summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/rkhunter.conf
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/etc/rkhunter.conf')
-rw-r--r--roles/common/files/etc/rkhunter.conf10
1 files changed, 8 insertions, 2 deletions
diff --git a/roles/common/files/etc/rkhunter.conf b/roles/common/files/etc/rkhunter.conf
index ce3b2d6..c7358d0 100644
--- a/roles/common/files/etc/rkhunter.conf
+++ b/roles/common/files/etc/rkhunter.conf
@@ -353,7 +353,7 @@ ALLOW_SSH_PROT_V1=2
# program defaults.
#
ENABLE_TESTS=ALL
-DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps
+DISABLE_TESTS=suspscan hidden_ports hidden_procs deleted_files packet_cap_apps apps
#
# The HASH_CMD option can be used to specify the command to use for the file
@@ -562,6 +562,10 @@ HASH_CMD=SHA512
#
#EXISTWHITELIST=""
+# work around for usr-merge, cf. https://bugs.debian.org/932594
+EXISTWHITELIST=/usr/bin/egrep
+EXISTWHITELIST=/usr/bin/fgrep
+
#
# Whitelist various attributes of the specified file. The attributes are those
# of the 'attributes' test. Specifying a file name here does not include it
@@ -592,7 +596,9 @@ HASH_CMD=SHA512
#
SCRIPTWHITELIST=/bin/egrep
SCRIPTWHITELIST=/bin/fgrep
-SCRIPTWHITELIST=/bin/which
+SCRIPTWHITELIST=/usr/bin/egrep
+SCRIPTWHITELIST=/usr/bin/fgrep
+SCRIPTWHITELIST=/usr/bin/which
SCRIPTWHITELIST=/usr/bin/ldd
SCRIPTWHITELIST=/usr/bin/lwp-request
SCRIPTWHITELIST=/usr/sbin/adduser
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 11:23:08 +0000