Replace command with shell in persistent-firewall

We continue to see the odd task rc of -13 when running iptables-save to store persistent set of firewall rules. Switch to shell to give us a bit more debugging freedom if necessary (and to rule out the command module). Change-Id: I0c0208101cad985d4113de6b636c3816613b778c
2019-10-02 09:29:38 -07:00 · 2019-10-02 09:29:38 -07:00 · 3c60b35a19
parent 7ce53a7732
commit 3c60b35a19
1 changed files with 8 additions and 2 deletions
--- a/roles/persistent-firewall/tasks/main.yaml
+++ b/roles/persistent-firewall/tasks/main.yaml
@ -1,16 +1,22 @@
 - name: List current ipv4 rules
  become: yes
-  command: iptables-save
+  # Using shell to try and debug why this task when run sometimes returns -13
+  shell: iptables-save
  changed_when: false
  failed_when: false
  register: iptables_rules
+  tags:
+   - skip_ansible_lint

 - name: List current ipv6 rules
  become: yes
-  command: ip6tables-save
+  # Using shell to try and debug why this task when run sometimes returns -13
+  shell: ip6tables-save
  changed_when: false
  failed_when: false
  register: ip6tables_rules
+  tags:
+   - skip_ansible_lint

 - name: Configure persistent iptables rules
  include: "{{ item }}"