gistfile1.txt

TASK: [openstack-ansible-security | V-38496 - Default operating system accounts (other than root) must be locked] *** 
skipping: [aio1]

TASK: [openstack-ansible-security | V-38497 - The system must not have accounts configured with blank or null passwords.] *** 
ok: [aio1] 

TASK: [openstack-ansible-security | V-38497 - The system must not have accounts configured with blank or null passwords.] *** 
failed: [aio1] 
msg: FAILED: Remove 'nullok' from /etc/pam.d/system-auth for better security.

FATAL: all hosts have already failed -- aborting

PLAY RECAP ******************************************************************** 
openstack-ansible-security | V-38631/38632 - The operating system must produce audit records (install auditd) --- 9.79s
openstack-ansible-security | Ensure debsums package is installed (for V-38637) --- 2.88s
openstack-ansible-security | Auditd rules (includes several STIGs) ------ 0.26s
openstack-ansible-security | Checking auditd package contents for alterations with debsums (for V-38637) --- 0.21s
openstack-ansible-security | Gather current GPG keys for apt (for V-38476) --- 0.13s
openstack-ansible-security | V-38631/38632 - The operating system must produce audit records (start auditd) --- 0.10s
openstack-ansible-security | V-38468 - The audit system must take action when the disk is full --- 0.08s
openstack-ansible-security | V-38633 - The system must set a maximum audit log file size --- 0.08s
openstack-ansible-security | Search for AllowUnauthenticated in /etc/apt/apt.conf.d/ (for V-38462) --- 0.08s
openstack-ansible-security | V-38498 - Audit log files must have mode 0640 or less --- 0.08s