Merge branch 'lint_dec24' into alignment

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/section_5/cis_5.4.2.x.yml

@@ -56,8 +56,7 @@
       loop: "{{ discovered_gid0_members.stdout_lines }}"
 
 - name: "5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group"
-  when:
-    - rhel9cis_rule_5_4_2_3
+  when: rhel9cis_rule_5_4_2_3
   tags:
     - level1-server
     - level1-workstation
@@ -96,8 +95,7 @@
         warn_control_id: '5.4.2.3'
 
 - name: "5.4.2.4 | PATCH | Ensure root account access is controlled "
-  when:
-    - rhel9cis_rule_5_4_2_4
+  when: rhel9cis_rule_5_4_2_4
   tags:
     - level1-server
     - level1-workstation
@@ -108,8 +106,7 @@
     msg: "This is set as an assert in tasks/main"
 
 - name: "5.4.2.5 | PATCH | Ensure root PATH Integrity"
-  when:
-    - rhel9cis_rule_5_4_2_5
+  when: rhel9cis_rule_5_4_2_5
   tags:
     - level1-server
     - level1-workstation
@@ -172,15 +169,14 @@
             state: directory
             owner: root
             group: root
-            mode: '0755'
+            mode: 'go-w'
             follow: false
           loop: "{{ discovered_root_path_perms.results }}"
           loop_control:
             label: "{{ item }}"
 
 - name: "5.4.2.6 | PATCH | Ensure root user umask is configured"
-  when:
-    - rhel9cis_rule_5_4_2_6
+  when: rhel9cis_rule_5_4_2_6
   tags:
     - level1-server
     - level1-workstation