From a0fd194ef449cf6aebdf3c2bed0464f42ee82d30 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 12 Aug 2024 10:47:38 +0100
Subject: [PATCH] fixed typo on 4.1.4.5

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_4/cis_4.1.4.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_4/cis_4.1.4.x.yml b/tasks/section_4/cis_4.1.4.x.yml
index 2312b03..79c0f23 100644
--- a/tasks/section_4/cis_4.1.4.x.yml
+++ b/tasks/section_4/cis_4.1.4.x.yml
@@ -64,7 +64,7 @@
 - name: "4.1.4.5 | PATCH | Ensure audit configuration files are 640 or more restrictive"
   ansible.builtin.file:
       path: "{{ item.path }}"
-      mode: 'u-x,g-wx,u-rwx'
+      mode: 'u-x,g-wx,o-rwx'
   failed_when: rhel9cis_4_1_4_5_file_list.state not in '[ file, absent ]'
   register: rhel9cis_4_1_4_5_file_list
   loop: "{{ auditd_conf_files.files }}"