Update tests 3.7,3.8

cfg/1.13.0/definitions.yaml

@@ -629,20 +629,22 @@ groups:
   - id: 3.7
     description: "Ensure that registry certificate file ownership is set to root:root
     (Scored)"
-    audit: /bin/sh -c "if [ -d /etc/docker/certs.d ]; then stat -c %U:%G /etc/docker/certs.d/*; fi"
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%U:%G %n" {} \;'
     tests:
       test_items:
       - flag: "root:root"
         set: true
     remediation: |
-      chown root:root /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chown root:root {} \;
       This would set the ownership and group-ownership for the registry certificate files to root .
     scored: true
 
   - id: 3.8
     description: "Ensure that registry certificate file permissions are set to 444 or
     more restrictive (Scored)"
-    audit: /bin/sh -c "if [ -d /etc/docker/certs.d ]; then stat -c %a /etc/docker/certs.d/*; fi"
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%a %n" {} \;'
     tests:
       test_items:
       - flag: "444"
@@ -651,7 +653,7 @@ groups:
           value: "444"
         set: true
     remediation: |
-      chmod 444 /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chmod 0444 {} \;
       This would set the permissions for registry certificate files to 444 .
     scored: true
 

cfg/17.06/definitions.yaml

@@ -607,20 +607,22 @@ groups:
   - id: 3.7
     description: "Ensure that registry certificate file ownership is set to root:root
     (Scored)"
-    audit: stat -c %U:%G /etc/docker/certs.d/*
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%U:%G %n" {} \;'
     tests:
       test_items:
       - flag: "root:root"
         set: true
     remediation: |
-      chown root:root /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chown root:root {} \;
       This would set the ownership and group-ownership for the registry certificate files to root .
     scored: true
 
   - id: 3.8
     description: "Ensure that registry certificate file permissions are set to 444 or
     more restrictive (Scored)"
-    audit: stat -c %a /etc/docker/certs.d/*
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%a %n" {} \;'
     tests:
       test_items:
       - flag: "444"
@@ -629,7 +631,7 @@ groups:
           value: "444"
         set: true
     remediation: |
-      chmod 444 /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chmod 0444 {} \;
       This would set the permissions for registry certificate files to 444 .
     scored: true
 

cfg/18.09/definitions.yaml

@@ -626,22 +626,22 @@ groups:
   - id: 3.7
     description: "Ensure that registry certificate file ownership is set to root:root
     (Scored)"
-    audit: stat -c %U:%G /etc/docker/certs.d/*
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%U:%G %n" {} \;'
     tests:
       test_items:
       - flag: "root:root"
         set: true
     remediation: |
-      The following command could be executed:
-      chown root:root /etc/docker/certs.d/<registry-name>/*
-      This would set the individual ownership and group ownership for the registry certificate
-      files to root.
+      find /etc/docker/certs.d/ -type f -exec chown root:root {} \;
+      This would set the ownership and group-ownership for the registry certificate files to root .
     scored: true
 
   - id: 3.8
     description: "Ensure that registry certificate file permissions are set to 444 or
     more restrictive (Scored)"
-    audit: stat -c %a /etc/docker/certs.d/*
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%a %n" {} \;'
     tests:
       test_items:
       - flag: "444"
@@ -650,8 +650,7 @@ groups:
           value: "444"
         set: true
     remediation: |
-      You should execute the following command:
-      chmod 444 /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chmod 0444 {} \;
       This would set the permissions for registry certificate files to 444 .
     scored: true
 

cfg/ocp-3.9/definitions.yaml

@@ -632,23 +632,22 @@ groups:
   - id: 3.7
     description: "Ensure that registry certificate file ownership is set to root:root
     (Scored)"
-    audit: /bin/sh -c "if [ -d /etc/docker/certs.d ]; then stat -c %U:%G /etc/docker/certs.d/*; fi"
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%U:%G %n" {} \;'
     tests:
       test_items:
       - flag: "root:root"
-        compare:
-          op: eq
-          value: ""
         set: true
     remediation: |
-      chown root:root /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chown root:root {} \;
       This would set the ownership and group-ownership for the registry certificate files to root .
     scored: true
 
   - id: 3.8
     description: "Ensure that registry certificate file permissions are set to 444 or
     more restrictive (Scored)"
-    audit: /bin/sh -c "if [ -d /etc/docker/certs.d ]; then stat -c %a /etc/docker/certs.d/*; fi"
+    use_multiple_values: true
+    audit: 'find /etc/docker/certs.d/ -type f -exec stat -c "%a %n" {} \;'
     tests:
       test_items:
       - flag: "444"
@@ -657,7 +656,7 @@ groups:
           value: "444"
         set: true
     remediation: |
-      chmod 444 /etc/docker/certs.d/<registry-name>/*
+      find /etc/docker/certs.d/ -type f -exec chmod 0444 {} \;
       This would set the permissions for registry certificate files to 444 .
     scored: true