Skip to content

Commit eca0c36

Browse files
banjohbanjoh
authored
chore: add additional security tools check in support bundle (#2227)
1 parent 1bc5d72 commit eca0c36

File tree

1 file changed

+20
-1
lines changed

1 file changed

+20
-1
lines changed

cmd/installer/goods/support/host-support-bundle.tmpl.yaml

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -299,6 +299,16 @@ spec:
299299
collectorName: "ps-detect-antivirus-and-security-tools"
300300
command: "sh"
301301
args: [-c, "ps -ef | grep -E 'clamav|sophos|esets_daemon|fsav|symantec|mfend|ds_agent|kav|bdagent|s1agent|falcon|illumio|xagt|wdavdaemon|mdatp' | grep -v grep"]
302+
- systemPackages:
303+
collectorName: security-tools-packages
304+
ubuntu:
305+
- sdcss-kmod
306+
- sdcss
307+
- sdcss-scripts
308+
rhel:
309+
- sdcss-kmod
310+
- sdcss
311+
- sdcss-scripts
302312
- filesystemPerformance:
303313
collectorName: filesystem-write-latency-etcd
304314
timeout: 5m
@@ -620,7 +630,7 @@ spec:
620630
- textAnalyze:
621631
checkName: "Detect Threat Management and Network Security Tools"
622632
fileName: host-collectors/run-host/ps-detect-antivirus-and-security-tools.txt
623-
regex: '\b(clamav|sophos|esets_daemon|fsav|symantec|mfend|ds_agent|kav|bdagent|s1agent|falcon|illumio|xagt|wdavdaemon)\b'
633+
regex: '\b(clamav|sophos|esets_daemon|fsav|symantec|mfend|ds_agent|kav|bdagent|s1agent|falcon|illumio|xagt|wdavdaemon|mdatp)\b'
624634
ignoreIfNoFiles: true
625635
outcomes:
626636
- fail:
@@ -629,6 +639,15 @@ spec:
629639
- pass:
630640
when: "false"
631641
message: "No antivirus or network security tools detected."
642+
- systemPackages:
643+
checkName: "Detected Security Packages"
644+
collectorName: security-tools-packages
645+
outcomes:
646+
- fail:
647+
when: '{{ "{{" }} .IsInstalled {{ "}}" }}'
648+
message: Package {{ "{{" }} .Name {{ "}}" }} is installed. This tool can interfere with kubernetes operation. Ensure the tool is either disabled or configured to not interfere with kubernetes operation.
649+
- pass:
650+
message: Package {{ "{{" }} .Name {{ "}}" }} is not installed
632651
- filesystemPerformance:
633652
checkName: Filesystem Write Latency
634653
collectorName: filesystem-write-latency-etcd

0 commit comments

Comments
 (0)