From e34e2a798cea3cbeeb0dd81b5936a609b0a2d37f Mon Sep 17 00:00:00 2001
From: Eduardo Barretto <eduardo.barretto@canonical.com>
Date: Wed, 14 Dec 2022 10:01:06 +0100
Subject: [PATCH] accounts_password_set_max_life_existing: Fix ansible to avoid
 system

accounts
---
 .../accounts_password_set_max_life_existing/ansible/shared.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
index 8651bba6d0ba..0af6018b4a0e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
@@ -7,7 +7,7 @@
 
 - name: Collect users with not correct maximum time period between password changes
   ansible.builtin.command:
-    cmd: awk -F':' '$5 > {{ var_accounts_maximum_age_login_defs }} || $5 == "" {print $1}' /etc/shadow
+    cmd: awk -F':' '(/^[^:]+:[^!*]/ && ($5 > {{ var_accounts_maximum_age_login_defs }} || $5 == "")) {print $1}' /etc/shadow
   register: user_names
 
 - name: Change the maximum time period between password changes