From ed699a50ba5991beb4d5e93b0ec8e51f32d81677 Mon Sep 17 00:00:00 2001
From: Diana-Maria Dumitru <diana.dumitru@siemens.com>
Date: Thu, 26 Jun 2025 13:35:51 +0300
Subject: [PATCH] Fixing issue
 https://code.siemens.com/infosec-pss-gov/security-crafter-baseline-automations/ansible-lockdown/rhel9-cis/-/issues/43
 .

Signed-off-by: Diana-Maria Dumitru <diana.dumitru@siemens.com>
---
 tasks/auditd.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/auditd.yml b/tasks/auditd.yml
index 0fa0b32..9ada459 100644
--- a/tasks/auditd.yml
+++ b/tasks/auditd.yml
@@ -25,7 +25,7 @@
     dest: /etc/audit/rules.d/99_auditd.rules
     owner: root
     group: root
-    mode: 'u-x,go-wx'
+    mode: 'u-x,g-wx,o-rwx'
   diff: "{{ discovered_auditd_rules_file.stat.exists }}"  # Only run diff if not a new file
   register: discovered_auditd_rules_template_updated
   notify: