From 9a2a7ad96f9ee4d257e6dc6d44125fe071346503 Mon Sep 17 00:00:00 2001
From: Shawn Hardwick <time4swim@gmail.com>
Date: Wed, 5 Feb 2025 12:08:20 -0500
Subject: [PATCH] If prelim_auditd_logfile does not evaluate, check mode will
 fail on rule 6.2.4.3 with 'file () is absent, cannot continue' error

Signed-off-by: Shawn Hardwick <time4swim@gmail.com>
---
 tasks/prelim.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tasks/prelim.yml b/tasks/prelim.yml
index 8dbd904..9930ab5 100644
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@@ -230,6 +230,7 @@
   tags: always
   ansible.builtin.shell: "grep ^log_file /etc/audit/auditd.conf | awk '{ print $NF }'"
   changed_when: false
+  check_mode: false
   failed_when: prelim_auditd_logfile.rc not in [ 0, 1 ]
   register: prelim_auditd_logfile