: /bin # required to change root to user1 recursive: true - dir: /usr/bin/ # used in changing accounts recursive: true @@ -36,7 +36,7 @@ spec: recursive: true - dir: /pts/ # used by root and user1 recursive: true - - dir: /bin/ + - dir: /usr/bin/ recursive: true action: Allow diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-dir.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-dir.yaml index fd84eaa04b..9b2d0ec8b7 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-dir.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-dir.yaml @@ -13,6 +13,8 @@ spec: matchDirectories: - dir: /bin/ recursive: true + - dir: /usr/bin/ + recursive: true file: matchPaths: - path: /root/.bashrc # used by root @@ -30,6 +32,7 @@ spec: recursive: true - dir: /lib/x86_64-linux-gnu/ - dir: /bin/ + - dir: /usr/bin/ # - dir: /etc/ # required to change root to user1 (coarse-grained way) # recursive: true # - dir: /lib/ # used by root and user1 diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-path-owner.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-path-owner.yaml index f583110463..2368f93e43 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-path-owner.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-3-allow-proc-path-owner.yaml @@ -39,6 +39,8 @@ spec: recursive: true - dir: /bin/ recursive: true + - dir: /usr/bin/ + recursive: true - dir: /dev/ recursive: true action: diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-owner-readonly-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-owner-readonly-from-source-path.yaml index 6b0a6b92b6..abbb0dda19 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-owner-readonly-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-owner-readonly-from-source-path.yaml @@ -15,7 +15,7 @@ spec: matchPaths: - path: /home/user1/readwrite # fromSource: - # - path: /bin/su + # - path: /usr/bin/su matchDirectories: - dir: /bin/ # required to change root to user1 / try 'su - user1' recursive: true @@ -29,7 +29,7 @@ spec: fromSource: - path: /home/user1/readwrite - path: /home/user1/readwrite - # - path: /bin/su + # - path: /usr/bin/su - path: /root/.bashrc # used by root - path: /root/.bash_history # used by root - path: /home/user1/.profile # used by user1 @@ -50,6 +50,8 @@ spec: recursive: true - dir: /bin/ recursive: true + - dir: /usr/bin/ + recursive: true action: Allow diff --git a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-readonly-from-source-path.yaml b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-readonly-from-source-path.yaml index 76edc5018f..426963c2da 100644 --- a/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-readonly-from-source-path.yaml +++ b/tests/k8s_env/ksp/multiubuntu/ksp-ubuntu-4-allow-file-path-readonly-from-source-path.yaml @@ -13,7 +13,7 @@ spec: container: ubuntu-4 file: matchDirectories: - - dir: /bin/ # used by root + - dir: /usr/bin/ # used by root recursive: true - dir: /pts/ recursive: true diff --git a/tests/k8s_env/multicontainer/manifests/container-1-ls-block.yaml b/tests/k8s_env/multicontainer/manifests/container-1-ls-block.yaml index 775307354b..ce764670b9 100644 --- a/tests/k8s_env/multicontainer/manifests/container-1-ls-block.yaml +++ b/tests/k8s_env/multicontainer/manifests/container-1-ls-block.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "[container-1]" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block diff --git a/tests/k8s_env/multicontainer/manifests/empty-array-ls-block.yaml b/tests/k8s_env/multicontainer/manifests/empty-array-ls-block.yaml index 65522b8ffd..16a89f6139 100644 --- a/tests/k8s_env/multicontainer/manifests/empty-array-ls-block.yaml +++ b/tests/k8s_env/multicontainer/manifests/empty-array-ls-block.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "[]" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block diff --git a/tests/k8s_env/multicontainer/manifests/empty-label-ls-block.yaml b/tests/k8s_env/multicontainer/manifests/empty-label-ls-block.yaml index 761380ce04..5c4ea7411a 100644 --- a/tests/k8s_env/multicontainer/manifests/empty-label-ls-block.yaml +++ b/tests/k8s_env/multicontainer/manifests/empty-label-ls-block.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block diff --git a/tests/k8s_env/multicontainer/manifests/malformated-array-ls-block.yaml b/tests/k8s_env/multicontainer/manifests/malformated-array-ls-block.yaml index 0e8d12b96a..4633ce9c80 100644 --- a/tests/k8s_env/multicontainer/manifests/malformated-array-ls-block.yaml +++ b/tests/k8s_env/multicontainer/manifests/malformated-array-ls-block.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "[container-1,,]" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block diff --git a/tests/k8s_env/privileged/manifests/caps-container-block-ls.yaml b/tests/k8s_env/privileged/manifests/caps-container-block-ls.yaml index 6c5d896426..4d9fad48c7 100644 --- a/tests/k8s_env/privileged/manifests/caps-container-block-ls.yaml +++ b/tests/k8s_env/privileged/manifests/caps-container-block-ls.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "[caps-container]" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block \ No newline at end of file diff --git a/tests/k8s_env/privileged/manifests/priv-container-block-ls.yaml b/tests/k8s_env/privileged/manifests/priv-container-block-ls.yaml index c02d6b7922..286706345a 100644 --- a/tests/k8s_env/privileged/manifests/priv-container-block-ls.yaml +++ b/tests/k8s_env/privileged/manifests/priv-container-block-ls.yaml @@ -11,7 +11,7 @@ spec: kubearmor.io/container.name: "[priv-container]" process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls # ls action: Block \ No newline at end of file diff --git a/tests/k8s_env/scenarios/github_test_01/ksp-ubuntu-1-proc-path-block-from-source.yaml b/tests/k8s_env/scenarios/github_test_01/ksp-ubuntu-1-proc-path-block-from-source.yaml index d276d208bf..ea93909058 100644 --- a/tests/k8s_env/scenarios/github_test_01/ksp-ubuntu-1-proc-path-block-from-source.yaml +++ b/tests/k8s_env/scenarios/github_test_01/ksp-ubuntu-1-proc-path-block-from-source.yaml @@ -11,8 +11,8 @@ spec: container: ubuntu-1 process: matchPaths: - - path: /bin/ls + - path: /usr/bin/ls fromSource: - - path: /bin/dash + - path: /usr/bin/dash action: Block diff --git a/tests/k8s_env/scenarios/github_test_04/ksp-ubuntu-1-file-path-block-from-source.yaml b/tests/k8s_env/scenarios/github_test_04/ksp-ubuntu-1-file-path-block-from-source.yaml index 1e0d8bd93c..f1d4fb856e 100644 --- a/tests/k8s_env/scenarios/github_test_04/ksp-ubuntu-1-file-path-block-from-source.yaml +++ b/tests/k8s_env/scenarios/github_test_04/ksp-ubuntu-1-file-path-block-from-source.yaml @@ -13,6 +13,6 @@ spec: matchPaths: - path: /secret.txt fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Block diff --git a/tests/k8s_env/scenarios/github_test_05/ksp-ubuntu-1-file-path-allow-from-source.yaml b/tests/k8s_env/scenarios/github_test_05/ksp-ubuntu-1-file-path-allow-from-source.yaml index 0ca46b42b9..7309cdda57 100644 --- a/tests/k8s_env/scenarios/github_test_05/ksp-ubuntu-1-file-path-allow-from-source.yaml +++ b/tests/k8s_env/scenarios/github_test_05/ksp-ubuntu-1-file-path-allow-from-source.yaml @@ -13,6 +13,6 @@ spec: matchPaths: - path: /secret.txt fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Allow diff --git a/tests/k8s_env/smoke/res/ksp-wordpress-allow-tcp.yaml b/tests/k8s_env/smoke/res/ksp-wordpress-allow-tcp.yaml index b25a723f78..6aeb4f0379 100644 --- a/tests/k8s_env/smoke/res/ksp-wordpress-allow-tcp.yaml +++ b/tests/k8s_env/smoke/res/ksp-wordpress-allow-tcp.yaml @@ -13,6 +13,6 @@ spec: - protocol: tcp fromSource: - path: /usr/bin/curl - - path: /bin/bash + - path: /usr/bin/bash action: Allow \ No newline at end of file diff --git a/tests/k8s_env/smoke/res/ksp-wordpress-block-config.yaml b/tests/k8s_env/smoke/res/ksp-wordpress-block-config.yaml index 886756cfb0..2d5b68118a 100644 --- a/tests/k8s_env/smoke/res/ksp-wordpress-block-config.yaml +++ b/tests/k8s_env/smoke/res/ksp-wordpress-block-config.yaml @@ -13,7 +13,7 @@ spec: matchPaths: - path: /var/www/html/wp-config.php fromSource: - - path: /bin/cat + - path: /usr/bin/cat # http://[NodeIP]:30080 # cat /var/www/html/wp-config.php diff --git a/tests/k8s_env/smoke/res/ksp-wordpress-lenient-allow-sa.yaml b/tests/k8s_env/smoke/res/ksp-wordpress-lenient-allow-sa.yaml index 5b52083188..5f4f21ea74 100644 --- a/tests/k8s_env/smoke/res/ksp-wordpress-lenient-allow-sa.yaml +++ b/tests/k8s_env/smoke/res/ksp-wordpress-lenient-allow-sa.yaml @@ -18,7 +18,7 @@ spec: - dir: /run/secrets/kubernetes.io/serviceaccount/ recursive: true fromSource: - - path: /bin/cat + - path: /usr/bin/cat process: matchDirectories: - dir: / diff --git a/tests/k8s_env/smoke/res/ksp-wordpress-two-policies.yaml b/tests/k8s_env/smoke/res/ksp-wordpress-two-policies.yaml index 8283e7ef69..15385494d1 100644 --- a/tests/k8s_env/smoke/res/ksp-wordpress-two-policies.yaml +++ b/tests/k8s_env/smoke/res/ksp-wordpress-two-policies.yaml @@ -13,7 +13,7 @@ spec: matchPaths: - path: /etc/passwd fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Block --- @@ -32,6 +32,6 @@ spec: matchPaths: - path: /etc/shadow fromSource: - - path: /bin/cat + - path: /usr/bin/cat action: Block diff --git a/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-dir.yaml b/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-dir.yaml index bbdd8934f7..f88dea9d6b 100644 --- a/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-dir.yaml +++ b/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-dir.yaml @@ -14,6 +14,6 @@ spec: path: /home/ recursive: true fromSource: - - dir: /bin/ + - dir: /usr/bin/ action: Audit diff --git a/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-path.yaml b/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-path.yaml index 2cbd69fe45..492bba95e5 100644 --- a/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-path.yaml +++ b/tests/k8s_env/syscalls/manifests/matchpaths/unlink-dir-recursive-fromsource-path.yaml @@ -14,6 +14,6 @@ spec: path: /home/ recursive: true fromSource: - - path: /bin/unlink + - path: /usr/bin/unlink action: Audit