From fe6fca34c9692dbda3064029aa5c46537ecfe178 Mon Sep 17 00:00:00 2001
From: Francesco Trentini <francesco.trentini@ris.bz.it>
Date: Fri, 22 Mar 2024 09:25:39 +0100
Subject: [PATCH] enhance regexp for "Ensure sudo log file exists" task

Signed-off-by: Francesco Trentini <francesco.trentini@ris.bz.it>
---
 tasks/section_5/cis_5.3.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_5/cis_5.3.x.yml b/tasks/section_5/cis_5.3.x.yml
index 248b05f..cb94609 100644
--- a/tasks/section_5/cis_5.3.x.yml
+++ b/tasks/section_5/cis_5.3.x.yml
@@ -30,7 +30,7 @@
 - name: "5.3.3 | PATCH | Ensure sudo log file exists"
   ansible.builtin.lineinfile:
       path: /etc/sudoers
-      regexp: '^Defaults logfile='
+      regexp: '^Defaults\s+logfile='
       line: 'Defaults logfile={{ rhel9cis_sudolog_location }}'
       validate: '/usr/sbin/visudo -cf %s'
   when: