Forge Home

rkhunter

RKHunter Module

45,730 downloads

43,050 latest version

4.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.0.1 (latest)
  • 0.2.3
  • 0.2.2
  • 0.2.1
  • 0.2.0
  • 0.1.9
  • 0.1.8
  • 0.1.7
  • 0.1.6
  • 0.1.5
released Aug 13th 2015
This version is compatible with:
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'itmanagerro-rkhunter', '1.0.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add itmanagerro-rkhunter
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install itmanagerro-rkhunter --version 1.0.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

itmanagerro/rkhunter — version 1.0.1 Aug 13th 2015

puppet-rkhunter

Manage rkhunter installation and configuration with Puppet.

Build Status Score Status Downloads Status Version Status Endorsement Status

Modules Count Release Count

Features

  • Manage all configuration entries
  • Prelinking, updating, propupdating and scanning after configuration change
  • Working without any configuration changes (mostly with no warnings)
  • Setting daily scan and weekly update cron jobs
  • Manage scriptWhiteList for possible whitelisting (TODO: 50%)
  • Specify type (string, array, bool) of each parameter (TODO: 25%)

Supported OS

I have tested the module on all these machines:

  • CentOS:
    • 6.6 (Final)
    • 6.7 (Final)
  • Debian:
    • 6.0.10 (Squeeze)
    • 7.8 (Wheezy)
    • 8.1 (Jessie)

It should work on any Redhat or Debian based operating systems.

If you need any other operating systems tested, please let me know.

I will use your requests for creating rspec for specific operating system.

Configuration

This module should require nothing more than minimal configuration.

If you need aditional features or if you have any issues, please contact me.

Minimal configuration

class
{
  'rkhunter':
    mail_on_warning => 'john.doe@anonymous.domain',
}

A more complex configuration

class
{
  'rkhunter':
    allow_ssh_root_user     => 'yes',
    append_log              => 1,
    allow_syslog_remote_log => 1,
    shared_lib_whitelist    =>
    [
      '/lib/snoopy.so'
    ],
    scriptwhitelist         =>
    [ 
      '/bin/egrep',
      '/bin/fgrep',
      '/usr/bin/ldd',
      '/usr/bin/lwp-request',
      '/usr/sbin/adduser',
      '/usr/bin/unhide.rb',
    ],
}

Full List of optional configuration parameters:

allowdevfile
allowhiddendir
allowhiddenfile
allowprocdelfile
allowproclisten
allowpromiscif
allow_ssh_prot_v1
allow_ssh_root_user
allow_syslog_remote_logging
append_log
app_whitelist
apt_autogen
attrwhitelist
auto_x_detect
bindir
color_set2
config
configTemplate
configDefault
configDefaultTemplate
copy_log_on_error
cron_daily_run
cron_weekly_run
cron_db_update
dbdir
db_update_email
diag_scan
disable_tests
empty_logfiles
enable_tests
epoch_date_cmd
exclude_user_fileprop_files_dirs
existwhitelist
hash_cmd
hash_fld_idx
ignore_prelink_dep_err
immutable_set
immutwhitelist
inetd_allowed_svc
inetd_conf_path
installdir
language
lock_timeout
logfile
mail_cmd
mail_on_warning
mirrors_mode
missing_logfiles
modules_dir
nice
os_version_file
password_file
phalanx2_dirtest
pkgmgr
pkgmgr_no_vrfy
port_path_whitelist
port_whitelist
pwdless_accounts
readlink_cmd
rotate_mirrors
rtkt_dir_whitelist
rtkt_file_whitelist
run_check_on_battery
scan_mode_dev
scanrootkitmode
scriptdir
scriptwhitelist
shared_lib_whitelist
show_lock_msgs
show_summary_time
show_summary_warnings_number
ssh_config_dir
startup_paths
stat_cmd
suspscan_dirs
suspscan_maxsize
suspscan_temp
suspscan_thresh
syslog_config_file
tmpdir
uid0_accounts
unhidetcp_opts
unhide_tests
update_lang
update_mirrors
updt_on_os_change
use_locking
user_fileprop_files_dirs
use_sunsum
use_syslog
warn_on_os_change
web_cmd
whitelisted_is_white
writewhitelist
xinetd_allowed_svc
xinetd_conf_path

Copyright 2015 Mihai Cornateanu @ ITManager