From 12be5388ffb49d508a49b4fb3dd0278b6ae9f639 Mon Sep 17 00:00:00 2001 From: Mark Bolwell Date: Wed, 26 Feb 2025 12:26:19 +0000 Subject: [PATCH] improved logic Signed-off-by: Mark Bolwell --- tasks/section_1/cis_1.4.x.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/tasks/section_1/cis_1.4.x.yml b/tasks/section_1/cis_1.4.x.yml index ee941c0..004bfca 100644 --- a/tasks/section_1/cis_1.4.x.yml +++ b/tasks/section_1/cis_1.4.x.yml @@ -50,7 +50,7 @@ efi_mount_options: ['umask=0077','fmask=0077','uid=0','gid=0'] block: - name: "1.4.2 | AUDIT | Ensure permissions on bootloader config are configured | efi based system | capture current state" - ansible.builtin.shell: grep "^[^#;]" /etc/fstab | grep '/boot/efi' | cut -d ' ' -f4 + ansible.builtin.shell: grep "^[^#;]" /etc/fstab | grep '/boot/efi' | awk -F" " '{print $4}' changed_when: false register: discovered_efi_fstab @@ -67,10 +67,3 @@ line: \1{{ discovered_efi_fstab.stdout + efi_mount_opts_addition }}\2 backrefs: true notify: Remount /boot/efi - - - debug: - msg: - - "{{ discovered_efi_fstab.stdout }}" - - "{{ efi_mount_opts_addition }}" - - - pause: