From f2e196743c2b2644db37d9a61eab95cc5a1f446a Mon Sep 17 00:00:00 2001
From: Dan D <daniel.deremiah@windriver.com>
Date: Mon, 15 Apr 2024 19:14:26 -0700
Subject: [PATCH] Fixes 4.1.3.6 to match CIS v1.0.0 benchmark

Signed-off-by: Dan D <daniel.deremiah@windriver.com>
---
 tasks/section_4/cis_4.1.3.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_4/cis_4.1.3.x.yml b/tasks/section_4/cis_4.1.3.x.yml
index a0d85703..6c1018d2 100644
--- a/tasks/section_4/cis_4.1.3.x.yml
+++ b/tasks/section_4/cis_4.1.3.x.yml
@@ -70,7 +70,7 @@
 - name: "4.1.3.6 | PATCH | Ensure use of privileged commands is collected"
   block:
       - name: "4.1.3.6 | AUDIT | Ensure use of privileged commands is collected | Get list of privileged programs"
-        ansible.builtin.shell: for i in  $(findmnt -n -l -k -it $(awk '/nodev/ { print $2 }' /proc/filesystems | paste -sd,) | grep -Pv "noexec|nosuid" | awk '{print $1}'); do find $i -xdev -type f -perm -4000 -o -type f -perm -2000 2>/dev/null; done | grep -vw '/snap'
+        ansible.builtin.shell: for i in  $(findmnt -n -l -k -it $(awk '/nodev/ { print $2 }' /proc/filesystems | paste -sd,) | grep -Pv "noexec|nosuid" | awk '{print $1}'); do find $i -xdev -type f -perm -4000 -o -type f -perm -2000 2>/dev/null; done
         register: priv_procs
         changed_when: false
         check_mode: false