From 7c34f61d11e306bd59eaa1225327c06c8440453a Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 26 Jul 2023 08:50:53 +0100
Subject: [PATCH] #72 improve password check

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 Changelog.md   | 6 ++++++
 tasks/main.yml | 1 +
 2 files changed, 7 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index adbc58b..1ceb4c6 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,12 @@
 # Changes to rhel9CIS
 
+## 1.0.10
+
+- [#72](https://github.com/ansible-lockdown/RHEL9-CIS/issues/72)
+  - Only run check when paybook user not a superuser
+
 ## 1.0.9
+
 fixed assert for user password set
 
 thanks to @byjunks
diff --git a/tasks/main.yml b/tasks/main.yml
index f895847..277e43f 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -38,6 +38,7 @@
             sudo_password_rule: rhel9cis_rule_5_3_4
   when:
       - rhel9cis_rule_5_3_4
+      - ansible_env.SUDO_USER is defined
       - not system_is_ec2
   tags:
       - user_passwd