file=/etc/ssh/userkeys/staticsync
<% end -%>
file=/etc/rsyncd
-<%- if hostname == "sibelius" then -%>
+<%- if @hostname == "sibelius" then -%>
file=/etc/tsm
file=/etc/tsm/TSM.PWD
<% end -%>
[IgnoreAll]
+dir=-1/srv
##
## for these files, no modifications are reported
##
file=/etc/monit/monit.d/00debian.org
file=/etc/cron.d/dsa-puppet-stuff
file=/etc/cron.d/dsa-buildd
+file=/etc/cron.d/puppet-nagios-wraps
file=/etc/cron.weekly/stunnel-ekey-restart
file=/etc/default/schroot
file=/etc/schroot/default/nssdatabases
#
#####################################################
-# [SuidCheck]
+[SuidCheck]
##
## --- Check the filesystem for SUID/SGID binaries
##
## Directory to exclude
#
+<% if scope.lookupvar('site::nodeinfo')['buildd'] -%>
+SuidCheckExclude = /srv/buildd/unpack
+<% elsif scope.lookupvar('site::nodeinfo')['porterbox'] -%>
+SuidCheckExclude = /srv/chroot/schroot-unpack
+<% else -%>
# SuidCheckExclude = NULL
+<% end -%>
## Limit on files per second (0 == no limit)
#
#
# SetDefault = no
-<% if @lsbmajdistrelease >= '9' -%>
+<% if scope.call_function('versioncmp', [@lsbmajdistrelease, '9']) >= 0 -%>
[PortCheck]
PortCheckActive=0
<% end -%>
## Recipient (max. 8)
#
-SetMailAddress=samhain-reports@<%= fqdn -%>
+SetMailAddress=samhain-reports@<%= @fqdn -%>
SetMailRelay = localhost