From ae228e3f96ea776627239810e218bfdc8b388eb9 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 11 Dec 2024 12:37:40 +0000
Subject: [PATCH] 5.4.1.5 improvemet

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_5/cis_5.4.1.x.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tasks/section_5/cis_5.4.1.x.yml b/tasks/section_5/cis_5.4.1.x.yml
index 732fc5c..72dc50f 100644
--- a/tasks/section_5/cis_5.4.1.x.yml
+++ b/tasks/section_5/cis_5.4.1.x.yml
@@ -139,8 +139,7 @@
       changed_when: true
 
     - name: "5.4.1.5 | AUDIT | Ensure inactive password lock is 30 days or less | Getting user list"
-      ansible.builtin.shell: |
-        "awk -F: '/^[^#:]+:[^\\!\\*:]*:[^:]*:[^:]*:[^:]*:[^:]*:(\\s*|-1|3[1-9]|[4-9][0-9]|[1-9][0-9][0-9]+):[^:]*:[^:]*\\s*$/ {print $1}' /etc/shadow"
+      ansible.builtin.shell: "awk -F: '/^[^#:]+:[^\\!\\*:]*:[^:]*:[^:]*:[^:]*:[^:]*:(\\s*|-1|3[1-9]|[4-9][0-9]|[1-9][0-9][0-9]+):[^:]*:[^:]*\\s*$/ {print $1}' /etc/shadow"
       changed_when: false
       check_mode: false
       register: discovered_passwdlck_user_list