Contradicting rules for GRUB_CMDLINE_LINUX setting

[florath]

req-030.1 and req-053.2 both change the GRUB_CMDLINE_LINUX parameter in /etc/default/grub - which obviously does not work.

Also the later one - setting the selinux - seams not to do the correct thing.
Shouldn't this be something like selinux=1 enforcing=1?

- name: req-030.1 enable logging before auditd starts
  lineinfile:
    path: '/etc/default/grub'
    regexp: "^GRUB_CMDLINE_LINUX=(.*)"
    line: GRUB_CMDLINE_LINUX="audit=1"
    state: present
  notify: update grub
  when: config_grub_logging

- name: req-053.2 enable selinux in grub
  lineinfile:
    dest: '/etc/default/grub'
    regexp: '^GRUB_CMDLINE_LINUX=(.*)'
    line: 'GRUB_CMDLINE_LINUX=""'
  notify: update grub
  when: mac_type == "selinux" and
      ( config_mac and config_selinux_grub )

[rascherm]

Regex indeed was flawed and your hint regarding "selinux=1" seems to be correct. I have made changes accordingly, please test latest commit.