From 4d90fed61ba2e261fd3acaee872a8a5fb3cdd161 Mon Sep 17 00:00:00 2001
From: Francesco Trentini <francesco.trentini@ris.bz.it>
Date: Thu, 21 Mar 2024 16:12:58 +0100
Subject: [PATCH] remove quotes in sudoers file in order to pass openscap
 security scan

Signed-off-by: Francesco Trentini <francesco.trentini@ris.bz.it>
---
 tasks/section_5/cis_5.3.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_5/cis_5.3.x.yml b/tasks/section_5/cis_5.3.x.yml
index 2f63b23..248b05f 100644
--- a/tasks/section_5/cis_5.3.x.yml
+++ b/tasks/section_5/cis_5.3.x.yml
@@ -30,8 +30,8 @@
 - name: "5.3.3 | PATCH | Ensure sudo log file exists"
   ansible.builtin.lineinfile:
       path: /etc/sudoers
-      regexp: '^Defaults    logfile='
-      line: 'Defaults    logfile="{{ rhel9cis_sudolog_location }}"'
+      regexp: '^Defaults logfile='
+      line: 'Defaults logfile={{ rhel9cis_sudolog_location }}'
       validate: '/usr/sbin/visudo -cf %s'
   when:
       - rhel9cis_rule_5_3_3