From 83079ad6270c3d268ed08088d7f89a3966dcaef1 Mon Sep 17 00:00:00 2001
From: "Igor D.C" <igordcard@gmail.com>
Date: Sat, 6 Jun 2020 07:14:03 +0000
Subject: [PATCH] Use docker host network for containers

If vuls or lynis are told to test the same host where
they're running (and it's only reachable via localhost) then
having the containers in the host network will provide
reachability to localhost so vuls/lynis can run their tests.

Change-Id: I70c6975676facb6de41790928a5d810a43e273d6
Signed-off-by: Igor D.C <igordcard@gmail.com>
---
 bluval/blucon.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bluval/blucon.py b/bluval/blucon.py
index 6913330..804bf63 100644
--- a/bluval/blucon.py
+++ b/bluval/blucon.py
@@ -74,7 +74,7 @@ def invoke_docker(bluprint, layer, tag):
     if _PULL:
         pull_docker(layer, tag)
     volume_list = get_volumes('common') + get_volumes(layer)
-    cmd = ("docker run --rm" + volume_list + _SUBNET +
+    cmd = ("docker run --rm --net=host" + volume_list + _SUBNET +
            " akraino/validation:{0}-{3}"
            " /bin/sh -c"
            " 'cd /opt/akraino/validation "
-- 
2.16.6