fix(R5.4.3). Correct regexes so that they match

[raabf]

Overall Review of Changes: The core is that I improved a regex which do not match:

'^(password\s*\[success=1 default=ignore\] pam_unix.so)(.*)(remember=([0-9]{1,})|)(.*$)'

to

'^(?P<begin>[^\S\n]*password[^\S\n]+.*pam_unix.so[^\S\n]+)(?P<remember>(?P<before>.+?)remember=[0-9]+[^\S\n]?)?(?P<after>.*)$'

Issue Fixes: N/A

Enhancements:

• The previous regex requires exactly one space between default=ignore] and pam_unix.so which on a default OS installation never matches, is now fixed
• The .* in (.*)(remember=([0-9]{1,})|) of the old regex is greedy, which means that everything after it never matches.
• I name the groups now which is easier than the numbers.
• I took care that when inserting a non-existing remember=, before and after at least one space is inserted.
• The same time I make sure that not on every run, an additional space is added on replacement, so that the line is not endlessly growing.
• The ansible.builtin.shell: grep 'password.*pam_unix.so' /etc/pam.d/common-password do not require the [success=1 default=ignore] but the lineinfile regexes did, which would mean that the grep-regex match but not later lineinfile-regexes not ⇒ I updated it, so that no one requires the [success=1 default=ignore], but it will still preserve that part.
• If you wonder about [^\S\n], this is the shortest way to describe what in other regex-languages is known as \h (horizontal whitespace). Compared to \s this helps especially when there are only empty matches after it.

How has this been tested?:

Some manual runs of the changed task which inserted or kept remember= option correctly, and

Matching Examples to see regex in action: https://regex101.com/r/Kuxcwj