Etcd check failed with a custom etcd setup

[RolandMa1986]

trafficstars

Overview We have a custom Etcd cluster that setup with systemd and bash scripts. We can't pass the 'Etcd Node Configuration' check.

Environment Kubernetes v1.18.6 Kube-bench: v0.5.0

Running processes

$ /bin/ps -f -C etcd 
UID        PID  PPID  C STIME TTY          TIME CMD
root      2448     1  0 Feb18 ?        00:00:00 /bin/bash /usr/local/bin/etcd # this is a bash script that use to start a etcd container.
root      2533  2497  2 Feb18 ?        02:37:29 /usr/local/bin/etcd # the real etcd process inside container

Anything else you would like to add: All of our settings are presented in the Environment. But it seems the default AuditEnv command can't handle the above situation, since the /bin/ps -C etcd -o pid= would return 2 lines. https://github.com/aquasecurity/kube-bench/blob/3e9b5a7b49048c7ca59beed2b87899ddd9673736/cmd/common.go#L141

Definitely, we can resolve this issue by renaming the script or create a customized cis cfg. But on the other hand, I'm wondering could the default AuditEnv command be changed to a more specific command that exactly matches the etcd command instead of the script.

[yoavrotems]

Hey currently we have other issues and enhancements and won't add this enhancement, because there is an easy fix I would do it and just use in one of the fixes you suggested. I will leave this issue open and tag as help wanted if someone from the community will want to contribute in the subject :)