diff options
| -rw-r--r-- | playbooks/hids-db-update.yml | 15 | ||||
| -rw-r--r-- | playbooks/rkhunter-propupd.yml | 7 | ||||
| -rw-r--r-- | roles/common/tasks/cron.yml | 12 |
3 files changed, 25 insertions, 9 deletions
diff --git a/playbooks/hids-db-update.yml b/playbooks/hids-db-update.yml new file mode 100644 index 0000000..1e8c0ca --- /dev/null +++ b/playbooks/hids-db-update.yml @@ -0,0 +1,15 @@ +--- +- hosts: all + remote_user: root + tasks: + - name: rkhunter internal database update + command: /usr/bin/rkhunter --propupd + when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" + + - name: aide internal database reset + command: /usr/sbin/aide -i + when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" + + - name: aide internal database update + command: /usr/bin/cp -f /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz + when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" diff --git a/playbooks/rkhunter-propupd.yml b/playbooks/rkhunter-propupd.yml deleted file mode 100644 index 414b15c..0000000 --- a/playbooks/rkhunter-propupd.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- hosts: all - remote_user: root - tasks: - - name: rkhunter internal database update - command: /usr/bin/rkhunter --propupd - when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml index a5d7f8e..c05e877 100644 --- a/roles/common/tasks/cron.yml +++ b/roles/common/tasks/cron.yml @@ -10,8 +10,16 @@ template: src=diskreport.sh.j2 dest=/etc/cron.daily/diskreport.sh mode=755 when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" -- name: Rapport RPM Verify - copy: src=rpmreport.sh dest=/etc/cron.daily/rpmreport.sh mode=755 +- name: Rapport RPM Verify daily + file: + path: /etc/cron.daily/rpmreport.sh + state: absent + +- name: Rapport RPM Verify monthly + copy: + src: rpmreport.sh + dest: /etc/cron.monthly/rpmreport.sh + mode: 0755 when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" - name: Tests disques durs |