From 6777a887194096f07a4aed1c3aee7e8e5bccc617 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 25 Jul 2022 14:52:26 +0100
Subject: [PATCH] fix logic in warning

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_6/cis_6.2.x.yml | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tasks/section_6/cis_6.2.x.yml b/tasks/section_6/cis_6.2.x.yml
index 6675488..3225895 100644
--- a/tasks/section_6/cis_6.2.x.yml
+++ b/tasks/section_6/cis_6.2.x.yml
@@ -29,18 +29,18 @@
       - name: "6.2.2 | AUDIT | Ensure all groups in /etc/passwd exist in /etc/group | Print message that all groups match between passwd and group files"
         debug:
             msg: "Good News! There are no users that have non-existent GUIDs (Groups)"
-        when: rhel9cis_6_2_2_passwd_gid_check.stdout is not defined
+        when: rhel9cis_6_2_2_passwd_gid_check.stdout | length == 0
 
       - name: "6.2.2 | AUDIT | Ensure all groups in /etc/passwd exist in /etc/group | Print warning about users with invalid GIDs missing GID entries in /etc/group"
         debug:
             msg: "Warning!! The following users have non-existent GIDs (Groups): {{ rhel9cis_6_2_2_passwd_gid_check.stdout_lines | join (', ') }}"
-        when: rhel9cis_6_2_2_passwd_gid_check.stdout is defined
+        when: rhel9cis_6_2_2_passwd_gid_check.stdout | length >= 1
 
       - name: "6.2.2 | AUDIT | Ensure all groups in /etc/passwd exist in /etc/group | warning count"
         set_fact:
             control_number: "{{ control_number }} + [ 'rule_6.2.2' ]"
             warn_count: "{{ warn_count|int + 1 }}"
-        when: rhel9cis_6_2_2_passwd_gid_check.stdout is defined
+        when: rhel9cis_6_2_2_passwd_gid_check.stdout | length >= 1
   when:
       - rhel9cis_rule_6_2_2
   tags:
@@ -63,18 +63,18 @@
       - name: "6.2.3 | AUDIT | Ensure no duplicate UIDs exist | Print message that no duplicate UIDs exist"
         debug:
             msg: "Good News! There are no duplicate UID's in the system"
-        when: rhel9cis_6_2_3_user_uid_check.stdout is not defined
+        when: rhel9cis_6_2_3_user_uid_check.stdout | length == 0
 
       - name: "6.2.3 | AUDIT| Ensure no duplicate UIDs exist | Print warning about users with duplicate UIDs"
         debug:
             msg: "Warning!! The following users have UIDs that are duplicates: {{ rhel9cis_6_2_3_user_uid_check.stdout_lines }}"
-        when: rhel9cis_6_2_3_user_uid_check.stdout is defined
+        when: rhel9cis_6_2_3_user_uid_check.stdout | length >= 1
 
       - name: "6.2.3 | AUDIT| Ensure no duplicate UIDs exist | warning count"
         set_fact:
             control_number: "{{ control_number }} + [ 'rule_6.2.3' ]"
             warn_count: "{{ warn_count|int + 1 }}"
-        when: rhel9cis_6_2_3_user_uid_check.stdout is defined
+        when: rhel9cis_6_2_3_user_uid_check.stdout | length >= 1
   when:
       - rhel9cis_rule_6_2_3
   tags:
@@ -97,18 +97,18 @@
       - name: "6.2.4 | AUDIT | Ensure no duplicate GIDs exist | Print message that no duplicate GID's exist"
         debug:
             msg: "Good News! There are no duplicate GIDs in the system"
-        when: rhel9cis_6_2_4_user_user_check.stdout is not defined
+        when: rhel9cis_6_2_4_user_user_check.stdout | length == 0
 
       - name: "6.2.4 | AUDIT | Ensure no duplicate GIDs exist | Print warning about users with duplicate GIDs"
         debug:
             msg: "Warning!! The following groups have duplicate GIDs: {{ rhel9cis_6_2_4_user_user_check.stdout_lines }}"
-        when: rhel9cis_6_2_4_user_user_check.stdout is defined
+        when: rhel9cis_6_2_4_user_user_check.stdout | length >= 1
 
       - name: "6.2.4 | AUDIT | Ensure no duplicate GIDs exist | warning count"
         set_fact:
             control_number: "{{ control_number }} + [ 'rule_6.2.4' ]"
             warn_count: "{{ warn_count|int + 1 }}"
-        when: rhel9cis_6_2_4_user_user_check.stdout is defined
+        when: rhel9cis_6_2_4_user_user_check.stdout | length >= 1
 
   when:
       - rhel9cis_rule_6_2_4
@@ -132,18 +132,18 @@
       - name: "6.2.5 | AUDIT | Ensure no duplicate user names exist | Print message that no duplicate user names exist"
         debug:
             msg: "Good News! There are no duplicate user names in the system"
-        when: rhel9cis_6_2_5_user_username_check.stdout is not defined
+        when: rhel9cis_6_2_5_user_username_check.stdout | length == 0
 
       - name: "6.2.5 | AUDIT | Ensure no duplicate user names exist | Print warning about users with duplicate User Names"
         debug:
             msg: "Warning!! The following user names are duplicates: {{ rhel9cis_6_2_5_user_username_check.stdout_lines }}"
-        when: rhel9cis_6_2_5_user_username_check.stdout is defined
+        when: rhel9cis_6_2_5_user_username_check.stdout | length >= 1
 
       - name: "6.2.5 | AUDIT | Ensure no duplicate user names exist | warning count"
         set_fact:
             control_number: "{{ control_number }} + [ 'rule_6.2.5' ]"
             warn_count: "{{ warn_count|int + 1 }}"
-        when: rhel9cis_6_2_5_user_username_check.stdout is defined
+        when: rhel9cis_6_2_5_user_username_check.stdout | length >= 1
   when:
       - rhel9cis_rule_6_2_5
   tags: