From 3dcaa58291516f5463654dd9cb2439fc83433499 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 19 Jan 2022 09:35:41 +0000
Subject: [PATCH] add pkg fact and audit conditionals

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/post.yml | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/tasks/post.yml b/tasks/post.yml
index 973e22d..313d609 100644
--- a/tasks/post.yml
+++ b/tasks/post.yml
@@ -6,6 +6,12 @@
       autoremove: true
   changed_when: false
 
+- name: Gather the package facts after remediation
+  package_facts:
+      manager: auto
+  tags:
+  - always
+
 - name: trigger update sysctl
   shell: /bin/true
   args:
@@ -38,8 +44,13 @@
   changed_when: true
   check_mode: false
   when:
-      - "'auditd' in ansible_facts.packages"
-      - rhel9cis_rule_4_1_3 or
+      - rhel9cis_rule_4_1_1_1 or
+        rhel9cis_rule_4_1_1_2 or
+        rhel9cis_rule_4_1_1_3 or
+        rhel9cis_rule_4_1_2_1 or
+        rhel9cis_rule_4_1_2_2 or
+        rhel9cis_rule_4_1_2_3 or
+        rhel9cis_rule_4_1_3 or
         rhel9cis_rule_4_1_4 or
         rhel9cis_rule_4_1_5 or
         rhel9cis_rule_4_1_6 or