From 15bf03c75490746568ef21a610236fc714f0630c Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Fri, 23 May 2025 14:34:30 +0100
Subject: [PATCH] added check mode logic

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/prelim.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tasks/prelim.yml b/tasks/prelim.yml
index dbd1493..a0fc2fe 100644
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@@ -25,6 +25,7 @@
   ansible.builtin.shell: >
     grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '(!index($7, "sbin/nologin") && $7 != "/bin/nologin" && $7 != "/bin/false" && $7 != "/dev/null") { print $1 }'
   changed_when: false
+  check_mode: false
   register: prelim_interactive_usernames
 
 - name: "PRELIM | AUDIT | Interactive User accounts home directories"
@@ -32,6 +33,7 @@
   ansible.builtin.shell: >
     grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '(!index($7, "sbin/nologin") && $7 != "/bin/nologin" && $7 != "/bin/false") { print $6 }'
   changed_when: false
+  check_mode: false
   register: prelim_interactive_users_home
 
 - name: "PRELIM | AUDIT | Interactive UIDs"
@@ -39,6 +41,7 @@
   ansible.builtin.shell: >
     grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '(!index($7, "sbin/nologin") && $7 != "/bin/nologin" && $7 != "/bin/false") { print $3 }'
   changed_when: false
+  check_mode: false
   register: prelim_interactive_uids
 
 - name: "PRELIM | AUDIT | Capture /etc/password variables"
@@ -64,6 +67,7 @@
       ansible.builtin.shell: |
         mount | awk '{print $1, $3, $5, $6}'
       changed_when: false
+      check_mode: false
       register: prelim_mount_output
 
     - name: PRELIM | AUDIT | Section 1.1 | Retrieve mount options - build fact  # This is inherited and used in mountpoints tasks
@@ -100,6 +104,7 @@
       ansible.builtin.command: rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'  # noqa command-instead-of-module
       changed_when: false
       failed_when: false
+      check_mode: false
       register: prelim_check_gpg_imported
 
     - name: "PRELIM | AUDIT | Import gpg keys | Check Package"  # noqa command-instead-of-module
@@ -328,12 +333,14 @@
       ansible.builtin.command: awk '/^UID_MIN/ {print $2}' /etc/login.defs
       changed_when: false
       failed_when: false
+      check_mode: false
       register: prelim_uid_min_id
 
     - name: "PRELIM | AUDIT | Capture UID_MAX from /etc/login.defs"
       ansible.builtin.command: awk '/^UID_MAX/ {print $2}' /etc/login.defs
       changed_when: false
       failed_when: false
+      check_mode: false
       register: prelim_uid_max_id
 
 - name: "PRELIM | AUDIT | Set facts for interactive UID/GID ranges"