From 25003e9d0d9576ece15d378280f62401a416d557 Mon Sep 17 00:00:00 2001
From: Matthieu Saulnier <fantom@fedoraproject.org>
Date: Sat, 29 Sep 2018 23:07:29 +0200
Subject: Rename HIDS playbook and update diagnostic task

---
 playbooks/hids-db-update.yml   | 15 +++++++++++++++
 playbooks/rkhunter-propupd.yml |  7 -------
 roles/common/tasks/cron.yml    | 12 ++++++++++--
 3 files changed, 25 insertions(+), 9 deletions(-)
 create mode 100644 playbooks/hids-db-update.yml
 delete mode 100644 playbooks/rkhunter-propupd.yml

diff --git a/playbooks/hids-db-update.yml b/playbooks/hids-db-update.yml
new file mode 100644
index 0000000..1e8c0ca
--- /dev/null
+++ b/playbooks/hids-db-update.yml
@@ -0,0 +1,15 @@
+---
+- hosts: all
+  remote_user: root
+  tasks:
+    - name: rkhunter internal database update
+      command: /usr/bin/rkhunter --propupd
+      when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
+
+    - name: aide internal database reset
+      command: /usr/sbin/aide -i
+      when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
+
+    - name: aide internal database update
+      command: /usr/bin/cp -f /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
+      when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
diff --git a/playbooks/rkhunter-propupd.yml b/playbooks/rkhunter-propupd.yml
deleted file mode 100644
index 414b15c..0000000
--- a/playbooks/rkhunter-propupd.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- hosts: all
-  remote_user: root
-  tasks:
-    - name: rkhunter internal database update
-      command: /usr/bin/rkhunter --propupd
-      when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
diff --git a/roles/common/tasks/cron.yml b/roles/common/tasks/cron.yml
index a5d7f8e..c05e877 100644
--- a/roles/common/tasks/cron.yml
+++ b/roles/common/tasks/cron.yml
@@ -10,8 +10,16 @@
   template: src=diskreport.sh.j2 dest=/etc/cron.daily/diskreport.sh mode=755
   when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
 
-- name: Rapport RPM Verify
-  copy: src=rpmreport.sh dest=/etc/cron.daily/rpmreport.sh mode=755
+- name: Rapport RPM Verify daily
+  file:
+    path: /etc/cron.daily/rpmreport.sh
+    state: absent
+
+- name: Rapport RPM Verify monthly
+  copy:
+    src: rpmreport.sh
+    dest: /etc/cron.monthly/rpmreport.sh
+    mode: 0755
   when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
 
 - name: Tests disques durs
-- 
cgit