From 4830ea20f983a2a65d5235853a1510985ac084c6 Mon Sep 17 00:00:00 2001
From: Karl DeBisschop <kdebisschop@gmail.com>
Date: Sun, 14 Jan 2024 08:44:36 -0500
Subject: [PATCH] Fix regex to prevent swallowing closing quote in bootloader
 config. Fixes #132

Signed-off-by: Karl DeBisschop <kdebisschop@gmail.com>
---
 tasks/section_1/cis_1.6.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_1/cis_1.6.x.yml b/tasks/section_1/cis_1.6.x.yml
index 53fa9d3a..279d6189 100644
--- a/tasks/section_1/cis_1.6.x.yml
+++ b/tasks/section_1/cis_1.6.x.yml
@@ -39,8 +39,8 @@
             regexp: "{{ item.regexp }}"
             replace: "{{ item.replace }}"
         with_items:
-            - { regexp: 'apparmor=\S+', replace: 'apparmor=1' }
-            - { regexp: 'security=\S+', replace: 'security=apparmor' }
+            - { regexp: 'apparmor=[^\s"]+', replace: 'apparmor=1' }
+            - { regexp: 'security=[^\s"]+', replace: 'security=apparmor' }
         when:
             - "'apparmor' in ubtu20cis_1_6_1_2_cmdline_settings.stdout"
             - "'security' in ubtu20cis_1_6_1_2_cmdline_settings.stdout"