From a462e96836f286b758b0bad3775ee139f85b54fe Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Tue, 2 Apr 2024 10:51:42 -0700
Subject: [PATCH] rkhunter: adjust ipa rules a bit more

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/rkhunter/templates/rkhunter.conf.j2 | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2
index 96f817fa26..117f287016 100644
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@@ -608,8 +608,7 @@ OS_VERSION_FILE=/etc/{{ ansible_distribution|lower }}-release
 #RTKT_DIR_WHITELIST=""
 #RTKT_FILE_WHITELIST=""
 {% if inventory_hostname in groups['ipa'] or inventory_hostname in groups['ipa_stg'] %}
-RTKT_FILE_WHITELIST="/var/log/pki/pki-tomcat/ca"
-RTKT_FILE_WHITELIST="/var/log/pki/pki-tomcat/kra"
+RTKT_DIR_WHITELIST="/var/log/pki/pki-tomcat"
 {% endif %}
 
 #