Use SElinux module and remove Dynamic MOTD in /etc/profile

tasks/main.yml

@@ -28,23 +28,17 @@
     - yum-utils
   tags: packages
     
-- name: Check SELinux status
-  command: /usr/sbin/getenforce
-  register: result
-  changed_when: False
-  
-- name: Disable SELinux now if enabled
-  shell: /usr/sbin/setenforce 0
-  when: result.stdout != "Disabled"
-  
-- name: Check/Set SELinux Disabled on boot
-  selinux: policy=targeted state=disabled
+- name: Ensure SELinux status
+  selinux:
+    state: disabled
+  tags: security
   
 - name: Configure NTPD
   template:
     src: ntp.conf.j2
     dest: /etc/ntp.conf
   tags: ntp
+
 - name: Ensure NTPD enabled and started
   service: 
     name: ntpd
@@ -137,6 +131,13 @@
     dest: /usr/local/bin/dynmotd
     mode: a+x
 
+
+- name: Configure Dynamic MOTD in profile
+  lineinfile:
+    dest: /etc/profile
+    regexp: "^/usr/local/bin/dynmotd"
+    state: absent
+    
 - name: Configure Dynamic MOTD in profile
   lineinfile:
     dest: /etc/profile.d/motd.sh