From 98feeb1b01e017b1ddbd8a5f3005b96bf15f19fe Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Fri, 27 Jan 2023 11:02:01 +0000
Subject: [PATCH] 5.6.6 test added

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/main.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/tasks/main.yml b/tasks/main.yml
index 47940fc..d083319 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -42,6 +42,28 @@
   tags:
       - user_passwd
 
+- name: "Ensure root password is set"
+  block:
+      - name: "Ensure root password is set"
+        ansible.builtin.shell: passwd -S root | grep "Password set, SHA512 crypt"
+        changed_when: false
+        register: root_passwd_set
+
+      - name: "Ensure root password is set"
+        ansible.builtin.assert:
+            that: root_passwd_set.rc == 0
+            fail_msg: "You have rule 5.6.6 enabled this requires that you have a root password set"
+            success_msg: "You have a root password set"
+  when:
+      - rhel9cis_rule_5_6_6
+  tags:
+      - level1-server
+      - level1-workstation
+      - patch
+      - accounts
+      - root
+      - rule_5.6.6
+
 - name: Setup rules if container
   block:
       - name: Discover and set container variable if required