Edit control "cis-docker-benchmark-1.11"

controls/docker_host_os_level1.rb

@@ -170,11 +170,11 @@
 
 control 'cis-docker-benchmark-1.11' do
   impact 1.0
-  title 'Audit Docker files and directories - docker.service'
-  desc 'Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. Docker daemon runs with \'root\' privileges. Its behavior depends on some key files and directories. docker.service is one such file. The docker.service file might be present if the daemon parameters have been changed by an administrator. It holds various parameters for Docker daemon. It must be audited, if applicable.'
+  title 'Audit Docker files and directories - docker.socket'
+  desc 'Apart from auditing your regular Linux file system and system calls, audit all Docker related files and directories. Docker daemon runs with \'root\' privileges. Its behavior depends on some key files and directories. docker.socket is one such file. It holds various parameters for Docker daemon socket. It must be audited, if applicable.'
   ref 'https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-system_auditing.html'
 
-  if docker.path
+  if docker.socket
     rule = '-w ' + docker.socket + ' -p rwxa -k docker'
     describe auditd_rules do
       its(:lines) { should include(rule) }