From 5794114b3e2207655b173a098c0b01bdc9a2474a Mon Sep 17 00:00:00 2001
From: Frederick Witty <frederickw@mindpointgroup.com>
Date: Tue, 9 Sep 2025 15:12:01 -0400
Subject: [PATCH] Update prelim logic to address #382

Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
---
 Changelog.md   | 1 +
 tasks/main.yml | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 252418c..9e27290 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,7 @@
 # Changes to rhel9CIS
 
 ## 2.0.3 - Based on CIS v2.0.0
+- addressed issue #382 to improve regex logic on 5.4.2.4
 - improvment on crypto policy managed controls with var logic
 - addressed issue #384 thank you @polski-g
 - update command to shell module on tasks
diff --git a/tasks/main.yml b/tasks/main.yml
index 968debd..760ee1b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -134,7 +134,7 @@
     - rule_5.4.2.4
   block:
     - name: "Ensure root password is set"
-      ansible.builtin.shell: LC_ALL=C passwd -S root | grep -E "(Password set, SHA512 crypt|Password locked)"
+      ansible.builtin.shell: LC_ALL=C passwd -S root | grep -E "(Password set|Password locked)"
       changed_when: false
       failed_when: prelim_root_passwd_set.rc not in [ 0, 1 ]
       register: prelim_root_passwd_set