Bug in 7.1.12 | AUDIT | Ensure no files or directories without an owner and a group exist | Get list files or directories

[Systhom]

Hello,

Thanks for this project.

Have you checked ReadtheDocs?:
Yes

Describe the Issue
The following command does not work:
ansible.builtin.command: find ({{ deb12cis_exclude_unowned_search_path }}) {{ item.mount }} -xdev \( -nouser -o -nogroup \) -not -fstype nfs

In file: https://github.com/ansible-lockdown/DEBIAN12-CIS/blob/devel/tasks/section_7/cis_7.1.x.yml

By leaving the variable with default values, we have the errors attached:
error_unowned_search_path.txt

deb12cis_exclude_unowned_search_path: '! -path "/run/user/*" -a ! -path "/proc/*" -a ! -path "*/containerd/*" -a ! -path "*/kubelet/pods/*" -a ! -path "*/kubelet/plugins/*" -a ! -path "/sys/fs/cgroup/memory/*" -a ! -path "/var/*/private/*"'

If the variable is left empty (no exclusion), it won't work either.

Expected Behavior
The line should be modified if it exists.
It should be added if not.

Actual Behavior
The line is modified if it exists, but not added otherwise.

Control(s) Affected
What controls are being affected by the issue

Environment (please complete the following information):

branch being used: devel
Ansible Version: 2.14.18
Host Python Version: 3.11.2
Ansible Server Python Version: 3.11.2

Best regards,

Thomas