From 38feff43691147dc2565879c5f262fa5eb544cdc Mon Sep 17 00:00:00 2001
From: Sandwich <sandwich@archworks.co>
Date: Fri, 20 Feb 2026 21:50:55 +0100
Subject: [PATCH] fix(cis): use is_rhel for journald config path instead of
 fedora-only check

---
 roles/cis/tasks/security_lines.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/cis/tasks/security_lines.yml b/roles/cis/tasks/security_lines.yml
index 8167483..f634c88 100644
--- a/roles/cis/tasks/security_lines.yml
+++ b/roles/cis/tasks/security_lines.yml
@@ -12,7 +12,7 @@
     - { path: /mnt/etc/security/pwquality.conf, content: lcredit = -1 }
     - { path: '/mnt/etc/{{ "bashrc" if is_rhel else "bash.bashrc" }}', content: umask 077 }
     - { path: '/mnt/etc/{{ "bashrc" if is_rhel else "bash.bashrc" }}', content: export TMOUT=900 }
-    - { path: '/mnt/{{ "usr/lib/systemd/journald.conf" if os == "fedora" else "etc/systemd/journald.conf" }}', content: Storage=persistent }
+    - { path: '/mnt/{{ "usr/lib/systemd/journald.conf" if is_rhel | bool else "etc/systemd/journald.conf" }}', content: Storage=persistent }
     - { path: /mnt/etc/sudoers, content: Defaults        logfile="/var/log/sudo.log" }
     - { path: /mnt/etc/pam.d/su, content: auth required pam_wheel.so }
     - path: >-