summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--roles/MX/tasks/main.yml2
-rw-r--r--roles/common/files/etc/rkhunter.conf2
-rw-r--r--roles/common/templates/etc/fail2ban/jail.local.j23
3 files changed, 3 insertions, 4 deletions
diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml
index cae498e..361e379 100644
--- a/roles/MX/tasks/main.yml
+++ b/roles/MX/tasks/main.yml
@@ -24,7 +24,7 @@
mode=0755
- name: Copy lookup tables (1)
- file: src=etc/postfix/virtual/{{ item }}
+ copy: src=etc/postfix/virtual/{{ item }}
dest=/etc/postfix-{{ postfix_instance[inst].name }}/virtual/{{ item }}
owner=root group=root
mode=0644
diff --git a/roles/common/files/etc/rkhunter.conf b/roles/common/files/etc/rkhunter.conf
index 9a64a17..542fcfd 100644
--- a/roles/common/files/etc/rkhunter.conf
+++ b/roles/common/files/etc/rkhunter.conf
@@ -507,7 +507,7 @@ IMMUTABLE_SET=0
# The option may be specified more than once. The option
# may use wildcard characters.
#
-#ALLOWHIDDENDIR="/etc/.java"
+ALLOWHIDDENDIR="/etc/.java"
#ALLOWHIDDENDIR="/dev/.static"
#ALLOWHIDDENDIR="/dev/.SRC-unix"
ALLOWHIDDENDIR="/etc/.git"
diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2
index 415236f..1b157b1 100644
--- a/roles/common/templates/etc/fail2ban/jail.local.j2
+++ b/roles/common/templates/etc/fail2ban/jail.local.j2
@@ -45,9 +45,8 @@ enabled = true
# pam-generic filter can be customized to monitor specific subset of 'tty's
filter = pam-generic
# port actually must be irrelevant but lets leave it all for some possible uses
-port = all
-banaction = iptables-allports
port = anyport
+banaction = iptables-allports
logpath = /var/log/auth.log
maxretry = 6