From b87f2e2fb0cb91b285fd6c431f64d1df4da44143 Mon Sep 17 00:00:00 2001
From: Alan Orth <alan.orth@gmail.com>
Date: Sun, 5 Nov 2017 00:49:03 +0200
Subject: [PATCH] roles/common: Use command module instead of shell

You should only use the "shell" module when you need shell functions
like flow control and redirects. Also, the "command" module is safer
because it is not affected by the user's environment.
---
 roles/common/tasks/firewall_Debian.yml | 2 +-
 roles/common/tasks/firewall_Ubuntu.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/common/tasks/firewall_Debian.yml b/roles/common/tasks/firewall_Debian.yml
index 6fba26d..c1b9102 100644
--- a/roles/common/tasks/firewall_Debian.yml
+++ b/roles/common/tasks/firewall_Debian.yml
@@ -13,6 +13,6 @@
 
 - name: Format public.xml firewalld zone file
   when: ansible_distribution_major_version | version_compare('8', '>=')
-  shell: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
+  command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
   notify:
     - reload firewalld
diff --git a/roles/common/tasks/firewall_Ubuntu.yml b/roles/common/tasks/firewall_Ubuntu.yml
index 4f953b4..d7a04ae 100644
--- a/roles/common/tasks/firewall_Ubuntu.yml
+++ b/roles/common/tasks/firewall_Ubuntu.yml
@@ -30,6 +30,6 @@
 
 - name: Format public.xml firewalld zone file
   when: ansible_distribution_version | version_compare('15.04', '>=')
-  shell: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
+  command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
   notify:
     - reload firewalld