From d687cd8b44bcd33bcad124bcf9c1941d9381ca4f Mon Sep 17 00:00:00 2001
From: Adam Lewandowski <adam.lewandowski@plxis.com>
Date: Mon, 9 May 2022 13:46:44 -0400
Subject: [PATCH] Fix version check to not be a simple string compare

Signed-off-by: Adam Lewandowski <adam.lewandowski@plxis.com>
---
 tasks/section_5/cis_5.5.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_5/cis_5.5.x.yml b/tasks/section_5/cis_5.5.x.yml
index 9b4c7d3..87be8e3 100644
--- a/tasks/section_5/cis_5.5.x.yml
+++ b/tasks/section_5/cis_5.5.x.yml
@@ -54,7 +54,7 @@
             - "system-auth"
             - "password-auth"
   when:
-      - ansible_distribution_version <= "8.1"
+      - ansible_distribution_version is version("8.1", "<=")
       - rhel9cis_rule_5_5_2
 
 - name: "5.5.2 | PATCH | Ensure system accounts are secured | RHEL8.2+ "
@@ -66,7 +66,7 @@
       - { regexp: '^\s*deny\s*=\s*[1-5]\b', line: 'deny = 5' }
       - { regexp: '^\s*unlock_time\s*=\s*(0|9[0-9][0-9]|[1-9][0-9][0-9][0-9]+)\b', line: 'unlock_time = 900' }
   when:
-      - ansible_distribution_version >= "8.2"
+      - ansible_distribution_version is version("8.2", ">=")
       - rhel9cis_rule_5_5_2
 
 - name: "5.5.3 | PATCH | Ensure password reuse is limited"