Configure rkhunter.

author: Guilhem Moulin <guilhem@fripost.org> 2013-10-30 21:09:53 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:50:29 +0200
commit: dd6085c28219e6acca0c7ae1c6428b064c65e752 (patch)
tree: 5e0a70d68ead1e11d82907dddbce8a781a29f1b2 /roles/common/tasks
parent: a59578e8406949827d20efa19edfa6a746168c82 (diff)
2 files changed, 23 insertions, 0 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index b2ec514..1d57812 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -4,3 +4,4 @@
 - include: apt.yml      tags=apt
 - include: firewall.yml tags=firewall,iptables
 - include: samhain.yml  tags=samhain
+- include: rkhunter.yml tags=rkhunter
diff --git a/roles/common/tasks/rkhunter.yml b/roles/common/tasks/rkhunter.yml
new file mode 100644
index 0000000..144430e
--- /dev/null
+++ b/roles/common/tasks/rkhunter.yml
@@ -0,0 +1,22 @@
+- name: Install rkhunter
+  apt: pkg={{ item }}
+  with_items:
+    - rkhunter
+    - curl
+    - iproute
+    - lsof
+    - unhide
+    - unhide.rb
+
+- name: Configure rkhunter
+  copy: src=etc/{{ item }}
+        dest=/etc/{{ item }}
+        owner=root group=root
+        mode=0644
+  with_items:
+    - rkhunter.conf
+    - default/rkhunter
+  notify:
+    # This might not always be necessary, but it's not like we would
+    # change the config every day...
+    - Update rkhunter's data file
author	Guilhem Moulin <guilhem@fripost.org>	2013-10-30 21:09:53 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:50:29 +0200
commit	dd6085c28219e6acca0c7ae1c6428b064c65e752 (patch)
tree	5e0a70d68ead1e11d82907dddbce8a781a29f1b2 /roles/common/tasks
parent	a59578e8406949827d20efa19edfa6a746168c82 (diff)