Updated mountpoints controls

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/prelim.yml

@@ -58,12 +58,35 @@
     name: python3-libselinux
     state: present
 
-- name: "PRELIM | AUDIT | Section 1.1 | Create list of mount points"
-  tags:
-    - Always
+- name: PRELIM | AUDIT | Section 1.1 | Create list of mount points
+  tags: always
   ansible.builtin.set_fact:
     mount_names: "{{ ansible_facts.mounts | map(attribute='mount') | list }}"
 
+- name: PRELIM | AUDIT | Section 1.1 | Retrieve mount options
+  tags: always
+  block:
+    - name: PRELIM | AUDIT | Section 1.1 | Retrieve mount options - call mount  # noqa command-instead-of-module
+      ansible.builtin.shell: |
+        mount | awk '{print $1, $3, $5, $6}'
+      changed_when: false
+      register: mount_output
+
+    - name: PRELIM | AUDIT | Section 1.1 | Retrieve mount options - build fact
+      ansible.builtin.set_fact:
+        mount_point_fs_and_options: >-
+          {%- set mount_point_fs_and_options = {} -%}
+          {%- for line in mount_output.stdout_lines -%}
+          {%- set fields = line.split() -%}
+          {%- set _ = mount_point_fs_and_options.update({fields[1]: {'src': fields[0], 'fs_type': fields[2], 'original_options': fields[3][1:-1].split(','), 'options': fields[3][1:-1].split(',')}}) -%}
+          {%- endfor -%}
+          {{ mount_point_fs_and_options }}
+
+    - name: "PRELIM | AUDIT | Debug of mount variables to assist in troubleshooting"
+      when: rhel9cis_debug_mount_data
+      ansible.builtin.debug:
+        msg: "{{ mount_point_fs_and_options }}"
+
 - name: "PRELIM | PATCH | Update to latest gpg keys"
   when:
     - rhel9cis_rule_1_2_1_1