Use a dedicated SMTP port for samhain.

It's unfortunate that samhain cannot use the sendmail binary, and wants to use a inet socket instead. We use a custom port to avoid conflicts with the usual SMTP port the MX:es need to listen on. See also: /usr/share/doc/samhain/TODO.Debian
author: Guilhem Moulin <guilhem@fripost.org> 2013-12-01 16:35:46 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:50:59 +0200
commit: 1387b69c898cb93fd0343603f92670b40b88eb04 (patch)
tree: e2b9257e0031d13812b60a3c085f7ea4882f0a20 /roles/common/tasks/samhain.yml
parent: 5c7776d957e9396a481066e1d9cf1acd78b52fe6 (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/roles/common/tasks/samhain.yml b/roles/common/tasks/samhain.yml
index 768ceb6..0d911a5 100644
--- a/roles/common/tasks/samhain.yml
+++ b/roles/common/tasks/samhain.yml
@@ -1,12 +1,14 @@
 - name: Install samhain
-  apt: pkg=samhain
+  apt: pkg={{ item }}
+  with_items:
+    - samhain
+    - auditd
   # XXX: Doesn't work out of the box, see #660197.
-  # If this is the first installation, you may want to start with a fresh database
-  #   sudo service samhain stop
-  #   sudo rm /var/state/samhain/samhain_file
-  #   sudo samhain -t init -p warn
-  #   sudo service samhain start
-  #   sudo samhain -t update -l none
+  # Every once in a while, or after a major upgrade, you may want to
+  # update Samhain's database (to avoid being flooded at the next
+  # reboot):
+  #
+  #     sudo samhain -t update --foreground -m none
 
 - name: Configure samhain
   copy: src=etc/samhain/samhainrc
author	Guilhem Moulin <guilhem@fripost.org>	2013-12-01 16:35:46 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:50:59 +0200
commit	1387b69c898cb93fd0343603f92670b40b88eb04 (patch)
tree	e2b9257e0031d13812b60a3c085f7ea4882f0a20 /roles/common/tasks/samhain.yml
parent	5c7776d957e9396a481066e1d9cf1acd78b52fe6 (diff)