From 09978d73697247629a666838a0457c7df10aee7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Thu, 18 Jul 2019 16:01:24 +0200
Subject: [PATCH 1/2] Use correct value in create paramater

The code in function lineinfile accepts "true" not "yes".
---
 shared/bash_remediation_functions/include_lineinfile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/shared/bash_remediation_functions/include_lineinfile.sh b/shared/bash_remediation_functions/include_lineinfile.sh
index 93e08be4c8d..75175be8d2d 100644
--- a/shared/bash_remediation_functions/include_lineinfile.sh
+++ b/shared/bash_remediation_functions/include_lineinfile.sh
@@ -141,5 +141,5 @@ function sshd_config_set() {
     local parameter="$1"
     local value="$2"
 
-    set_config_file "/etc/ssh/sshd_config" "$parameter" "$value" "yes" '' '^Match' 'true'
+    set_config_file "/etc/ssh/sshd_config" "$parameter" "$value" "true" '' '^Match' 'true'
 }

From f85eaf07bbe5c3ef99f4e25ab0c56e71ad6a75a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Fri, 19 Jul 2019 13:52:31 +0200
Subject: [PATCH 2/2] Improve logic of lineinfile function

When state = absent and file doesn't exist, it is a no-operation.
---
 .../include_lineinfile.sh                        | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/shared/bash_remediation_functions/include_lineinfile.sh b/shared/bash_remediation_functions/include_lineinfile.sh
index 75175be8d2d..6e0881c33df 100644
--- a/shared/bash_remediation_functions/include_lineinfile.sh
+++ b/shared/bash_remediation_functions/include_lineinfile.sh
@@ -97,12 +97,18 @@ function lineinfile() {
     local insert_before="$7"
     local insensitive="${8:-true}"
 
-    [ ! -e "$path" ] && [ "$create" != "true" ] && die "Path '$path' wasn't found on this system and not creating. Refusing to continue."
-    [ ! -e "$path" ] && [ "$create" == "true" ] && touch "$path"
-
-    if [ "$state" == "absent" ]; then
-        lineinfile_absent "$path" "$regex" "$insensitive"
+    if [ "$state" == "absent" ] ; then
+        if [ -e "$path" ] ; then
+            lineinfile_absent "$path" "$regex" "$insensitive"
+        fi
     elif [ "$state" == "present" ]; then
+        if [ ! -e "$path" ] ; then
+            if [ "$create" == "true" ] ; then
+                touch "$path"
+            else
+                die "Path '$path' wasn't found on this system and option 'create' is set to '$create'. Refusing to continue."
+            fi
+        fi
         lineinfile_present "$path" "$regex" "$line" "$insert_after" "$insert_before" "$insensitive"
     fi
 }