From d64414ce9b4379a254ce74fd423b790149d51223 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 18 Sep 2023 09:51:56 +0100
Subject: [PATCH] updated test and control

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_1/cis_1.1.8.x.yml | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/tasks/section_1/cis_1.1.8.x.yml b/tasks/section_1/cis_1.1.8.x.yml
index 2bf9fc1..089ca28 100644
--- a/tasks/section_1/cis_1.1.8.x.yml
+++ b/tasks/section_1/cis_1.1.8.x.yml
@@ -3,18 +3,23 @@
 # Skips if mount is absent
 - name: "1.1.8.1 | AUDIT | Ensure /dev/shm is a separate partition"
   block:
-      - name: "1.1.8.1 | AUDIT | Ensure /dev/shm is a separate partition | Absent"
-        ansible.builtin.debug:
-            msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
+      - name: "1.1.8.1 | AUDIT | Ensure /dev/shm is a separate partition | check exists"
+        ansible.builtin.shell: mount -l | grep -w /dev/shm
+        changed_when: false
+        register: rhel9cis_1_8_1_1_mount_check
 
-      - name: "1.1.8.1 | AUDIT | Ensure separate partition exists for /home | Present"
-        ansible.builtin.import_tasks: warning_facts.yml
+      - block:
+            - name: "1.1.8.1 | AUDIT | Ensure /dev/shm is a separate partition | Absent"
+              ansible.builtin.debug:
+                  msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
+
+            - name: "1.1.8.1 | AUDIT | Ensure separate partition exists for /home | Present"
+              ansible.builtin.import_tasks: warning_facts.yml
+        when: rhel9cis_1_8_1_1_mount_check.rc == 1
 
   vars:
       warn_control_id: '1.1.8.1'
-      required_mount: '/dev/shm'
   when:
-      - required_mount not in mount_names
       - rhel9cis_rule_1_1_8_1
   tags:
       - level1-server