reconfigure rkhunter before task removal

author: Matthieu Saulnier <fantom@fedoraproject.org> 2017-06-18 04:50:44 +0200
committer: Matthieu Saulnier <fantom@fedoraproject.org> 2017-06-18 04:50:44 +0200
commit: d2150ef9411e0801bceacd35ed9d20efdc4cae7e (patch)
tree: cbb5b1504489922e5bc468b40901bb9ae5c60181 /roles/common/tasks/rkhunter.yml
parent: a76a6425d5f053343b942f40e6825324f442429c (diff)
download: playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.tar.gz
playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.tar.xz
playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/roles/common/tasks/rkhunter.yml b/roles/common/tasks/rkhunter.yml
index ec65caa..cc18631 100644
--- a/roles/common/tasks/rkhunter.yml
+++ b/roles/common/tasks/rkhunter.yml
@@ -7,7 +7,8 @@
               regexp="^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
               line="DISABLE_TESTS=suspscan deleted_files"
 
+# after one playbook run, this must be deleted
 - name: Autorise login root par SSH
   lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes
-              regexp="^ALLOW_SSH_ROOT_USER=yes"
-              line="ALLOW_SSH_ROOT_USER=unset"
+              regexp="^ALLOW_SSH_ROOT_USER=unset"
+              line="ALLOW_SSH_ROOT_USER=yes"
author	Matthieu Saulnier <fantom@fedoraproject.org>	2017-06-18 04:50:44 +0200
committer	Matthieu Saulnier <fantom@fedoraproject.org>	2017-06-18 04:50:44 +0200
commit	d2150ef9411e0801bceacd35ed9d20efdc4cae7e (patch)
tree	cbb5b1504489922e5bc468b40901bb9ae5c60181 /roles/common/tasks/rkhunter.yml
parent	a76a6425d5f053343b942f40e6825324f442429c (diff)
download	playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.tar.gz playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.tar.xz playbooks-ansible-d2150ef9411e0801bceacd35ed9d20efdc4cae7e.zip