From 9a3056a891b49ab01e66c4c22fa1a3da94edbed0 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 9 Dec 2015 04:10:19 +0000
Subject: [PATCH] Allow /dev/shm/spice files on virthosts/openqa boxes.

---
 roles/rkhunter/templates/rkhunter.conf.j2 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2
index 5fa898fc5e..6a0acb2696 100644
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@@ -386,6 +386,10 @@ ALLOWDEVFILE=/dev/shm/fmn-cache.dbm
 ALLOWDEVFILE=/dev/shm/squid-squid-page-pool.shm
 ALLOWDEVFILE=/dev/shm/squid-cache_mem.shm
 {% endif %}
+{% if ansible_hostname.startswith('virthost') or ansible_hostname.startswith('qa') %}
+# libvirt spice device makes a /dev/shm/spice file
+ALLOWDEVFILE=/dev/shm/spice.*
+{% endif %}
 
 #
 # This setting tells rkhunter where the inetd configuration