summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthieu Saulnier <fantom@fedoraproject.org>2018-09-29 23:07:29 +0200
committerMatthieu Saulnier <fantom@fedoraproject.org>2018-09-29 23:07:29 +0200
commit25003e9d0d9576ece15d378280f62401a416d557 (patch)
tree3001d1eb0a7e2e97c32e6326c44f28911fd0fd10
parent67d9ca2de2f0c5fec723ad535238d8bb02f057a3 (diff)
downloadplaybooks-ansible-25003e9d0d9576ece15d378280f62401a416d557.tar.gz
playbooks-ansible-25003e9d0d9576ece15d378280f62401a416d557.tar.xz
playbooks-ansible-25003e9d0d9576ece15d378280f62401a416d557.zip
Rename HIDS playbook and update diagnostic task
-rw-r--r--playbooks/hids-db-update.yml15
-rw-r--r--playbooks/rkhunter-propupd.yml7
-rw-r--r--roles/common/tasks/cron.yml12
3 files changed, 25 insertions, 9 deletions
diff --git a/playbooks/hids-db-update.yml b/playbooks/hids-db-update.yml
new file mode 100644
index 0000000..1e8c0ca
--- /dev/null
+++ b/playbooks/hids-db-update.yml
@@ -0,0 +1,15 @@
+---
+- hosts: all
+ remote_user: root
+ tasks:
+ - name: rkhunter internal database update
+ command: /usr/bin/rkhunter --propupd
+ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
+
+ - name: aide internal database reset
+ command: /usr/sbin/aide -i
+ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
+
+ - name: aide internal database update
+ command: /usr/bin/cp -f /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
+ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
diff --git a/playbooks/rkhunter-propupd.yml b/playbooks/rkhunter-propupd.yml
deleted file mode 100644
index 414b15c..0000000
--- a/playbooks/rkhunter-propupd.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- hosts: all
- remote_user: root
- tasks:
- - name: rkhunter internal database update
- command: /usr/bin/rkhunter --propupd
- when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml
index a5d7f8e..c05e877 100644
--- a/roles/common/tasks/cron.yml
+++ b/roles/common/tasks/cron.yml
@@ -10,8 +10,16 @@
template: src=diskreport.sh.j2 dest=/etc/cron.daily/diskreport.sh mode=755
when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
-- name: Rapport RPM Verify
- copy: src=rpmreport.sh dest=/etc/cron.daily/rpmreport.sh mode=755
+- name: Rapport RPM Verify daily
+ file:
+ path: /etc/cron.daily/rpmreport.sh
+ state: absent
+
+- name: Rapport RPM Verify monthly
+ copy:
+ src: rpmreport.sh
+ dest: /etc/cron.monthly/rpmreport.sh
+ mode: 0755
when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
- name: Tests disques durs