STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-235797r627518_rule
V-235797
SRG-APP-000141
DKER-EE-001910
CAT II
10
This fix only applies to the UCP component of Docker Enterprise.
Disable usage and API analytics tracking in UCP:
via UI:
As a Docker EE Admin, navigate to "Admin Settings" | "Usage" in the UCP management console. Uncheck both the "Enable hourly usage reporting" and "Enable API and UI tracking" options. Click "Save".
via CLI:
Linux: As a Docker EE Admin, execute the following commands on a machine that can communicate with the UCP management console. Replace [ucp_url] with the UCP URL, [ucp_username] with the username of a UCP administrator and [ucp_password] with the password of a UCP administrator:
AUTHTOKEN=$(curl -sk -d '{"username":"[ucp_username]","password":"[ucp_password]"}' https://[ucp_url]/auth/login | jq -r .auth_token)
curl -sk -H "Authorization: Bearer $AUTHTOKEN" https://[ucp_url]/api/ucp/config-toml > ucp-config.toml
Open the "ucp-config.toml" file. Set both the "disable_usageinfo" and "disable_tracking" entries under the "[tracking_configuration]" section to "true". Save the file.
Execute the following commands to update UCP with the new configuration:
curl -sk -H "Authorization: Bearer $AUTHTOKEN" --upload-file ucp-config.toml https://[ucp_url]/api/ucp/config-toml
This check only applies to the UCP component of Docker Enterprise.
Verify that usage and API analytics tracking is disabled in UCP:
via UI:
As a Docker EE Admin, navigate to "Admin Settings" | "Usage" in the UCP management console. Verify that the "Enable hourly usage reporting" and "Enable API and UI tracking" options are both unchecked.
If either box is checked, this is a finding.
via CLI:
Linux (requires curl and jq): As a Docker EE Admin, execute the following commands on a machine that can communicate with the UCP management console. Replace [ucp_url] with the UCP URL, [ucp_username] with the username of a UCP administrator and [ucp_password] with the password of a UCP administrator.
AUTHTOKEN=$(curl -sk -d '{"username":"[ucp_username]","password":"[ucp_password]"}' https://[ucp_url]/auth/login | jq -r .auth_token)
curl -sk -H "Authorization: Bearer $AUTHTOKEN" https://[ucp_url]/api/ucp/config-toml
Look for the "disable_usageinfo" and "disable_tracking" entries under the "[tracking_configuration]" section in the output, and verify that they are both set to "true". If they are not, then this is a finding.
V-235797
False
DKER-EE-001910
This check only applies to the UCP component of Docker Enterprise.
Verify that usage and API analytics tracking is disabled in UCP:
via UI:
As a Docker EE Admin, navigate to "Admin Settings" | "Usage" in the UCP management console. Verify that the "Enable hourly usage reporting" and "Enable API and UI tracking" options are both unchecked.
If either box is checked, this is a finding.
via CLI:
Linux (requires curl and jq): As a Docker EE Admin, execute the following commands on a machine that can communicate with the UCP management console. Replace [ucp_url] with the UCP URL, [ucp_username] with the username of a UCP administrator and [ucp_password] with the password of a UCP administrator.
AUTHTOKEN=$(curl -sk -d '{"username":"[ucp_username]","password":"[ucp_password]"}' https://[ucp_url]/auth/login | jq -r .auth_token)
curl -sk -H "Authorization: Bearer $AUTHTOKEN" https://[ucp_url]/api/ucp/config-toml
Look for the "disable_usageinfo" and "disable_tracking" entries under the "[tracking_configuration]" section in the output, and verify that they are both set to "true". If they are not, then this is a finding.
M
5281