4.1 Worker Node Configuration Files
4.1.1 Ensure that the kubelet service file permissions are set to 644 or more restrictive (Automated)
Recommended Action
By default, the kubelet service file has permissions of 644.
4.1.2 Ensure that the kubelet service file ownership is set to root:root (Automated)
Recommended Action
By default, the kubelet service file has ownership of root:root.
4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
Recommended Action
None needed.
4.1.4 Ensure that the proxy kubeconfig file ownership is set to root:root (Manual)
Recommended Action
None required. The configuration is managed by OpenShift operators.
4.1.5 Ensure that the –kubeconfig kubelet.conf file permissions are set to 644 or more restrictive (Manual)
Recommended Action
None required.
4.1.6 Ensure that the –kubeconfig kubelet.conf file ownership is set to root:root (Manual)
Recommended Action
None required.
4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Automated)
Recommended Action
None required.
4.1.8 Ensure that the client certificate authorities file ownership is set to root:root (Automated)
Recommended Action
None required.
4.1.9 Ensure that the kubelet –config configuration file has permissions set to 644 or more restrictive (Automated)
Recommended Action
None required.
4.1.10 Ensure that the kubelet configuration file ownership is set to root:root (Automated)
Recommended Action
None required.