From 6ea58eb09bd8dfe1ad8087d824058ea2184a7c86 Mon Sep 17 00:00:00 2001 From: shivkumar dudhani Date: Mon, 14 Oct 2019 14:18:43 -0700 Subject: [PATCH] fix names --- samples/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/README.md b/samples/README.md index 4210b53dfe..b7d04adff3 100644 --- a/samples/README.md +++ b/samples/README.md @@ -137,13 +137,13 @@ Linux divides the privileges traditionally associated with superuser into distin ## Check userID, groupIP & fsgroup used inside a Pod All processes inside the pod can be made to run with specific user and groupID by setting `runAsUser` and `runAsGroup` respectively. `fsGroup` can be specified to make sure any file created in the volume with have the specified groupID. These options can be used to validate the IDs used for user and group. -***Policy YAML***: [policy_validate_container_capabilities.yaml](more/policy_validate_user_group_fsgroup_id.yaml) +***Policy YAML***: [policy_validate_user_group_fsgroup_id.yaml](more/policy_validate_user_group_fsgroup_id.yaml) ## Configure kernel parameters inside pod The Sysctl interface allows to modify kernel parameters at runtime and in the pod can be specified under `securityContext.sysctls`. If kernel parameters in the pod are to be modified, should be handled cautiously, and policy with rules restricting these options will be helpful. We can control minimum and maximum port that a network connection can use as its source(local) port by checking net.ipv4.ip_local_port_range -***Policy YAML***: [policy_validate_container_capabilities.yaml](more/policy_validate_sysctl_configs.yaml) +***Policy YAML***: [policy_validate_sysctl_configs.yaml](more/policy_validate_sysctl_configs.yaml) **Additional Information** * [List of supported namespaced sysctl interfaces](https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/)