From 729fac35805154823053088317e4a7edbdd729e9 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Fri, 22 Sep 2023 08:44:43 +0100
Subject: [PATCH] updated 5.6.5

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 Changelog.md                  | 1 +
 tasks/section_5/cis_5.6.x.yml | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index 77c96c0..3b4f9e9 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -6,6 +6,7 @@
 - lint updates
 - .secrets updated
 - file mode quoted
+- updated 5.6.5 thansk to feedback from S!ghs on discord community
 
 ## 1.1.1 - Based on CIS v1.0.0
 
diff --git a/tasks/section_5/cis_5.6.x.yml b/tasks/section_5/cis_5.6.x.yml
index a529290..e5565b4 100644
--- a/tasks/section_5/cis_5.6.x.yml
+++ b/tasks/section_5/cis_5.6.x.yml
@@ -83,10 +83,10 @@
 - name: "5.6.5 | PATCH | Ensure default user umask is 027 or more restrictive"
   block:
       - name: "5.6.5 | PATCH | Ensure default user umask is 027 or more restrictive | Set umask for /etc/login.defs pam_umask settings"
-        ansible.builtin.lineinfile:
+        ansible.builtin.replace:
             path: "{{ item.path }}"
-            regexp: '(?i)(umask\s*)'
-            line: '{{ item.line }} 027'
+            regexp: (?i)(umask\s+\d\d\d)
+            replace: '{{ item.line }} 027'
         with_items:
             - { path: '/etc/bashrc', line: 'umask' }
             - { path: '/etc/profile', line: 'umask' }