Configure rkhunter at install

installBase.sh

@@ -91,9 +91,24 @@ systemctl start clamav-daemon
 line="0 1 * * 1 $PWD/clamav-weekly.sh > /dev/null 2>&1"
 (crontab -l; echo "${line}") | crontab -
 
+# Rkhunter config
+echo "PKGMGR=DPKG" >> /etc/rkhunter.conf
+sed -ie 's/#ALLOW_SSH_ROOT_USER=no/ALLOW_SSH_ROOT_USER=yes/' /etc/rkhunter.conf
+if [ `grep -c Protocol /etc/ssh/sshd_config` -eq 0 ]
+then
+    echo "Protocol 2" >> /etc/ssh/sshd_config
+    systemctl restart ssh
+    echo "Please retest ssh connexion before exiting this session"
+fi
+echo "ALLOWHIDDENDIR=/etc/.java" >> /etc/rkhunter.conf
+sed -ie 's@^\s*\(WEB_CMD="/bin/false"\)@# \1@' /etc/rkhunter.conf
+rkhunter --update > /dev/null
+rkhunter --propupdate
+rkhunter --sk -c
+
 # Health report
-line="0 7 * * 1 $PWD/healthReport.sh -m 'Rapport de santé hebdomadaire' > /dev/null 2>&1"
-(crontab -l; echo "${line}") | crontab -
+# line="0 7 * * 1 $PWD/healthReport.sh -m 'Rapport de santé hebdomadaire' > /dev/null 2>&1"
+# (crontab -l; echo "${line}") | crontab -
 
 # Allow maintenance operations:
 mkdir -p /root/.ssh

upgradeAll.sh

@@ -50,24 +50,15 @@ then
 fi
 
 # Check rootkits and antivirus
-if [ -z "`which rkhunter`" ]
-then
-    aptitude install rkhunter
-    echo "PKGMGR=DPKG" >> /etc/rkhunter.conf
-    rkhunter --propupd
-    sed -ie 's/#ALLOW_SSH_ROOT_USER=no/ALLOW_SSH_ROOT_USER=yes/' /etc/rkhunter.conf
-    if [ `grep -c Protocol /etc/ssh/sshd_config` -eq 0 ]
-    then
-        echo "Protocol 2" >> /etc/ssh/sshd_config
-        systemctl restart ssh
-        echo "Please retest ssh connexion before exiting this session"
-    fi
-else
 if [ `grep -c "^ALLOWHIDDENDIR=/etc/.java" /etc/rkhunter.conf` -eq 0 ]
 then
     echo "ALLOWHIDDENDIR=/etc/.java" >> /etc/rkhunter.conf
 fi
+if [ `egrep -c '^\s*WEB_CMD="/bin/false"' /etc/rkhunter.conf` -gt 0 ]
+then
+    sed -ie 's@^\s*\(WEB_CMD="/bin/false"\)@# \1@' /etc/rkhunter.conf
 fi
+rkhunter --update > /dev/null
 rkhunter --propupdate
 rkhunter --sk -c
 if [ `crontab -l | grep -c "clamav-weekly"` -eq 0 ]