QA Fixes

Signed-off-by: Frederick Witty <frederick.witty@gotyto.com>

tasks/section_5/cis_5.3.2.x.yml

@@ -14,7 +14,9 @@
     - rule_5.3.2.1
   block:
     - name: "5.3.2.1 | PATCH | Ensure active authselect profile includes pam modules | Create custom profiles"
-      when: rhel9cis_authselect_custom_profile_name not in prelim_authselect_profile_list.stdout
+      when:
+        - rhel9cis_authselect_custom_profile_create
+        - rhel9cis_authselect_custom_profile_name not in prelim_authselect_profile_list.stdout
       ansible.builtin.command: "/usr/bin/authselect create-profile {{ rhel9cis_authselect_custom_profile_name }} -b {{ rhel9cis_authselect_default_profile_to_copy }}"
       changed_when: false
       args:

tasks/section_5/cis_5.3.3.2.x.yml

@@ -340,7 +340,7 @@
         - system
       notify: Authselect update
 
-- name: "5.3.3.2.7 | PATCH | Ensure password quality is enforced for the root user"
+- name: "5.3.3.2.7 | PATCH | Ensure password quality checking is enforced"
   when: rhel9cis_rule_5_3_3_2_7
   tags:
     - level1-server
@@ -350,8 +350,8 @@
     - NIST800-53R5_IA-5
     - pam
   ansible.builtin.template:
-    src: "{{ rhel9cis_passwd_quality_enforce_root_file }}.j2"
-    dest: "/{{ rhel9cis_passwd_quality_enforce_root_file }}"
+    src: "{{ rhel9cis_passwd_quality_enforce_file }}.j2"
+    dest: "/{{ rhel9cis_passwd_quality_enforce_file }}"
     owner: root
     group: root
     mode: 'o-rwx'

tasks/section_5/cis_5.4.2.x.yml

@@ -179,7 +179,7 @@
             - item.stat.exists
             - item.stat.isdir
             - item.stat.pw_name != 'root' or item.stat.gr_name != 'root' or item.stat.woth or item.stat.wgrp
-            - (item != 'root') and (not rhel9cis_uses_root)
+            - (item != 'root') and (not rhel9cis_uses_root )
           ansible.builtin.file:
             path: "{{ item.stat.path }}"
             state: directory