- name: Installation du HIDS rkhunter
  dnf: name=rkhunter state=present
  notify: initialize rkhunter

- name: Activation de tests rkhunter
  lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes
              regexp="^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
              line="DISABLE_TESTS=deleted_files"

- name: Ajout de process en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    line: 'ALLOWPROCLISTEN=/usr/sbin/wpa_supplicant'

- name: Ajout de process en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    line: 'ALLOWPROCLISTEN=/usr/sbin/arpwatch'

- name: Ajout de fichier en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    insertafter: '^ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm'
    line: 'ALLOWDEVFILE=/dev/shm/squid-tls_session_cache.shm'