add more conditionals to when auditd show be hardened

Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>

roles/os_hardening/tasks/minimize_access.yml

@@ -221,7 +221,10 @@
     opts: '{{ os_mnt_var_log_audit_options }}'
     state: present
   register: varlogauditmount
-  when: os_mnt_var_log_audit_enabled | bool
+  when:
+    - os_mnt_var_log_audit_enabled | bool
+    - var_log_audit_exists.stat.exists | bool
+    - os_auditd_enabled | bool
 
 - name: Harden permissions for /var/log/audit directory
   file:
@@ -230,6 +233,7 @@
     group: 'root'
     mode: '{{ os_mnt_var_log_audit_dir_mode }}'
   when:
+    - os_mnt_var_log_audit_enabled | bool
     - var_log_audit_exists.stat.exists | bool
     - os_auditd_enabled | bool