diff options
Diffstat (limited to 'roles/diagnostics/tasks/rkhunter.yml')
-rw-r--r-- | roles/diagnostics/tasks/rkhunter.yml | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/roles/diagnostics/tasks/rkhunter.yml b/roles/diagnostics/tasks/rkhunter.yml index 460073a..6a9a507 100644 --- a/roles/diagnostics/tasks/rkhunter.yml +++ b/roles/diagnostics/tasks/rkhunter.yml @@ -2,22 +2,30 @@ dnf: name=rkhunter state=present notify: initialize rkhunter +- name: Login SSH en root + lineinfile: + path: /etc/rkhunter.conf + state: present + backrefs: yes + regexp: "^ALLOW_SSH_ROOT_USER=unset" + line: "ALLOW_SSH_ROOT_USER=yes" + - name: Activation de tests rkhunter lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes regexp="^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps" line="DISABLE_TESTS=deleted_files" -- name: Ajout de process en liste blanche +- name: Ajout de wpa_spplicant en liste blanche lineinfile: path: /etc/rkhunter.conf line: 'ALLOWPROCLISTEN=/usr/sbin/wpa_supplicant' -- name: Ajout de process en liste blanche +- name: Ajout de arpwatch en liste blanche lineinfile: path: /etc/rkhunter.conf line: 'ALLOWPROCLISTEN=/usr/sbin/arpwatch' -- name: Ajout de fichier en liste blanche +- name: Ajout de fichier cache squid en liste blanche lineinfile: path: /etc/rkhunter.conf insertafter: '^ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm' |