It is failing to audit the file permissions

[vijaysaladi]

Overview

I am using the kube-bench for AKS and running it on OCI OKE. I have provided the config file path as static values in config.yaml file. As of now, Our file config file permissions are set as 744 (for testing). But as per the requirement it should be 644 or more restrictive. But the test results are showing as PASS instead of fail.

[A clear and concise description of what the bug is]

How did you run kube-bench?

Deploying it as pod using the custom docker image that i build with my modified code to audit OCI OKE.

What happened?

The file permissions as showing as

[root@oke-c-1 /]# stat -c %a /var/lib/kubelet/oke_kubelet_conf.json
744
[root@oke-c-1 /]#

But the test results are showing as this.

[PASS] 3.1.1 Ensure that the kubeconfig file permissions are set to 644 or more restrictive (Manual).

What did you expect to happen:

It should fail as the permissions are set as 744.

Environment

[What is your version of kube-bench? (run kube-bench version)]

aks-1.0

[What is your version of Kubernetes? (run kubectl version or oc version on OpenShift.)]

Client Version: v1.31.3
Kustomize Version: v5.4.2
Server Version: v1.31.1

[vijaysaladi]

The issue is resolved. The path for the kubeconfig is taking incorrectly. Modified the code to take the exact path for configuration files.

Is there anyway to push this code into this repository? It will useful for anyone trying to audit there OCI OKE cluster.

[afdesk]

Is there anyway to push this code into this repository? It will useful for anyone trying to audit there OCI OKE cluster.

sure, you can create a new PR to fix it!
thanks for your time!