roles/common/tasks/samhain.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

- name: Install samhain
  apt: pkg={{ item }}
  with_items:
    - samhain
    - auditd
  # XXX: Doesn't work out of the box, see #660197.
  # Every once in a while, or after a major upgrade, you may want to
  # update Samhain's database:
  #
  #     sudo samhain -t update --foreground
  #
  # To update the database without sending mails:
  #
  #     sudo samhain -t update --foreground -m none

- name: Configure samhain
  copy: src=etc/samhain/samhainrc
        dest=/etc/samhain/samhainrc
        owner=root group=root
        mode=0644
  notify:
    - Reload samhain

- name: Start samhain
  # This task is inconditional because samhain is reloaded not
  # restarted.
  service: name=samhain state=started

- meta: flush_handlers