Include files from /usr/local/bin and /usr/local/etc in harvest (assuming they aren't binaries or symlinks) and store in usr_local_custom role, similar to etc_custom.

2025-12-18 17:11:04 +11:00 · 2025-12-18 17:11:04 +11:00 · 4660a0703e
commit 4660a0703e
parent b5d2b99174
11 changed files with 551 additions and 3 deletions
--- a/enroll/ignore.py
+++ b/enroll/ignore.py
@ -23,6 +23,11 @@ DEFAULT_DENY_GLOBS = [
    "/etc/gshadow",
    "/etc/*shadow",
    "/etc/letsencrypt/*",
+    "/usr/local/etc/ssl/private/*",
+    "/usr/local/etc/ssh/ssh_host_*",
+    "/usr/local/etc/*shadow",
+    "/usr/local/etc/*gshadow",
+    "/usr/local/etc/letsencrypt/*",
 ]

 SENSITIVE_CONTENT_PATTERNS = [