Updated variable naming for interactive_users

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/prelim.yml

@@ -31,7 +31,7 @@
 - name: "PRELIM | AUDIT | Interactive Users (reformat)"
   tags: always
   ansible.builtin.set_fact:
-    prelim_interactive_usernames: "{{ prelim_interactive_users | default([]) + [dict([('username', item.split(':')[0]), ('uid', item.split(':')[1]), ('home', item.split(':')[2])])] }}"
+    prelim_interactive_users: "{{ prelim_interactive_users | default([]) + [dict([('username', item.split(':')[0]), ('uid', item.split(':')[1]), ('home', item.split(':')[2])])] }}"
   loop: "{{ prelim_interactive_users_raw.stdout_lines }}"
 
 - name: "PRELIM | AUDIT | Interactive UIDs"

tasks/section_5/cis_5.4.1.x.yml

@@ -29,7 +29,7 @@
     - name: "5.4.1.1 | PATCH | Ensure password expiration is 365 days or less | Set existing users PASS_MAX_DAYS"
       when:
         - discovered_max_days.stdout_lines | length > 0
-        - item in prelim_interactive_usernames | map(attribute='username') | list
+        - item in prelim_interactive_users | map(attribute='username') | list
         - rhel9cis_force_user_maxdays
       ansible.builtin.user:
         name: "{{ item }}"
@@ -60,7 +60,7 @@
     - name: "5.4.1.2 | PATCH | Ensure minimum password days is configured | Set existing users PASS_MIN_DAYS"
       when:
         - discovered_min_days.stdout_lines | length > 0
-        - item in prelim_interactive_usernames | map(attribute='username') | list
+        - item in prelim_interactive_users | map(attribute='username') | list
         - rhel9cis_force_user_mindays
       ansible.builtin.user:
         name: "{{ item }}"
@@ -91,7 +91,7 @@
     - name: "5.4.1.3 | PATCH | Ensure password expiration warning days is configured | Set existing users WARN_DAYS"
       when:
         - discovered_warn_days.stdout_lines | length > 0
-        - item in prelim_interactive_usernames | map(attribute='username') | list
+        - item in prelim_interactive_users | map(attribute='username') | list
         - rhel9cis_force_user_warnage
       ansible.builtin.command: "chage --warndays {{ rhel9cis_pass['warn_age'] }} {{ item }}"
       changed_when: true
@@ -140,7 +140,7 @@
       register: discovered_passwdlck_user_list
 
     - name: "5.4.1.5 | PATCH | Ensure inactive password lock is 30 days or less | Apply Inactive setting to existing accounts"
-      when: item in prelim_interactive_usernames |  map(attribute='username') | list
+      when: item in prelim_interactive_users |  map(attribute='username') | list
       ansible.builtin.command: chage --inactive {{ rhel9cis_inactivelock.lock_days }} "{{ item }}"
       changed_when: true
       loop: "{{ discovered_passwdlck_user_list.stdout_lines }}"

tasks/section_5/cis_5.4.2.x.yml

@@ -195,7 +195,7 @@
 - name: "5.4.2.7 | PATCH | Ensure system accounts do not have a valid login shell"
   when:
     - rhel9cis_rule_5_4_2_7
-    - "item.id not in prelim_interactive_usernames | map(attribute='username')"
+    - "item.id not in prelim_interactive_users | map(attribute='username')"
     - item.id not in rhel9cis_system_users_shell
     - "'root' not in item.id"
     - rhel9cis_disruption_high
@@ -220,7 +220,7 @@
   when:
     - rhel9cis_rule_5_4_2_8
     - rhel9cis_disruption_high
-    - "item.id not in prelim_interactive_usernames | map(attribute='username')"
+    - "item.id not in prelim_interactive_users | map(attribute='username')"
     - "'root' not in item.id"
   tags:
     - level1-server