rkhunter: Same as in 0af1482 but for /etc/polkit-1/rules.d

* Directory might be empty * Also archive /var/lib/rkhunter/db/rkhunter.dat * Relates to #76
pyllyukko · Feb 23, 2025 · ca94e97 · ca94e97
1 parent 0af1482
commit ca94e97
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/.github/workflows/ansible-playbook.yml b/.github/workflows/ansible-playbook.yml
@@ -171,15 +171,18 @@ jobs:
       #  run: sudo grep '\[ Warning \]$' /var/log/rkhunter.log
       - name: Run Lynis
         run: sudo lynis audit system --skip-plugins --tests-from-group malware
-      - name: chmod Lynis & rkhunter logs
-        run: sudo chmod -c 644 /var/log/lynis.log /var/log/rkhunter.log
+      - name: chmod Lynis & rkhunter files
+        run: |
+          sudo chmod -c 644 /var/log/lynis.log /var/log/rkhunter.log /var/lib/rkhunter/db/rkhunter.dat
+          sudo chmod -c 755 /var/lib/rkhunter{,/db}
       - name: Archive Lynis log
         uses: actions/upload-artifact@v4
         with:
           name: lynis-malware.log
           path: |
             /var/log/lynis.log
             /var/log/rkhunter.log
+            /var/lib/rkhunter/db/rkhunter.dat
       # MALW-3280
       # 2025-01-08 21:22:22 Result: no commercial anti-virus tools found
       # 2025-01-08 21:22:22 Hardening: assigned partial number of hardening points (0 of 3). Currently having 4 points (out of 7)

diff --git a/templates/rkhunter.conf.j2 b/templates/rkhunter.conf.j2
@@ -549,7 +549,7 @@ USER_FILEPROP_FILES_DIRS=/lib/{{ ansible_architecture }}-linux-gnu/security/*.so
 USER_FILEPROP_FILES_DIRS=/etc/sudoers
 USER_FILEPROP_FILES_DIRS=/etc/sudoers.d
 {% if stat_polkit_etc.stat.exists %}
-USER_FILEPROP_FILES_DIRS=/etc/polkit-1/rules.d/*.rules
+USER_FILEPROP_FILES_DIRS=/etc/polkit-1/rules.d
 USER_FILEPROP_FILES_DIRS=/usr/share/polkit-1/rules.d/*.rules
 USER_FILEPROP_FILES_DIRS=/usr/share/polkit-1/actions/*.policy
 {% endif %}