ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 14:23:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Use shell for grep with shell expansions

Browse source 
Signed-off-by: Christopher Papke <chris.papke@thalesgroup.com>
This commit is contained in:
Christopher Papke 2025-01-07 12:57:02 -08:00
parent f057484a7a
commit 88a497b195
No known key found for this signature in database
GPG key ID: F0E2AE3AE922E9CF
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/section_5/cis_5.3.2.x.yml
View file

@ -141,7 +141,7 @@
- rule_5.3.2.5
block:
- name: "5.3.2.5 | AUDIT | Ensure pam_unix module is enabled"
ansible.builtin.command: grep -P -- '\b(pam_unix\.so)\b' /etc/authselect/"$(head -1 /etc/authselect/authselect.conf)"/{system,password}-auth
ansible.builtin.shell: grep -P -- '\b(pam_unix\.so)\b' /etc/authselect/"$(head -1 /etc/authselect/authselect.conf)"/{system,password}-auth
changed_when: false
failed_when: discovered_discovered_authselect_pam_unix.rc not in [ 0, 1 ]
register: discovered_discovered_authselect_pam_unix