rkhunter: adjust ipa rules a bit more

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-04-02 10:51:42 -07:00 · 2024-04-02 10:51:42 -07:00 · a462e96836
parent 0bac0319f9
commit a462e96836
1 changed files with 1 additions and 2 deletions
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@ -608,8 +608,7 @@ OS_VERSION_FILE=/etc/{{ ansible_distribution|lower }}-release
 #RTKT_DIR_WHITELIST=""
 #RTKT_FILE_WHITELIST=""
 {% if inventory_hostname in groups['ipa'] or inventory_hostname in groups['ipa_stg'] %}
-RTKT_FILE_WHITELIST="/var/log/pki/pki-tomcat/ca"
-RTKT_FILE_WHITELIST="/var/log/pki/pki-tomcat/kra"
+RTKT_DIR_WHITELIST="/var/log/pki/pki-tomcat"
 {% endif %}

 #