1.8.4 - Ensure GDM screen locks when the user is idle - session profile issues

[ipruteanu-sie]

Describe the Issue There are, in my opinion, some things potentially incorrect regarding a particular subtask(Create the session profile file), part of the 1.8.4. rule block:

1. The elements of the loop should not be surrounded with quotes, as they'd be treated as strings(instead of hashes)
2. There's a typo in the 2nd list item, namely a double single quote in the end of this piece of code: 'system-db: {{ ubtu22cis_dconf_db_name }}''
3. Their subkey definition is not consistent, maybe due to a typo which caused also 2), respectively line attribute is missing from 2nd array element, despite being used as the value of line option of the lineinfile task.
4. Ansible returns an error if the file is not created, but my fix was to add create: yes to the lineinfile task.
5. Even after fixing 1-4, a subtle thing has to be done to correctly create session file / make CIS return a Pass: removing empty spaces in regexp/line values.

Expected Behavior After installing gdm3 on the target system, if this rule would be implemented by the role, it'll have a Pass status on CIS assessments.

Actual Behavior After installing gdm3 on the target system, if this rule would be implemented by the role, it returns a Fail status on CIS assessments.

Control(s) Affected 1.8.4

Environment (please complete the following information):

• branch being used: [e.g. devel]

Additional Notes Where I inspired myself from, doc-wise

Possible Solution I'll add a PR.

[uk-bolly]

hi @ipruteanu-sie

This issue was merged to devel a couple of weeks ago. I will close this Issue, if this does not resolve your issue please reopen.

Many thanks as always

uk-bolly