renamed variables

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2024-09-05 17:36:07 +01:00 · 2024-09-05 17:36:07 +01:00 · 14d038e8eb
commit 14d038e8eb
parent c58c4eb4e8
14 changed files with 113 additions and 113 deletions
--- a/tasks/section_5/cis_5.3.2.x.yml
+++ b/tasks/section_5/cis_5.3.2.x.yml
@ -61,11 +61,11 @@
    - name: "5.3.2.2 | AUDIT | Ensure pam_faillock module is enabled | Get current config"
      ansible.builtin.shell: authselect current | grep faillock
      changed_when: false
-      failed_when: rhel9cis_authselect_current_faillock.rc not in [ 0, 1 ]
-      register: rhel9cis_authselect_current_faillock
+      failed_when: discovered_authselect_current_faillock.rc not in [ 0, 1 ]
+      register: discovered_authselect_current_faillock

    - name: "5.3.2.2 | AUDIT | Ensure pam_faillock module is enabled | Add feature if missing"
-      when: rhel9cis_authselect_current_faillock.rc != 0
+      when: discovered_authselect_current_faillock.rc != 0
      ansible.builtin.shell: "/usr/bin/authselect select custom/{{ rhel9cis_authselect_custom_profile_name }}{% if rhel9cis_rule_5_3_2_2 %} with-faillock{% endif %}{% if rhel9cis_rule_5_3_2_3 %} with-pwquality{% endif %}{% if rhel9cis_rule_5_3_2_4 %} with-pwhistory{% endif %}{% if rhel9cis_rule_5_3_3_4_1 %} without-nullok{% endif %}"

 - name: "5.3.2.3 | PATCH | Ensure pam_pwquality module is enabled"
@ -85,11 +85,11 @@
    - name: "5.3.2.3 | AUDIT | Ensure pam_pwquality module is enabled | Get current config"
      ansible.builtin.shell: authselect current | grep quality
      changed_when: false
-      failed_when: rhel9cis_authselect_current_quality.rc not in [ 0, 1 ]
-      register: rhel9cis_authselect_current_quality
+      failed_when: discovered_authselect_current_quality.rc not in [ 0, 1 ]
+      register: discovered_authselect_current_quality

    - name: "5.3.2.3 | AUDIT | Ensure pam_pwquality module is enabled | Add feature if missing"
-      when: rhel9cis_authselect_current_quality.rc != 0
+      when: discovered_authselect_current_quality.rc != 0
      ansible.builtin.shell: "/usr/bin/authselect select custom/{{ rhel9cis_authselect_custom_profile_name }}{% if rhel9cis_rule_5_3_2_2 %} with-faillock{% endif %}{% if rhel9cis_rule_5_3_2_3 %} with-pwquality{% endif %}{% if rhel9cis_rule_5_3_2_4 %} with-pwhistory{% endif %}{% if rhel9cis_rule_5_3_3_4_1 %} without-nullok{% endif %}"
      notify: Authselect update

@ -110,11 +110,11 @@
    - name: "5.3.2.4 | AUDIT | Ensure pam_pwhistory module is enabled | Get current config"
      ansible.builtin.shell: authselect current | grep pwhistory
      changed_when: false
-      failed_when: rhel9cis_authselect_current_history.rc not in [ 0, 1 ]
-      register: rhel9cis_authselect_current_history
+      failed_when: discovered_authselect_current_history.rc not in [ 0, 1 ]
+      register: discovered_authselect_current_history

    - name: "5.3.2.4 | PATCH | Ensure pam_pwhistory module is enabled | enable feature"
-      when: rhel9cis_authselect_current_history.rc != 0
+      when: discovered_authselect_current_history.rc != 0
      ansible.builtin.shell: "/usr/bin/authselect select custom/{{ rhel9cis_authselect_custom_profile_name }}{% if rhel9cis_rule_5_3_2_2 %} with-faillock{% endif %}{% if rhel9cis_rule_5_3_2_3 %} with-pwquality{% endif %}{% if rhel9cis_rule_5_3_2_4 %} with-pwhistory{% endif %}{% if rhel9cis_rule_5_3_3_4_1 %} without-nullok{% endif %}"
      notify: Authselect update