ansible-infra/ansible_collections/nullified/infrastructure/roles/security/templates/rkhunter/rkhunter.conf.local.j2

# No end-of-line comments;
# No quotes around path names;
# To unset previous configuration, set it to "" (empty) beforehand;
# Some options allow multiple definitions, leads to a concatenation;

ROTATE_MIRRORS=1
UPDATE_MIRRORS=1
MIRRORS_MODE=0
MAIL-ON-WARNING=naeikindus@pounce.tech
MAIL_CMD=mail -s "[rkhunter] Warnings found for ${HOST_NAME}"
TMPDIR=/var/lib/rkhunter/tmp
DBDIR=/var/lib/rkhunter/db
SCRIPTDIR=/usr/share/rkhunter/scripts
BINDIR=/bin /usr/bin /sbin /usr/sbin
BINDIR=+/usr/local/bin +/usr/local/sbin
UPDATE_LANG="en"
LOGFILE=/var/log/rkhunter.log
APPEND_LOG=0
COPY_LOG_ON_ERROR=0
USE_SYSLOG=authpriv.warning
AUTO_X_DETECT=0
ALLOW_SSH_ROOT_USER=no
ALLOW_SSH_PROT_V1=0

ENABLE_TESTS=ALL
DISABLE_TESTS=NONE
HASH_CMD=SHA256
PKGMGR=NONE

USER_FILEPROP_FILES_DIRS=/etc/rkhunter.conf
USER_FILEPROP_FILES_DIRS=/etc/rkhunter.conf.local

EXISTWHITELIST=""
ATTRWHITELIST=""
WRITEWHITELIST=""

SCRIPTWHITELIST=/usr/bin/egrep
SCRIPTWHITELIST=/usr/bin/lwp-request
SCRIPTWHITELIST=/usr/bin/fgrep
SCRIPTWHITELIST=/usr/bin/which
SCRIPTWHITELIST=/usr/bin/ldd
SCRIPTWHITELIST=/usr/bin/which.debianutils
SCRIPTWHITELIST=/usr/sbin/adduser

IMMUTABLE_SET=0
SKIP_INODE_CHECK=0
ALLOWPROMISCIF=""

SCAN_MODE_DEV=THOROUGH
ALLOWDEVFILE=""
ALLOW_SYSLOG_REMOTE_LOGGING=0

### Needs update to add user-controller dirs like upload and user generated content dirs from webserver
SUSPSCAN_DIRS=/tmp /var/tmp
SUSPSCAN_TEMP=/dev/shm
SUSPSCAN_MAXSIZE=1024000
SUSPSCAN_THRESH=200
SUSPSCAN_WHITELIST=""

# Examples:
#
#     PORT_WHITELIST=TCP:2001 UDP:32011
#     PORT_PATH_WHITELIST=/usr/sbin/squid
#     PORT_PATH_WHITELIST=/usr/sbin/squid:TCP:3801
PORT_WHITELIST=""
PORT_PATH_WHITELIST=""

WARN_ON_OS_CHANGE=1

USE_LOCKING=1
LOCK_TIMEOUT=300
SCANROOTKITMODE=""

SHOW_SUMMARY_WARNINGS_NUMBER=1
GLOBSTAR=0
INSTALLDIR=/usr