saving uncommitted changes in /etc prior to dnf run

sysconfig/imunify360/.imunify360.backup_config

@@ -0,0 +1,18 @@
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+#
+#   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#   DO NOT EDIT. AUTOMATICALLY GENERATED.
+#   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#
+#   Direct modifications to this file WILL be lost upon subsequent
+#   regeneration of this configuration file.
+#
+#   To have your modifications retained, you should use CLI command
+#   imunify360-agent backup-systems <init|disable> <backup-system>
+#   or activate/deactivate appropriate feature in UI.
+#
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+
+BACKUP_SYSTEM:
+  backup_system: null
+  enabled: false

sysconfig/imunify360/custom_billing.config

@@ -0,0 +1,4 @@
+CUSTOM_BILLING:
+  upgrade_url: null
+  billing_notifications: true
+  ip_license: true

sysconfig/imunify360/imunify360-merged.config

@@ -0,0 +1,194 @@
+############################################################################
+# DO NOT MODIFY THIS FILE!!!                                               #
+# USE /etc/sysconfig/imunify360/imunify360.config.d/ TO OVERRIDE DEFAULTS  #
+############################################################################
+
+ADMIN_CONTACTS:
+  emails: []
+  enable_icontact_notifications: true
+AUTO_WHITELIST:
+  after_unblock_timeout: 1440
+  timeout: 1440
+BACKUP_RESTORE:
+  cl_backup_allowed: true
+  cl_on_premise_backup_allowed: false
+  max_days_in_backup: 90
+BLOCKED_PORTS:
+  default_mode: allowed
+CAPTCHA:
+  cert_refresh_timeout: 3600
+CAPTCHA_DOS:
+  enabled: true
+  max_count: 100
+  time_frame: 21600
+  timeout: 864000
+CSF_INTEGRATION:
+  catch_lfd_events: false
+DOS:
+  default_limit: 250
+  enabled: true
+  interval: 30
+  port_limits: {}
+ERROR_REPORTING:
+  enable: true
+FIREWALL:
+  TCP_IN_IPv4:
+  - '20'
+  - '21'
+  - '22'
+  - '25'
+  - '53'
+  - '80'
+  - '110'
+  - '443'
+  - '465'
+  - '587'
+  - '993'
+  - '995'
+  TCP_OUT_IPv4:
+  - '20'
+  - '21'
+  - '22'
+  - '25'
+  - '53'
+  - '80'
+  - '110'
+  - '113'
+  - '443'
+  - '587'
+  - '993'
+  - '995'
+  UDP_IN_IPv4:
+  - '20'
+  - '21'
+  - '53'
+  - '443'
+  UDP_OUT_IPv4:
+  - '20'
+  - '21'
+  - '53'
+  - '113'
+  - '123'
+  internal_use_remote_iplist: false
+  port_blocking_mode: ALLOW
+INCIDENT_LOGGING:
+  limit: 100000
+  min_log_level: 4
+  num_days: 100
+  ui_autorefresh_timeout: 10
+KERNELCARE:
+  edf: false
+LOGGER:
+  backup_count: 5
+  max_log_file_size: 62914560
+  syscall_monitor: false
+MALWARE_CLEANUP:
+  keep_original_files_days: 14
+  trim_file_instead_of_removal: true
+MALWARE_DATABASE_SCAN:
+  enable: false
+MALWARE_SCANNING:
+  cloud_assisted_scan: true
+  crontabs: false
+  default_action: cleanup
+  detect_elf: true
+  enable_scan_cpanel: true
+  enable_scan_inotify: true
+  enable_scan_modsec: true
+  enable_scan_pure_ftpd: true
+  hyperscan: false
+  max_cloudscan_size_to_scan: 10485760
+  max_mrs_upload_file: 10485760
+  max_signature_size_to_scan: 1048576
+  notify_on_detect: false
+  optimize_realtime_scan: true
+  rapid_scan: true
+  rapid_scan_rescan_unchanging_files_frequency: null
+  scan_modified_files: null
+  sends_file_for_analysis: true
+  try_restore_from_backup_first: false
+MALWARE_SCAN_INTENSITY:
+  cpu: 2
+  io: 2
+  ram: 2048
+  user_scan_cpu: 2
+  user_scan_io: 2
+  user_scan_ram: 1024
+MALWARE_SCAN_SCHEDULE:
+  day_of_month: 1
+  day_of_week: 0
+  hour: 3
+  interval: week
+MOD_SEC:
+  app_specific_ruleset: true
+  cms_account_compromise_prevention: false
+  prev_settings: ''
+  ruleset: FULL
+MOD_SEC_BLOCK_BY_CUSTOM_RULE:
+  33332:
+    check_period: 120
+    max_incidents: 10
+  33339:
+    check_period: 120
+    max_incidents: 10
+MOD_SEC_BLOCK_BY_SEVERITY:
+  check_period: 120
+  denied_num_limit: 2
+  enable: true
+  max_incidents: 2
+  severity_limit: 2
+NETWORK_INTERFACE:
+  eth6_device: null
+  eth_device: null
+  eth_device_skip: []
+OSSEC:
+  active_response: false
+PAM:
+  enable: true
+  exim_dovecot_native: false
+  exim_dovecot_protection: true
+  ftp_protection: false
+PERMISSIONS:
+  advisor: true
+  allow_malware_scan: false
+  support_form: true
+  upgrade_button: true
+  user_ignore_list: false
+  user_override_malware_actions: false
+  user_override_proactive_defense: false
+PROACTIVE_DEFENCE:
+  blamer: true
+  mode: LOG
+  php_immunity: false
+RESOURCE_MANAGEMENT:
+  cpu_limit: 2
+  io_limit: 2
+  ram_limit: 500
+SECURE_SITE:
+  enable: false
+  purchase_page_url: https://secure.site
+SEND_ADDITIONAL_DATA:
+  enable: true
+SMTP_BLOCKING:
+  allow_groups:
+  - mail
+  allow_local: false
+  allow_users: []
+  enable: false
+  ports:
+  - 25
+  - 587
+  - 465
+  redirect: false
+STOP_MANAGING:
+  modsec_directives: false
+WEBSHIELD:
+  captcha_secret_key: ''
+  captcha_site_key: ''
+  enable: true
+  invisible_captcha: false
+  known_proxies_support: true
+  splash_screen: true
+WEB_SERVICES:
+  http_ports: []
+  https_ports: []

sysconfig/imunify360/imunify360.config

@@ -0,0 +1 @@
+{}

sysconfig/imunify360/imunify360.config.d/10_on_first_install.config

@@ -0,0 +1,22 @@
+# Here's config values that should override imunify360
+# default settings for the first install
+#
+# (the intended priority is greater than the values in the agent code
+# but less than any user(local) settings)
+#
+# DO NOT EDIT THE FILE, THE CHANGES WILL BE OVERWRITTEN
+#
+# to override it, put settings into a lexicographically greater file
+# e.g., put 50-local-overrides.config file in
+# /etc/sysconfig/imunify360/imunify360.config.d/ dir, see
+# https://docs.imunify360.com/features/#overridable-config
+#
+PROACTIVE_DEFENCE:
+  php_immunity: True
+LOGGER:
+  syscall_monitor: true
+MALWARE_SCANNING:
+  enable_scan_cpanel: true
+  hyperscan: true
+WEBSHIELD:
+  splash_screen: true

sysconfig/imunify360/imunify360.config.d/90-local.config

@@ -0,0 +1 @@
+../imunify360.config

sysconfig/imunify360/imunify360.config.defaults.example

@@ -0,0 +1,196 @@
+############################################################################
+# DO NOT MODIFY THIS FILE!!!                                               #
+# USE /etc/sysconfig/imunify360/imunify360.config.d/ TO OVERRIDE DEFAULTS  #
+# This is an example of default values only                                #
+# Changing this file will have no effect                                   #
+############################################################################
+
+ADMIN_CONTACTS:
+  emails: []
+  enable_icontact_notifications: true
+AUTO_WHITELIST:
+  after_unblock_timeout: 1440
+  timeout: 1440
+BACKUP_RESTORE:
+  cl_backup_allowed: true
+  cl_on_premise_backup_allowed: false
+  max_days_in_backup: 90
+BLOCKED_PORTS:
+  default_mode: allowed
+CAPTCHA:
+  cert_refresh_timeout: 3600
+CAPTCHA_DOS:
+  enabled: true
+  max_count: 100
+  time_frame: 21600
+  timeout: 864000
+CSF_INTEGRATION:
+  catch_lfd_events: false
+DOS:
+  default_limit: 250
+  enabled: true
+  interval: 30
+  port_limits: {}
+ERROR_REPORTING:
+  enable: true
+FIREWALL:
+  TCP_IN_IPv4:
+  - '20'
+  - '21'
+  - '22'
+  - '25'
+  - '53'
+  - '80'
+  - '110'
+  - '443'
+  - '465'
+  - '587'
+  - '993'
+  - '995'
+  TCP_OUT_IPv4:
+  - '20'
+  - '21'
+  - '22'
+  - '25'
+  - '53'
+  - '80'
+  - '110'
+  - '113'
+  - '443'
+  - '587'
+  - '993'
+  - '995'
+  UDP_IN_IPv4:
+  - '20'
+  - '21'
+  - '53'
+  - '443'
+  UDP_OUT_IPv4:
+  - '20'
+  - '21'
+  - '53'
+  - '113'
+  - '123'
+  internal_use_remote_iplist: false
+  port_blocking_mode: ALLOW
+INCIDENT_LOGGING:
+  limit: 100000
+  min_log_level: 4
+  num_days: 100
+  ui_autorefresh_timeout: 10
+KERNELCARE:
+  edf: false
+LOGGER:
+  backup_count: 5
+  max_log_file_size: 62914560
+  syscall_monitor: false
+MALWARE_CLEANUP:
+  keep_original_files_days: 14
+  trim_file_instead_of_removal: true
+MALWARE_DATABASE_SCAN:
+  enable: false
+MALWARE_SCANNING:
+  cloud_assisted_scan: true
+  crontabs: false
+  default_action: cleanup
+  detect_elf: true
+  enable_scan_cpanel: true
+  enable_scan_inotify: true
+  enable_scan_modsec: true
+  enable_scan_pure_ftpd: true
+  hyperscan: false
+  max_cloudscan_size_to_scan: 10485760
+  max_mrs_upload_file: 10485760
+  max_signature_size_to_scan: 1048576
+  notify_on_detect: false
+  optimize_realtime_scan: true
+  rapid_scan: true
+  rapid_scan_rescan_unchanging_files_frequency: null
+  scan_modified_files: null
+  sends_file_for_analysis: true
+  try_restore_from_backup_first: false
+MALWARE_SCAN_INTENSITY:
+  cpu: 2
+  io: 2
+  ram: 2048
+  user_scan_cpu: 2
+  user_scan_io: 2
+  user_scan_ram: 1024
+MALWARE_SCAN_SCHEDULE:
+  day_of_month: 1
+  day_of_week: 0
+  hour: 3
+  interval: week
+MOD_SEC:
+  app_specific_ruleset: true
+  cms_account_compromise_prevention: false
+  prev_settings: ''
+  ruleset: FULL
+MOD_SEC_BLOCK_BY_CUSTOM_RULE:
+  33332:
+    check_period: 120
+    max_incidents: 10
+  33339:
+    check_period: 120
+    max_incidents: 10
+MOD_SEC_BLOCK_BY_SEVERITY:
+  check_period: 120
+  denied_num_limit: 2
+  enable: true
+  max_incidents: 2
+  severity_limit: 2
+NETWORK_INTERFACE:
+  eth6_device: null
+  eth_device: null
+  eth_device_skip: []
+OSSEC:
+  active_response: false
+PAM:
+  enable: true
+  exim_dovecot_native: false
+  exim_dovecot_protection: true
+  ftp_protection: false
+PERMISSIONS:
+  advisor: true
+  allow_malware_scan: false
+  support_form: true
+  upgrade_button: true
+  user_ignore_list: false
+  user_override_malware_actions: false
+  user_override_proactive_defense: false
+PROACTIVE_DEFENCE:
+  blamer: true
+  mode: LOG
+  php_immunity: false
+RESOURCE_MANAGEMENT:
+  cpu_limit: 2
+  io_limit: 2
+  ram_limit: 500
+SECURE_SITE:
+  enable: false
+  purchase_page_url: https://secure.site
+SEND_ADDITIONAL_DATA:
+  enable: true
+SMTP_BLOCKING:
+  allow_groups:
+  - mail
+  allow_local: false
+  allow_users: []
+  enable: false
+  ports:
+  - 25
+  - 587
+  - 465
+  redirect: false
+STOP_MANAGING:
+  modsec_directives: false
+WEBSHIELD:
+  captcha_secret_key: ''
+  captcha_site_key: ''
+  enable: true
+  invisible_captcha: false
+  known_proxies_support: true
+  splash_screen: true
+WEB_SERVICES:
+  http_ports: []
+  https_ports: []

sysconfig/imunify360/malware-filters-admin-conf/ignored.txt

@@ -0,0 +1,18 @@
+# IMPORTANT: after making changes to this file, perform:
+#
+#     imunify360-agent malware rebuild patterns
+#
+# This file contains additional regular expression patterns specifying what
+# filesystem paths  should not be monitored by inotify/ fanotify realtime
+# scanner.
+# Patterns can be absolute:
+# /another/folder
+# or relative to basedirs supplied by hosting control panels:
+# +[^/]+/www/\.cache
+# This relative pattern will expand to ^/home/[^/]+/www/\.cache for cPanel, for
+# example.
+#
+# All patterns listed here have higher priority than stock watched and ignored
+# lists supplied with Imunify360.
+#
+# Custom ignore patterns have higher priority than custom watched patterns.

sysconfig/imunify360/malware-filters-admin-conf/watched.txt

@@ -0,0 +1,14 @@
+# IMPORTANT: after making changes to this file, perform:
+#
+#     imunify360-agent malware rebuild patterns
+#
+# This file contains additional shell-like glob patterns specifying what file
+# system directories should be monitored by inotify/ fanotify realtime scanner.
+# Patterns can be absolute:
+# /another/folder
+# or relative to basedirs supplied by hosting control panels:
+# +*/www
+# This relative pattern will expand to /home/*/www for cPanel, for example.
+#
+# All patterns listed here have higher priority than stock watched and ignored
+# lists supplied with Imunify360.