adding chipsec and ossec

arch-hardening.sh

@@ -55,15 +55,10 @@ EOL
 # [MALW-3276] Ensure rkhunter is installed
 sudo pacman -S --noconfirm --needed rkhunter
 sudo rkhunter --propupd
-sudo tee /etc/rkhunter.conf > /dev/null <<EOL
+sudo echo 'SCRIPTWHITELIST=/usr/bin/egrep' | sudo tee -a /etc/rkhunter.conf > /dev/null
-# rkhunter configuration file
+sudo echo 'SCRIPTWHITELIST=/usr/bin/fgrep' | sudo tee -a /etc/rkhunter.conf > /dev/null
-
+sudo echo 'SCRIPTWHITELIST=/usr/bin/ldd' | sudo tee -a /etc/rkhunter.conf > /dev/null
-# Whitelist to avoid false positive
+sudo echo 'SCRIPTWHITELIST=/usr/bin/rkhunter' | sudo tee -a /etc/rkhunter.conf > /dev/null
-SCRIPTWHITELIST=/usr/bin/egrep
-SCRIPTWHITELIST=/usr/bin/fgrep
-SCRIPTWHITELIST=/usr/bin/ldd
-SCRIPTWHITELIST=/usr/bin/vendor_perl/GET
-EOL
 
 # [MALW-3282] Ensure ClamAV is installed
 sudo pacman -S --noconfirm --needed clamav