---
# tasks file for auditd

- ansible.builtin.debug:
    msg: "ENABLED = {{ auditd_enabled }}; auditd role"

- when:
    - 'auditd_enabled is true'
    - "'global.update_only' not in ansible_run_tags"
  block:
    - name: Install auditd
      ansible.builtin.package:
        name: auditd

    - name: Create directory tree if not exists
      include_tasks: install_rules.yml
      loop: '{{ auditd_rules }}'