roles/common/tasks/rkhunter.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14

- name: Installation du HIDS rkhunter
  dnf: name=rkhunter state=present
  notify: initialize rkhunter

- name: Activation de tests rkhunter
  lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes
              regexp="^DISABLE_TESTS=suspscan hidden_ports deleted_files packet_cap_apps apps"
              line="DISABLE_TESTS=suspscan deleted_files"

# after one playbook run, this must be deleted
- name: Autorise login root par SSH
  lineinfile: dest=/etc/rkhunter.conf state=present backrefs=yes
              regexp="^ALLOW_SSH_ROOT_USER=unset"
              line="ALLOW_SSH_ROOT_USER=yes"