From b8d73fde1e0bd6d2e66b68733d16dc67a038f0d3 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 11 Apr 2019 04:36:10 +0000 Subject: [PATCH] proxies: allow another shm file that apache seems to make now. Signed-off-by: Kevin Fenzi --- roles/rkhunter/templates/rkhunter.conf.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2 index 4b8cd0f58d..f01c3962ce 100644 --- a/roles/rkhunter/templates/rkhunter.conf.j2 +++ b/roles/rkhunter/templates/rkhunter.conf.j2 @@ -410,6 +410,9 @@ ALLOWDEVFILE=/dev/shm/spice.* {% if inventory_hostname in groups['ipa'] or inventory_hostname in groups['ipa-stg'] %} ALLOWDEVFILE=/dev/shm/sem.slapd*.stats {% endif %} +{% if inventory_hostname in groups['proxies'] or inventory_hostname in groups['proxies-stg'] %} +ALLOWDEVFILE=/dev/shm/libpod_lock +{% endif %} {% if inventory_hostname in groups['pgbdr'] or inventory_hostname in groups['pgbdr-stg'] or inventory_hostname == 'ci-cc-rdu01.fedoraproject.org' or inventory_hostname == 'hubs01.stg.phx2.fedoraproject.org' or inventory_hostname == 'db-koji01.stg.phx2.fedoraproject.org' or inventory_hostname == 'db-qa03.qa.fedoraproject.org' %} ALLOWDEVFILE=/dev/shm/PostgreSQL* {% endif %}