- name: Installation du HIDS rkhunter
  package:
    name: rkhunter
    state: present

- name: Login SSH en root
  lineinfile:
    path: /etc/rkhunter.conf
    state: present
    backrefs: yes
    regexp: "^ALLOW_SSH_ROOT_USER=unset"
    line: "ALLOW_SSH_ROOT_USER=yes"

- name: Activation de tests rkhunter
  lineinfile:
    path: /etc/rkhunter.conf
    state: present
    backrefs: yes
    regexp: "^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
    line: "DISABLE_TESTS=deleted_files"

- name: Ajout de wpa_spplicant en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    line: 'ALLOWPROCLISTEN=/usr/sbin/wpa_supplicant'

- name: Ajout de arpwatch en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    line: 'ALLOWPROCLISTEN=/usr/sbin/arpwatch'

- name: Ajout de fichier cache squid en liste blanche
  lineinfile:
    path: /etc/rkhunter.conf
    insertafter: '^ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm'
    line: 'ALLOWDEVFILE=/dev/shm/squid-tls_session_cache.shm'