From a5dc93c76d725a25d86380bac8c2b863c4f9c0e8 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Jun 01 2022 19:02:17 +0000 Subject: rkhunter: adjust for rhel9 Signed-off-by: Kevin Fenzi --- diff --git a/inventory/group_vars/dns b/inventory/group_vars/dns index ce370c0..b69443f 100644 --- a/inventory/group_vars/dns +++ b/inventory/group_vars/dns @@ -10,7 +10,7 @@ ipa_client_sudo_groups: ipa_host_group: dns ipa_host_group_desc: DNS servers lvm_size: 30000 -mem_size: 2048 +mem_size: 4096 nagios_has_named: true nrpe_procs_crit: 500 nrpe_procs_warn: 300 diff --git a/inventory/host_vars/proxy02.fedoraproject.org b/inventory/host_vars/proxy02.fedoraproject.org index aacd556..80db50d 100644 --- a/inventory/host_vars/proxy02.fedoraproject.org +++ b/inventory/host_vars/proxy02.fedoraproject.org @@ -13,11 +13,11 @@ eth0_ipv6_nm: 64 freezes: true has_ipv4: yes has_ipv6: true -ks_repo: http://38.145.60.16/pub/fedora/linux/releases/35/Server/x86_64/os/ +ks_repo: http://38.145.60.16/pub/fedora/linux/releases/36/Server/x86_64/os/ ks_url: http://38.145.60.16/repo/rhel/ks/kvm-fedora mac0: 52:54:00:8c:7c:1b -max_mem_size: 8192 -mem_size: 8192 +max_mem_size: 65536 +mem_size: 24576 network_connections: - autoconnect: yes ip: @@ -39,11 +39,11 @@ network_connections: type: ethernet nrpe_procs_crit: 1400 nrpe_procs_warn: 1200 -num_cpus: 6 +num_cpus: 4 postfix_group: vpn public_hostname: proxy02.fedoraproject.org # This is consumed by the roles/fedora-web/main role sponsor: internetx -vmhost: internetx01.fedoraproject.org -volgroup: /dev/vg_Server +vmhost: internetx02.fedoraproject.org +volgroup: /dev/vg_guests vpn: true diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2 index 6d6539e..7ec1944 100644 --- a/roles/rkhunter/templates/rkhunter.conf.j2 +++ b/roles/rkhunter/templates/rkhunter.conf.j2 @@ -633,7 +633,7 @@ SCRIPTWHITELIST=/usr/bin/whatis SCRIPTWHITELIST=/usr/bin/ldd SCRIPTWHITELIST=/usr/bin/groups SCRIPTWHITELIST=/usr/bin/GET -{% if ansible_distribution_major_version|int >= 30 %} +{% if ansible_distribution_major_version|int >= 9 %} # no network-scripts on newest fedora #SCRIPTWHITELIST=/sbin/ifup #SCRIPTWHITELIST=/sbin/ifdown