Merge pull request dbernaci#19 from jledoze/enguerrand/fix_rule_5_3_2

SECU-954 Fix CIS rule 5.3.2

tasks/section_5_Access_Authentication_and_Authorization.yaml

@@ -666,16 +666,25 @@
       lineinfile:
         dest: /etc/pam.d/common-auth
         line: "auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900"
+        state: present
+        create: true
+
     - name: 5.3.2 Ensure lockout for failed password attempts is configured - pam_deny.so
       lineinfile:
         dest: /etc/pam.d/common-account
         regexp: '^account\srequisite'
         line: "account requisite pam_deny.so"
+        state: present
+        create: true
+
     - name: 5.3.2 Ensure lockout for failed password attempts is configured - pam_tally2.so
       lineinfile:
         dest: /etc/pam.d/common-account
         regexp: '^account\srequired'
         line: "account required pam_tally2.so"
+        state: present
+        create: true
+
   tags:
     - section5
     - level_1_server