Puppet Class: rkhunter

Inherits:

rkhunter::params

Defined in:

manifests/init.pp

Overview

== Class: rkhunter

This module manages rkhunter

=== Parameters

=== Variables

=== Examples

=== Authors

Author Thomas Bendler project@bendler-net.de

=== Copyright

Copyright 2019 Thomas Bendler

Examples:

Declaring the class

class { '::rkhunter':
  tftp => true,
  sshd_root => 'without-password'
}

Parameters:

• tftp (Any) (defaults to: $rkhunter::params::tftp) —

  boolean, should tftp check be enabled or disabled

• check_mk (Any) (defaults to: $rkhunter::params::check_mk) —

  boolean, should check_mk check be enabled or disabled

• root_email (Any) (defaults to: $rkhunter::params::root_email) —

  Set the root email address that get notifications if events occur

• warning_email (Any) (defaults to: $rkhunter::params::warning_email) —

  Set the email address that gets notifications if warnings occur

• enable_warning_email (Any) (defaults to: $rkhunter::params::enable_warning_email) —

  Set to true to send emails on warnings (default: false)

• remote_syslog (Any) (defaults to: $rkhunter::params::remote_syslog) —

  Set to true when remote syslog is enabled

• tftp (defaults to: $rkhunter::params::tftp) —

  Ignore check errors forced by tftp

• check_mk (defaults to: $rkhunter::params::check_mk) —

  Ignore check errors forced by check_mk

• check_mk_script (Any) (defaults to: $rkhunter::params::check_mk_script) —

  Define the location of the check_mk script

• oracle_xe (Any) (defaults to: $rkhunter::params::oracle_xe) —

  Ignore check errors forced by Oracle XE

• sap_igs (Any) (defaults to: $rkhunter::params::sap_igs) —

  Ignore check errors forced by SAP IGS

• sap_icm (Any) (defaults to: $rkhunter::params::sap_icm) —

  Ignore check errors forced by SAP ICM

• sap_db (Any) (defaults to: $rkhunter::params::sap_db) —

  Ignore check errors forced by SAPDB/MaxDB

• sshd_root (Any) (defaults to: $rkhunter::params::sshd_root) —

  Surpress warning if root login is permit. Should be the same as PermitRootLogin in sshd_config

• ssh_prot_v1 (Any) (defaults to: $rkhunter::params::ssh_prot_v1) —

  Define the minimum ssh protocol version, should be 2

• web_cmd (Any) (defaults to: $rkhunter::params::web_cmd) —

  Command used to retrieve files from the internet (ie: while running with –update)

• disable_tests (Any) (defaults to: $rkhunter::params::disable_tests) —

  List of test that should not be performed

• cron_daily_run (Any) (defaults to: $rkhunter::params::cron_daily_run) —

  Enable/Disable Cron daily runs

• cron_db_update (Any) (defaults to: $rkhunter::params::cron_db_update) —

  Enable/Disable Cron database update runs

# File 'manifests/init.pp', line 45

class rkhunter (
  $root_email           = $rkhunter::params::root_email,
  $warning_email        = $rkhunter::params::warning_email,
  $enable_warning_email = $rkhunter::params::enable_warning_email,
  $remote_syslog        = $rkhunter::params::remote_syslog,
  $tftp                 = $rkhunter::params::tftp,
  $check_mk             = $rkhunter::params::check_mk,
  $check_mk_script      = $rkhunter::params::check_mk_script,
  $oracle_xe            = $rkhunter::params::oracle_xe,
  $sap_igs              = $rkhunter::params::sap_igs,
  $sap_icm              = $rkhunter::params::sap_icm,
  $sap_db               = $rkhunter::params::sap_db,
  $sshd_root            = $rkhunter::params::sshd_root,
  $ssh_prot_v1          = $rkhunter::params::ssh_prot_v1,
  $web_cmd              = $rkhunter::params::web_cmd,
  $disable_tests        = $rkhunter::params::disable_tests,
  $cron_daily_run       = $rkhunter::params::cron_daily_run,
  $cron_db_update       = $rkhunter::params::cron_db_update
) inherits rkhunter::params {

  # Start workflow
  if $rkhunter::params::linux {
    class{ '::rkhunter::package': }
    -> class{ '::rkhunter::config': }
    -> class{ '::rkhunter::service': }
    -> Class['rkhunter']
  } else {
    warning('The current operating system is not supported!')
  }
}