From ddec58c419733b90ff5d9e5698c44e8d3c7e47c8 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 28 Jun 2023 10:49:55 +0100
Subject: [PATCH] #66 5.6.5 regex improvment

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_5/cis_5.6.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_5/cis_5.6.x.yml b/tasks/section_5/cis_5.6.x.yml
index 3e49a46..527208d 100644
--- a/tasks/section_5/cis_5.6.x.yml
+++ b/tasks/section_5/cis_5.6.x.yml
@@ -100,7 +100,7 @@
       - name: "5.6.5 | PATCH | Ensure default user umask is 027 or more restrictive | Set umask for /etc/profile"
         ansible.builtin.replace:
             path: /etc/profile
-            regexp: '^(?i)(\s+UMASK|UMASK)\s0[0-2][0-6]'
+            regexp: '(?i)(umask)\s0[0-2][0-6]'
             replace: '\1 027'
   when:
       - rhel9cis_rule_5_6_5