updated yamllint, company naming, linting and spacing

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/section_5/cis_5.4.2.x.yml

@@ -17,7 +17,7 @@
     - NIST800-53R5_CM-6
     - NIST800-53R5_CM-7
     - NIST800-53R5_IA-5
-  ansible.builtin.shell: passwd -l {{ item }}
+  ansible.builtin.command: passwd -l {{ item }}
   changed_when: false
   failed_when: false
   loop: "{{ prelim_uid_zero_accounts_except_root.stdout_lines }}"
@@ -56,8 +56,7 @@
       loop: "{{ discovered_gid0_members.stdout_lines }}"
 
 - name: "5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group"
-  when:
-    - rhel9cis_rule_5_4_2_3
+  when: rhel9cis_rule_5_4_2_3
   tags:
     - level1-server
     - level1-workstation
@@ -96,8 +95,7 @@
         warn_control_id: '5.4.2.3'
 
 - name: "5.4.2.4 | PATCH | Ensure root account access is controlled "
-  when:
-    - rhel9cis_rule_5_4_2_4
+  when: rhel9cis_rule_5_4_2_4
   tags:
     - level1-server
     - level1-workstation
@@ -108,8 +106,7 @@
     msg: "This is set as an assert in tasks/main"
 
 - name: "5.4.2.5 | PATCH | Ensure root PATH Integrity"
-  when:
-    - rhel9cis_rule_5_4_2_5
+  when: rhel9cis_rule_5_4_2_5
   tags:
     - level1-server
     - level1-workstation
@@ -172,15 +169,14 @@
             state: directory
             owner: root
             group: root
-            mode: '0755'
+            mode: 'go-w'
             follow: false
           loop: "{{ discovered_root_path_perms.results }}"
           loop_control:
             label: "{{ item }}"
 
 - name: "5.4.2.6 | PATCH | Ensure root user umask is configured"
-  when:
-    - rhel9cis_rule_5_4_2_6
+  when: rhel9cis_rule_5_4_2_6
   tags:
     - level1-server
     - level1-workstation
@@ -194,6 +190,9 @@
     regexp: \s*umask
     line: "umask {{ rhel9cis_root_umask }}"
     create: true
+    owner: root
+    group: root
+    mode: 'go-rwx'
 
 - name: "5.4.2.7 | PATCH | Ensure system accounts do not have a valid login shell"
   when: