diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-10-16 16:13:04 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-10-16 16:13:04 +0300 |
| commit | d0eae6480d95ead463e5e92359df0c1f0caeb2b8 (patch) | |
| tree | 2955aa059a065b6513790ed260712b395602e0cf | |
| parent | c0e63699e5d6206bc02bee5dd40ed7f813d3fc8f (diff) | |
Support for Docker container detection
| -rw-r--r-- | include/consts | 1 | ||||
| -rw-r--r-- | include/functions | 26 | ||||
| -rwxr-xr-x | lynis | 8 |
3 files changed, 35 insertions, 0 deletions
diff --git a/include/consts b/include/consts index c556ef4b..ff3d214d 100644 --- a/include/consts +++ b/include/consts @@ -77,6 +77,7 @@ unset LANG CONTROL_URL_APPEND="" CONTROL_URL_PREPEND="" CONTROL_URL_PROTOCOL="" + CONTAINER_TYPE="" CREATE_REPORT_FILE=1 CSUMBINARY="" CUSTOM_URL_APPEND="" diff --git a/include/functions b/include/functions index db0d40ae..e5cbe30c 100644 --- a/include/functions +++ b/include/functions @@ -50,6 +50,7 @@ # GetHostID Retrieve an unique ID for this host # InsertSection Insert a section block # InsertPluginSection Insert a section block for plugins +# IsContainer Determine if program runs in a container # IsDebug Check if --debug is used # IsDeveloperMode Check if --developer is used # IsDeveloperVersion Check if program is a developer release @@ -1076,6 +1077,31 @@ ################################################################################ + # Name : IsContainer() + # Description : Determine if we are running in a container + # Returns : Exit code (0 = true, 1 = false) + # CONTAINER_TYPE + ################################################################################ + + IsContainer() { + FOUND=0 + if [ /proc/1/cgroups ]; then + FIND=$(cat /proc/1/cgroups | grep -i docker) + if [ $? -eq 0 ]; then + LogText "Result: found Docker in cgroups, so we are running in Docker container" + CONTAINER_TYPE="Docker"; FOUND=1 + EXITCODE=0 + fi + fi + if [ ${FOUND} -eq 0 ]; then + CONTAINER_TYPE="" + EXITCODE=1 + fi + return ${EXITCODE} + } + + + ################################################################################ # Name : IsDebug() # Description : Check if --debug option is used to show more details # Returns : 0 (True) or 1 (False) @@ -750,6 +750,14 @@ ${NORMAL} # # Use hardware detection capabilities IsVirtualMachine + if IsContainer; then + LogText "Result: ${PROGRAM_NAME} is running in container (${CONTAINER_TYPE})" + Report "container=1" + Report "container_type=${CONTAINER_TYPE}" + else + LogText "Result: ${PROGRAM_NAME} is not running in container" + Report "container=0" + fi IsNotebook # ################################################################################# |