audit_log_dir not created

[gocyclones]

Describe the Issue audit_log_dir is not created

Expected Behavior log directory should be created to defined var audit_log_dir

Actual Behavior TASK [/runner/project/RHEL9-CIS : Post Audit | ensure audit files readable by users] *** failed: [server1] (item=/var/log/lockdown/server1-RHEL9-CIS-v1.0.0_post_scan_1726677170.json) => {"ansible_loop_var": "item", "changed": false, "item": "/var/log/lockdown/server1-RHEL9-CIS-v1.0.0_post_scan_1726677170.json", "msg": "file (/var/log/lockdown/server1-RHEL9-CIS-v1.0.0_post_scan_1726677170.json) is absent, cannot continue", "path": "/var/log/lockdown/server1-RHEL9-CIS-v1.0.0_post_scan_1726677170.json", "state": "absent"}

Control(s) Affected Audit logs

Environment (please complete the following information):

• branch being used: 1.3.2
• Ansible Version: 2.15
• Host Python Version: Python 3.9.19
• Ansible Server Python Version: 3.9.18

Possible Solution

diff --git a/RHEL9-CIS/tasks/pre_remediation_audit.yml b/RHEL9-CIS/tasks/pre_remediation_audit.yml
index 5a99844..167797d 100644
--- a/RHEL9-CIS/tasks/pre_remediation_audit.yml
+++ b/RHEL9-CIS/tasks/pre_remediation_audit.yml
@@ -14,6 +14,12 @@
       state: directory
       mode: '0755'

+- name: Pre Audit Setup | Ensure {{ audit_log_dir }} exists
+  ansible.builtin.file:
+      path: "{{ audit_log_dir }}"
+      state: directory
+      mode: '0755'
+
 - name: Pre Audit Setup | If using git for content set up
   when:
       - audit_content == 'git'

[uk-bolly]

hi @gocyclones

Thank you for taking the time to raise this issue. I can see that the step already exists in the pre-remediation task to create the directory and the fact that the remediation runs and doesn't fail. Can we go through the setting to have to see if we are able to reproduce the issue.

Many thanks

uk-bolly