summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/rkhunter.conf
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/etc/rkhunter.conf')
-rw-r--r--roles/common/files/etc/rkhunter.conf22
1 files changed, 11 insertions, 11 deletions
diff --git a/roles/common/files/etc/rkhunter.conf b/roles/common/files/etc/rkhunter.conf
index abdbd6c..b6a7d06 100644
--- a/roles/common/files/etc/rkhunter.conf
+++ b/roles/common/files/etc/rkhunter.conf
@@ -259,7 +259,7 @@ LOGFILE=/var/log/rkhunter.log
#
# USE_SYSLOG=authpriv.warning
#
-# Setting the value to 'NONE', or just leaving the option commented out,
+# Setting the value to 'none', or just leaving the option commented out,
# disables the use of syslog.
#
# The default value is not to use syslog.
@@ -330,8 +330,8 @@ AUTO_X_DETECT=1
#
# These two options determine which tests are to be performed. The ENABLE_TESTS
-# option can use the word 'ALL' to refer to all of the available tests. The
-# DISABLE_TESTS option can use the word 'NONE' to mean that no tests are
+# option can use the word 'all' to refer to all of the available tests. The
+# DISABLE_TESTS option can use the word 'none' to mean that no tests are
# disabled. The list of disabled tests is applied to the list of enabled tests.
#
# Both options are space-separated lists of test names, and both options may
@@ -356,7 +356,7 @@ AUTO_X_DETECT=1
# applications (and warns about possible security risk: we better trust
# the Debian Security Team).
#
-ENABLE_TESTS=ALL
+ENABLE_TESTS=all
DISABLE_TESTS=suspscan hidden_procs deleted_files packet_cap_apps apps
#
@@ -587,12 +587,11 @@ HASH_CMD=sha512sum
SCRIPTWHITELIST=/bin/egrep
SCRIPTWHITELIST=/bin/fgrep
SCRIPTWHITELIST=/bin/which
-SCRIPTWHITELIST=/usr/bin/groups
SCRIPTWHITELIST=/usr/bin/ldd
-#SCRIPTWHITELIST=/usr/bin/lwp-request
+SCRIPTWHITELIST=/usr/bin/lwp-request
SCRIPTWHITELIST=/usr/sbin/adduser
#SCRIPTWHITELIST=/usr/sbin/prelink
-#SCRIPTWHITELIST=/usr/bin/unhide.rb
+#SCRIPTWHITELIST=/usr/sbin/unhide.rb
#
# Allow the specified file to have the immutable attribute set.
@@ -619,8 +618,9 @@ SCRIPTWHITELIST=/usr/sbin/adduser
#
# The default value is the null string.
#
-ALLOWHIDDENDIR=/etc/.java
+#ALLOWHIDDENDIR=/etc/.java
ALLOWHIDDENDIR=/etc/.git
+#ALLOWHIDDENDIR=/dev/.lxc
#
# Allow the specified hidden file to be whitelisted.
@@ -637,10 +637,10 @@ ALLOWHIDDENDIR=/etc/.git
#ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac
#ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
#ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
-ALLOWHIDDENFILE=/etc/.etckeeper
+#ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz
ALLOWHIDDENFILE=/etc/.gitignore
#ALLOWHIDDENFILE=/etc/.bzrignore
-
+ALLOWHIDDENFILE=/etc/.etckeeper
#
# Allow the specified process to use deleted files. The process name may be
@@ -657,7 +657,7 @@ ALLOWHIDDENFILE=/etc/.gitignore
#ALLOWPROCDELFILE=/sbin/cardmgr
#ALLOWPROCDELFILE=/usr/lib/libgconf2-4/gconfd-2
#ALLOWPROCDELFILE=/usr/sbin/mysqld:/tmp/ib*
-#ALLOWPROCDELFILE=/usr/lib/iceweasel/firefox-bin
+#ALLOWPROCDELFILE=/usr/lib/iceweasel/iceweasel
#ALLOWPROCDELFILE=/usr/bin/file-roller
#