From 34a2c225618e9cd5724cc0d5a8c3ba9c83cfaee3 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Wed, 7 Dec 2022 17:34:39 -0500
Subject: [PATCH] Enable Yara and Insights for RHEL

Signed-off-by: Tommy <contact@tommytran.io>
---
 .gitignore | 1 -
 install.sh | 7 +++++++
 2 files changed, 7 insertions(+), 1 deletion(-)
 delete mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index 62c8935..0000000
--- a/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-.idea/
\ No newline at end of file
diff --git a/install.sh b/install.sh
index b51da43..98f92ba 100644
--- a/install.sh
+++ b/install.sh
@@ -560,6 +560,13 @@ linux_hardening(){
     mkdir -p /etc/systemd/system/sshd.service.d
     curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/systemd/system/sshd.service.d/limits.conf -o /etc/systemd/system/sshd.service.d/limits.conf
     systemctl restart sshd
+
+    if [ "$lsb_dist" = "rhel" ]; then
+        insights-client --register
+        dnf install -y yara
+        insights-client --collector malware-detection
+        sed -i 's/test_scan: true/test_scan: false/' /etc/insights-client/malware-detection-config.yml
+    fi
 }
 
 database_host_reset(){