summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/samhain/samhainrc
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/etc/samhain/samhainrc')
-rw-r--r--roles/common/files/etc/samhain/samhainrc11
1 files changed, 8 insertions, 3 deletions
diff --git a/roles/common/files/etc/samhain/samhainrc b/roles/common/files/etc/samhain/samhainrc
index 200cdc6..1fd9d42 100644
--- a/roles/common/files/etc/samhain/samhainrc
+++ b/roles/common/files/etc/samhain/samhainrc
@@ -495,70 +495,70 @@ SyslogSeverity=alert
## (this is not honoured on database initialisation)
#
# Daemon = no
Daemon = yes
## whether to test signature of files (init/check/none)
## - if 'none', then we have to decide this on the command line -
#
# ChecksumTest = none
ChecksumTest=check
## whether to drop linux capabilities that are not required
## - will make a root process a 'mere mortal' in many respects
#
# UseCaps = yes
## Set nice level (-19 to 19, see 'man nice'),
## and I/O limit (kilobytes per second; 0 == off)
## to reduce load on host.
#
-# SetNiceLevel = 0
+SetNiceLevel = 19
# SetIOLimit = 0
## The version string to embed in file signature databases
#
# VersionString = NULL
## Interval between time stamp messages
#
# SetLoopTime = 60
-SetLoopTime = 600
+SetLoopTime = 21600
## Interval between file checks
#
# SetFileCheckTime = 600
SetFileCheckTime = 7200
## Alternative: crontab-like schedule
#
# FileCheckScheduleOne = NULL
## Alternative: crontab-like schedule(2)
#
# FileCheckScheduleTwo = NULL
## Report only once on modified fles
## Setting this to 'FALSE' will generate a report for any policy
## violation (old and new ones) each time the daemon checks the file system.
#
-# ReportOnlyOnce = True
+ReportOnlyOnce = True
## Report in full detail
#
# ReportFullDetail = False
## Report file timestamps in local time rather than GMT
#
# UseLocalTime = No
## The console device (can also be a file or named pipe)
## - There are two console devices. Accordingly, you can use
## this directive a second time to set the second console device.
## If you have not defined the second device at compile time,
## and you don't want to use it, then:
## setting it to /dev/null is less effective than just leaving
## it alone (setting to /dev/null will waste time by opening
## /dev/null and writing to it)
#
# SetConsole = /dev/console
@@ -574,41 +574,46 @@ SetFileCheckTime = 7200
## --- E-Mail ---
# Only highest-level (alert) reports will be mailed immediately,
# others will be queued. Here you can define, when the queue will
# be flushed (Note: the queue is automatically flushed after
# completing a file check).
#
SetMailTime = 86400
## Maximum number of mails to queue
#
SetMailNum = 10
## Recipient (max. 8)
#
SetMailAddress = admin@fripost.org
## Mail relay (IP address)
#
+# XXX: it's unfortunate that samhain cannot use the sendmail binary. We
+# use a custom port here to avoid conflicts with the usual SMTP port the
+# MX:es need to listen on.
+# See also: /usr/share/doc/samhain/TODO.Debian
SetMailRelay = 127.0.0.1
+SetMailPort = 16132
## Custom subject format
#
MailSubject = [Samhain at %H] %T: %S
## --- end E-Mail ---
## Path to the prelink executable
#
# SetPrelinkPath = /usr/sbin/prelink
## TIGER192 checksum of the prelink executable
#
# SetPrelinkChecksum = (no default)
## Path to the executable. If set, will be checksummed after startup
## and before exit.
#
# SamhainPath = (no default)
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-22 02:48:07 +0000