From 3c60b35a1933c9a2a95b4439a4a6f276cc49970b Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Wed, 2 Oct 2019 09:29:38 -0700 Subject: [PATCH] Replace command with shell in persistent-firewall We continue to see the odd task rc of -13 when running iptables-save to store persistent set of firewall rules. Switch to shell to give us a bit more debugging freedom if necessary (and to rule out the command module). Change-Id: I0c0208101cad985d4113de6b636c3816613b778c --- roles/persistent-firewall/tasks/main.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/roles/persistent-firewall/tasks/main.yaml b/roles/persistent-firewall/tasks/main.yaml index 984cf4e66..ea22b4e18 100644 --- a/roles/persistent-firewall/tasks/main.yaml +++ b/roles/persistent-firewall/tasks/main.yaml @@ -1,16 +1,22 @@ - name: List current ipv4 rules become: yes - command: iptables-save + # Using shell to try and debug why this task when run sometimes returns -13 + shell: iptables-save changed_when: false failed_when: false register: iptables_rules + tags: + - skip_ansible_lint - name: List current ipv6 rules become: yes - command: ip6tables-save + # Using shell to try and debug why this task when run sometimes returns -13 + shell: ip6tables-save changed_when: false failed_when: false register: ip6tables_rules + tags: + - skip_ansible_lint - name: Configure persistent iptables rules include: "{{ item }}"