From f40d17df92588a7e97655fa9691805fd17b93c59 Mon Sep 17 00:00:00 2001
From: Frederick Witty <frederickw@mindpointgroup.com>
Date: Thu, 12 Jun 2025 12:42:44 -0400
Subject: [PATCH] Update eprep based tasks to grep/awk

Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
---
 tasks/main.yml                  | 2 +-
 tasks/section_1/cis_1.3.1.x.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index e285e8d..fe50b10 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -132,7 +132,7 @@
     - rule_5.4.2.4
   block:
     - name: "Ensure root password is set"
-      ansible.builtin.shell: passwd -S root | egrep -e "(Password set, SHA512 crypt|Password locked)"
+      ansible.builtin.shell: passwd -S root | grep -E "(Password set, SHA512 crypt|Password locked)"
       changed_when: false
       register: prelim_root_passwd_set
 
diff --git a/tasks/section_1/cis_1.3.1.x.yml b/tasks/section_1/cis_1.3.1.x.yml
index 198ae7b..17e138e 100644
--- a/tasks/section_1/cis_1.3.1.x.yml
+++ b/tasks/section_1/cis_1.3.1.x.yml
@@ -106,7 +106,7 @@
     warn_control_id: '1.3.1.6'
   block:
     - name: "1.3.1.6 | AUDIT | Ensure no unconfined services exist | Find the unconfined services"
-      ansible.builtin.shell: ps -eZ | grep unconfined_service_t | egrep -vw "tr|ps|egrep|bash|awk" | tr ':' ' ' | awk '{ print $NF }'
+      ansible.builtin.shell: ps -eZ | awk -F':'' '/unconfined_service_t/ && $NF !~ /tr|ps|egrep|bash|awk/ {print $NF}'
       register: discovered_unconf_services
       failed_when: false
       changed_when: false