roles/common/tasks/rkhunter.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

- name: Install rkhunter
  apt: pkg={{ item }}
  with_items:
    - rkhunter
    - curl
    - iproute
    - lsof
    - unhide
    - unhide.rb

# To test the configuration:
#   ansible all -m command -a '/usr/bin/rkhunter -c --nomow --rwo'
- name: Configure rkhunter
  copy: src=etc/{{ item }}
        dest=/etc/{{ item }}
        owner=root group=root
        mode=0644
  with_items:
    - rkhunter.conf
    - default/rkhunter
  notify:
    # This might not always be necessary, but it's not like we would
    # change the config every day...
    - Update rkhunter's data file

- meta: flush_handlers