fixed thanks to cf-sewe

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2025-12-24 14:23:05 +00:00 · 2022-02-07 16:44:41 +00:00 · 2022-02-07 16:44:41 +00:00 · 59e22e8600
commit 59e22e8600
parent 9db4b7fd81
1 changed files with 2 additions and 2 deletions
--- a/tasks/section_5/cis_5.4.x.yml
+++ b/tasks/section_5/cis_5.4.x.yml
@ -24,7 +24,7 @@
            dest: /etc/pam.d/system-auth
            state: present
            regexp: '^password    requisite                                    pam_pwquality.so'
-            line: "password    requisite                                    pam_pwquality.so try_first_pass local_users_only enforce-for-root retry=3 remember={{ rhel9cis_pam_faillock.remember }}"
+            line: "password    requisite                                    pam_pwquality.so try_first_pass local_users_only enforce_for_root retry=3 remember={{ rhel9cis_pam_faillock.remember }}"
            insertbefore: '^#?password ?'
        when:
            - rhel9cis_rule_5_4_1 or
@ -35,7 +35,7 @@
            dest: /etc/pam.d/password-auth
            state: present
            regexp: '^password    requisite                                    pam_pwquality.so'
-            line: "password    requisite                                    pam_pwquality.so try_first_pass local_users_only enforce-for-root retry=3"
+            line: "password    requisite                                    pam_pwquality.so try_first_pass local_users_only enforce_for_root retry=3"
            insertbefore: '^#?password ?'
        when: rhel9cis_rule_5_4_1