Patrick Münch

@mcgege thanks for your feedback. i agree with you. it should be something like this: ``` describe file('/etc/hosts.equiv') do it { should_not exist } end ``` and to limit the...

@mike-stewart i tested it and it is working. i used the inspec version 1.31.1 and the compliance server 1.10.2 i included you my commands, which i used to upload the...

i agree it can produce a big logfile. @artem-sidorenko , @chris-rock your opinion? I am not aware anymore why we activate this

Hi @bartosznaumowicz-olx , if i understood your question correctly you want to test the services within the container. like a nginx or so? Then you have to execute the nginx-baseline...

@bartosznaumowicz-olx Sorry, may be i have a long line today. This Benchamrk tests the docker host and the running containers on this host. Inspec is able to inspect the running...

the cis-docker-benchmark design is to have access to the docker host to inspec the CIS Rules from the host and the running container. You can run it locally like inspec...

sorry, now i got your point. the baseline design is that you execute inspec via ssh or locally on shell. if you want to use the baseline via the docker...

@bartosznaumowicz-olx this is a nice tutorial about the inspec docker resource http://lollyrock.com/articles/inspec-for-docker/

@bartosznaumowicz-olx can i close this issue?

@anweiss thanks for bringing this up. yes this would be great to find an alternative for this