Check for quota package should be inside if clause

[aaosopra]

Describe the Issue in cis_1.1.7.1_5.yml audit, one test checks for quota package, this is a part of the test for usrquota and grpquota. This test is not inside an if clause, meaning it will run even if we have selected to not check usrquota or grpquota

Expected Behavior To be skipped if

rhel8cis_rule_1_1_7_4: false rhel8cis_rule_1_1_7_5: false

Actual Behavior Will always run, and create false negatives

Control(s) Affected What controls are being affected by the issue relevent files associated. CIS 1.1.7.4 CIS 1.1.7.5

RHEL8-CIS-Audit/section_1/cis_1.1/cis_1.1.7.1_5.yml

Environment (please complete the following information):

• goss version: v0.3.21
• OS version: RHEL 8.9
• Additional Details:

Additional Notes Anything additional goes here

Possible Solution

package: {{ if .Vars.rhel8cis_rule_1_1_7_4 or .Vars.rhel8cis_rule_1_1_7_5 }} quota: title: | 1.1.7.4 | Ensure usrquota option set on /home partition | quota pkg installed 1.1.7.5 | Ensure grpquota option set on /home partition | quota pkg installed installed: true meta: server: 2 workstation: 2 CIS_ID:

• 1.1.7.4
• 1.1.7.5 CISv8: 3.3 CISv8_IG1: true CISv8_IG2: true {{ end }}