updated loop for 6.2.10 to use interactive users

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

defaults/main.yml

@@ -773,9 +773,6 @@ rhel8cis_inactivelock:
 # Allow ansible to expire password for account with a last changed date in the future. False will just display users in violation, true will expire those users passwords
 rhel8cis_futurepwchgdate_autofix: true
 
-rhel8uid_uid_start: 1000
-rhel8uid_uid_stop: 60000
-
 ## Section5 vars
 
 ## Preferred method of logging

tasks/section_6/cis_6.2.x.yml

@@ -338,12 +338,10 @@
   block:
       - name: "6.2.10 | PATCH | Ensure local interactive user home directories exist | Create dir if absent"
         ansible.builtin.file:
-            path: "{{ item.dir }}"
+            path: "{{ item }}"
             state: directory
-            owner: "{{ item.id }}"
-        loop: "{{ rhel8cis_passwd | selectattr('uid', '>=', rhel8uid_uid_start | int ) | selectattr('uid', '<=', rhel8uid_uid_stop | int ) | list }}"
-        loop_control:
-            label: "{{ item.id }}"
+            owner: "{{ item | basename }}"
+        loop: "{{ discovered_interactive_users_home.stdout_lines }}"
 
       - name: "6.2.10 | PATCH | Ensure local interactive user home directories exist | Permissions"
         ansible.builtin.file:

templates/ansible_vars_goss.yml.j2

@@ -664,9 +664,6 @@ rhel8cis_inactivelock:
 # 5.6.1.5 Allow ansible to expire password for account with a last changed date in the future. False will just display users in violation, true will expire those users passwords
 rhel8cis_futurepwchgdate_autofix: {{ rhel8cis_futurepwchgdate_autofix }}
 
-rhel8uid_uid_start: {{ rhel8uid_uid_start }}
-rhel8uid_uid_stop: {{ rhel8uid_uid_stop }}
-
 ## Section5 vars
 
 ## Preferred method of logging