diff --git a/salt/stig/enabled.sls b/salt/stig/enabled.sls
index 1f1a064fd8..0f347f8bcd 100644
--- a/salt/stig/enabled.sls
+++ b/salt/stig/enabled.sls
@@ -48,15 +48,17 @@ update_stig_profile:
 
 {% if not salt['file.file_exists'](OSCAP_OUTPUT_DIR ~ '/pre-oscap-report.html') %}
 run_initial_scan:
-  module.run:
-  - name: openscap.xccdf
-  - params: 'eval --profile {{ OSCAP_PROFILE_NAME }} --results {{ OSCAP_OUTPUT_DIR }}/pre-oscap-results.xml --report {{ OSCAP_OUTPUT_DIR }}/pre-oscap-report.html {{ OSCAP_PROFILE_LOCATION }}'
+  cmd.run:
+    - name: 'oscap xccdf eval --profile {{ OSCAP_PROFILE_NAME }} --results {{ OSCAP_OUTPUT_DIR }}/pre-oscap-results.xml --report {{ OSCAP_OUTPUT_DIR }}/pre-oscap-report.html {{ OSCAP_PROFILE_LOCATION }}'
+    - success_retcodes:
+      - 2
 {% endif %}
 
 run_remediate:
-  module.run:
-    - name: openscap.xccdf
-    - params: 'eval --remediate --profile {{ OSCAP_PROFILE_NAME }} --results {{ OSCAP_OUTPUT_DIR }}/post-oscap-results.xml --report {{ OSCAP_PROFILE_LOCATION }}'
+  cmd.run:
+    - name: 'oscap xccdf eval --remediate --profile {{ OSCAP_PROFILE_NAME }} {{ OSCAP_PROFILE_LOCATION }}'
+    - success_retcodes:
+      - 2
 
 {# OSCAP rule id: xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_burstaction #}
 disable_ctrl_alt_del_action:
@@ -82,9 +84,10 @@ remove_nullok_from_system_auth_auth:
     - backup: '.bak'
 
 run_post_scan:
-  module.run:
-    - name: openscap.xccdf
-    - params: 'eval --profile {{ OSCAP_PROFILE_NAME }} --results {{ OSCAP_OUTPUT_DIR }}/post-oscap-results.xml --report {{ OSCAP_OUTPUT_DIR }}/post-oscap-report.html {{ OSCAP_PROFILE_LOCATION }}'
+  cmd.run:
+    - name: 'oscap xccdf eval --profile {{ OSCAP_PROFILE_NAME }} --results {{ OSCAP_OUTPUT_DIR }}/post-oscap-results.xml --report {{ OSCAP_OUTPUT_DIR }}/post-oscap-report.html {{ OSCAP_PROFILE_LOCATION }}'
+    - success_retcodes:
+      - 2
 
 {%   else %}
 {{sls}}_no_license_detected:
diff --git a/salt/stig/files/sos-oscap.xml b/salt/stig/files/sos-oscap.xml
index 3f78af8c09..6c4c93778b 100644
--- a/salt/stig/files/sos-oscap.xml
+++ b/salt/stig/files/sos-oscap.xml
@@ -611,7 +611,7 @@ the release. Additionally, the original security profile has been modified by Se
         <ns5:select idref="xccdf_org.ssgproject.content_rule_account_emergency_expire_date" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_account_password_pam_faillock_password_auth" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_account_password_pam_faillock_system_auth" selected="true" />
-        <ns5:select idref="xccdf_org.ssgproject.content_rule_account_password_selinux_faillock_dir" selected="true" />
+        <ns5:select idref="xccdf_org.ssgproject.content_rule_account_password_selinux_faillock_dir" selected="false" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_account_temp_expire_date" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_account_unique_id" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_accounts_authorized_local_users" selected="true" />
@@ -1007,8 +1007,8 @@ the release. Additionally, the original security profile has been modified by Se
         <ns5:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_access_monitoring" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_rsyslog_remote_loghost" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_security_patches_up_to_date" selected="true" />
-        <ns5:select idref="xccdf_org.ssgproject.content_rule_selinux_policytype" selected="true" />
-        <ns5:select idref="xccdf_org.ssgproject.content_rule_selinux_state" selected="true" />
+        <ns5:select idref="xccdf_org.ssgproject.content_rule_selinux_policytype" selected="false" />
+        <ns5:select idref="xccdf_org.ssgproject.content_rule_selinux_state" selected="false" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_service_auditd_enabled" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_service_autofs_disabled" selected="true" />
         <ns5:select idref="xccdf_org.ssgproject.content_rule_service_chronyd_enabled" selected="true" />