From f57fc5fde42803c89766fcb78289ed19026f67e9 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 30 Dec 2016 16:17:15 +0000
Subject: [PATCH] add some exceptions for kojipkgs squid and rkhunter

---
 roles/rkhunter/templates/rkhunter.conf.j2 | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2
index 4bd8327551..75164abd09 100644
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@@ -388,6 +388,14 @@ ALLOWDEVFILE=/dev/shm/fmn-cache.dbm
 {% if ansible_hostname.startswith('kojipkgs') %}
 ALLOWDEVFILE=/dev/shm/squid-squid-page-pool.shm
 ALLOWDEVFILE=/dev/shm/squid-cache_mem.shm
+ALLOWDEVFILE=/dev/shm/squid-ssl_session_cache.shm
+ALLOWDEVFILE=/dev/shm/squid-cache_mem_ex.shm
+ALLOWDEVFILE=/dev/shm/squid-cache_mem_map_slices.shm
+ALLOWDEVFILE=/dev/shm/squid-cache_mem_map_anchors.shm
+ALLOWDEVFILE=/dev/shm/squid-cache_mem_space.shm
+ALLOWDEVFILE=/dev/shm/squid-cf__readers.shm
+ALLOWDEVFILE=/dev/shm/squid-cf__queues.shm
+ALLOWDEVFILE=/dev/shm/squid-cf__metadata.shm
 {% endif %}
 {% if inventory_hostname in groups['virtservers'] or inventory_hostname in groups['openqa-workers'] or inventory_hostname in groups['openqa-stg-workers'] or inventory_hostname in groups['taskotron-stg-client-hosts'] or inventory_hostname in groups['taskotron-dev-client-hosts']  %}
 # libvirt spice device makes a /dev/shm/spice file