Ansible playbook fatal error Could not find the requested service systemd-coredump: host"

[mildas]

Description of problem:

ansible-playbook fails on finding systemd-coredump service and exits on fatal error:

TASK [Disable service systemd-coredump] ****************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Could not find the requested service systemd-coredump: host"}

SCAP Security Guide Version:

4413901

Operating System Version:

RHEL8, RHEL9

Steps to Reproduce:

1. ansible-playbook -i "localhost," -c local /usr/share/scap-security-guide/ansible/rhel9-playbook-ospp.yml

Actual Results:

TASK [Disable service systemd-coredump] ****************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Could not find the requested service systemd-coredump: host"}

Expected Results:

ansible-playbook finishes

Additional Information/Debugging Steps:

The problem was introduced by service_disabled alignment to service_enabled - #9806 Where I didn't realized there might be service rules that are for sockets, not for services.

Previously, service_disabled template was doing both, disabling service and disabling socket. Is it correct approach?

Is it expected that both are being disabled if exist? Or every time only a one of them should disable?
If the latter, then rules for sockets should specify the socket suffix in the servicename, for example servicename: systemd-coredump.socket in
https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml#L53

[yuumasato]

I think it makes sense to disable both the service and the socket when it exists, there are services that can be started via socket.

[mildas]

Okay, so I have reverted the #9806 alignment in #9819