not needed
This commit is contained in:
42
aide.yml
42
aide.yml
@@ -1,42 +0,0 @@
|
||||
---
|
||||
- name: system setup | aide | install aide package
|
||||
tags: aide,hardening,system
|
||||
package:
|
||||
name: aide
|
||||
state: present
|
||||
|
||||
- name: system setup | aide | check if aide database exists
|
||||
tags: aide,hardening,system
|
||||
stat:
|
||||
path: /var/lib/aide/aide.db
|
||||
register: aide_db
|
||||
|
||||
- name: system setup | aide | initialize aide database if it does not exist
|
||||
tags: aide,hardening,system
|
||||
block:
|
||||
- name: system setup | aide | run aide --init (this may take a while)
|
||||
command: aide --config /etc/aide/aide.conf --init
|
||||
register: aide_init_result
|
||||
changed_when: "'AIDE, version' in aide_init_result.stdout"
|
||||
async: 1800 # Allow up to 30 minutes for initialization
|
||||
poll: 15
|
||||
|
||||
- name: system setup | aide | copy new database to be the active one
|
||||
copy:
|
||||
src: /var/lib/aide/aide.db.new
|
||||
dest: /var/lib/aide/aide.db
|
||||
remote_src: true
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
when: aide_init_result.changed
|
||||
when: not aide_db.stat.exists
|
||||
|
||||
- name: system setup | aide | schedule daily check
|
||||
tags: aide,hardening,system
|
||||
cron:
|
||||
name: "AIDE daily check"
|
||||
minute: "0"
|
||||
hour: "5"
|
||||
job: "/usr/bin/aide --check"
|
||||
cron_file: aide_check # Creates /etc/cron.d/aide_check
|
||||
21
main.yml
21
main.yml
@@ -1,21 +0,0 @@
|
||||
---
|
||||
- name: Update_aide_database
|
||||
block: # This block is now a task within the handler
|
||||
- name: system setup | aide | run aide --update to check for legitimate changes
|
||||
tags: aide,hardening,system
|
||||
command: aide --update
|
||||
register: aide_update_result
|
||||
changed_when: "'new database written to' in aide_update_result.stdout"
|
||||
async: 1800 # Allow up to 30 minutes for update
|
||||
poll: 15
|
||||
|
||||
- name: system setup | aide | activate updated database
|
||||
tags: aide,hardening,system
|
||||
copy:
|
||||
src: /var/lib/aide/aide.db.new
|
||||
dest: /var/lib/aide/aide.db
|
||||
remote_src: true
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
when: aide_update_result.changed
|
||||
Reference in New Issue
Block a user