From 54819d417bb29b91bc0f2c3f295c7fd00f0f788e Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sun, 7 Jun 2015 17:31:02 +0000
Subject: [PATCH] Adjust rkhunter for changes on kojipkgs and fed-cloud09 On
 fed-cloud09 we have etckeeper, so allow it's hidden dirs in /etc On kojipkgs
 we have some /dev/shm segments.

---
 roles/rkhunter/templates/rkhunter.conf.j2 | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2
index e474b6ab36..9a4c480fba 100644
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@@ -308,6 +308,9 @@ ALLOWHIDDENDIR=/dev/.udevdb
 ALLOWHIDDENDIR=/dev/.udev.tdb
 ALLOWHIDDENDIR=/dev/.udev/db
 ALLOWHIDDENDIR=/dev/.udev/rules.d
+{% if ansible_hostname.startswith('fed-cloud') %}
+ALLOWHIDDENDIR=/etc/.git
+{% endif %}
 
 #
 # Allow the specified hidden files.
@@ -330,6 +333,10 @@ ALLOWHIDDENFILE=/dev/.udev/uevent_seqnum
 # Fedora 21 and higher systems has a /dev/.updated file
 ALLOWHIDDENFILE=/etc/.updated
 {% endif %}
+{% if ansible_hostname.startswith('fed-cloud') %}
+ALLOWHIDDENFILE=/etc/.etckeeper
+ALLOWHIDDENFILE=/etc/.gitignore
+{% endif %}
 
 #
 # Allow the specified processes to use deleted files.
@@ -377,6 +384,10 @@ ALLOWDEVFILE=/dev/md/autorebuild.pid
 {% if ansible_hostname == 'notifs-backend01' %}
 ALLOWDEVFILE=/dev/shm/fmn-cache.dbm
 {% endif %}
+{% if ansible_hostname.startswith('kojipkgs') %}
+ALLOWDEVFILE=/dev/shm/squid-squid-page-pool.shm
+ALLOWDEVFILE=/dev/shm/squid-cache_mem.shm
+{% endif %}
 
 #
 # This setting tells rkhunter where the inetd configuration