diff options
-rw-r--r-- | roles/MX/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/common/files/etc/rkhunter.conf | 2 | ||||
-rw-r--r-- | roles/common/templates/etc/fail2ban/jail.local.j2 | 3 |
3 files changed, 3 insertions, 4 deletions
diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml index cae498e..361e379 100644 --- a/roles/MX/tasks/main.yml +++ b/roles/MX/tasks/main.yml @@ -24,7 +24,7 @@ mode=0755 - name: Copy lookup tables (1) - file: src=etc/postfix/virtual/{{ item }} + copy: src=etc/postfix/virtual/{{ item }} dest=/etc/postfix-{{ postfix_instance[inst].name }}/virtual/{{ item }} owner=root group=root mode=0644 diff --git a/roles/common/files/etc/rkhunter.conf b/roles/common/files/etc/rkhunter.conf index 9a64a17..542fcfd 100644 --- a/roles/common/files/etc/rkhunter.conf +++ b/roles/common/files/etc/rkhunter.conf @@ -507,7 +507,7 @@ IMMUTABLE_SET=0 # The option may be specified more than once. The option # may use wildcard characters. # -#ALLOWHIDDENDIR="/etc/.java" +ALLOWHIDDENDIR="/etc/.java" #ALLOWHIDDENDIR="/dev/.static" #ALLOWHIDDENDIR="/dev/.SRC-unix" ALLOWHIDDENDIR="/etc/.git" diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2 index 415236f..1b157b1 100644 --- a/roles/common/templates/etc/fail2ban/jail.local.j2 +++ b/roles/common/templates/etc/fail2ban/jail.local.j2 @@ -45,9 +45,8 @@ enabled = true # pam-generic filter can be customized to monitor specific subset of 'tty's filter = pam-generic # port actually must be irrelevant but lets leave it all for some possible uses -port = all -banaction = iptables-allports port = anyport +banaction = iptables-allports logpath = /var/log/auth.log maxretry = 6 |