From ce3ae8361e1aec615b4168bacd1e5bc964f06fc8 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 16 Jun 2025 17:14:58 +0100
Subject: [PATCH] Updated logic for root password check

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index e285e8d..43ec09c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -132,8 +132,9 @@
     - rule_5.4.2.4
   block:
     - name: "Ensure root password is set"
-      ansible.builtin.shell: passwd -S root | egrep -e "(Password set, SHA512 crypt|Password locked)"
+      ansible.builtin.shell: passwd -S root | grep -E "(Password set, SHA512 crypt|Password locked)"
       changed_when: false
+      failed_when: prelim_root_passwd_set.rc not in [ 0, 1 ]
       register: prelim_root_passwd_set
 
     - name: "Ensure root password is set"