diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 8a7516cc3966e2153c3b0468bc185bf2f69c271d..a00536bfd5690bab774f1e4e8058e0d18a3a478c 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -29,7 +29,7 @@
     dest: "/etc/apt/apt.conf.d/00proxy"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   when: apt_proxy is defined
 
 - name: Disable use of proxy for retrieving system packages via apt
@@ -44,7 +44,7 @@
     dest: "/usr/share/pam-configs/umask"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   register: pam_umask
   notify:
     - Update PAM configuration
@@ -81,7 +81,7 @@
     dest: "/etc/profile.d/bash_prompt.sh"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
 
 - name: Deploy profile configuration that allows for user-specific profile.d files
   copy:
@@ -89,7 +89,7 @@
     dest: "/etc/profile.d/z99-user_profile_d.sh"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
 
 - name: Replace default and skeleton bashrc
   copy:
@@ -97,7 +97,7 @@
     dest: "{{ item.value }}"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   with_dict:
     bashrc: "/etc/bash.bashrc"
     skel_bashrc: "/etc/skel/.bashrc"
@@ -113,7 +113,7 @@
     dest: "/root/.bashrc"
     owner: root
     group: root
-    mode: 0640
+    mode: "0640"
   # Checksums: bookworm
   when: |
     root_bashrc_stat.stat.checksum == "1a422a148ad225aa5ba33f8dafd2b7cfcdbd701f"
@@ -139,7 +139,7 @@
     dest: "/etc/emacs/site-start.d/01disable-electric-indent-mode.el"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   when: "['emacs24', 'emacs24-nox', 'emacs25', 'emacs25-nox', 'emacs', 'emacs-nox'] | intersect(common_packages) | length > 0"
 
 - name: Set-up operating system groups
@@ -201,7 +201,7 @@
     dest: "/usr/local/share/ca-certificates/{{ item.key }}.crt"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   with_dict: "{{ ca_certificates }}"
   register: deploy_ca_certificates_result
 
@@ -229,7 +229,7 @@
     dest: /usr/sbin/ferm
     owner: root
     group: root
-    mode: 0755
+    mode: "0755"
   notify:
     - Restart ferm
 
@@ -244,7 +244,7 @@
     dest: "/etc/default/ferm"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   notify:
     - Restart ferm
 
@@ -254,7 +254,7 @@
     state: directory
     owner: root
     group: root
-    mode: 0750
+    mode: "0750"
 
 - name: Deploy main ferm configuration file
   copy:
@@ -262,7 +262,7 @@
     dest: "/etc/ferm/ferm.conf"
     owner: root
     group: root
-    mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
 
@@ -278,7 +278,7 @@
     dest: "/etc/ferm/conf.d/00-base.conf"
     owner: root
     group: root
-    mode: 0640
+    mode: "0640"
   notify:
     - Restart ferm
 
@@ -294,7 +294,7 @@
     dest: "/usr/local/sbin/drop_legacy_iptables_rules.sh"
     owner: root
     group: root
-    mode: 0755
+    mode: "0755"
 
 - name: Drop legacy iptables rules
   command: "/usr/local/sbin/drop_legacy_iptables_rules.sh remove"
@@ -309,7 +309,7 @@
     dest: "/usr/local/bin/check_certificate.sh"
     owner: root
     group: root
-    mode: 0755
+    mode: "0755"
 
 - name: Set-up directory for holding configuration for certificate validation script
   file:
@@ -317,7 +317,7 @@
     state: "directory"
     owner: root
     group: root
-    mode: 0755
+    mode: "0755"
 
 - name: Deploy crontab entry for checking certificates
   cron:
@@ -410,7 +410,7 @@
     state: directory
     owner: pipreqcheck
     group: pipreqcheck
-    mode: 0750
+    mode: "0750"
   with_items:
     - "/var/lib/pipreqcheck"
     - "/var/lib/pipreqcheck/virtualenv"
@@ -434,7 +434,7 @@
     state: "directory"
     owner: root
     group: pipreqcheck
-    mode: 0750
+    mode: "0750"
   with_items:
     - "/etc/pip_check_requirements_upgrades"
 
@@ -444,7 +444,7 @@
     state: "directory"
     owner: root
     group: pipreqcheck
-    mode: 0750
+    mode: "0750"
   with_items:
     - "/etc/pip_check_requirements_upgrades/pipreqcheck"
 
@@ -454,7 +454,7 @@
     dest: "{{ item.path }}"
     owner: root
     group: pipreqcheck
-    mode: 0640
+    mode: "0640"
   with_items:
     - path: "/etc/pip_check_requirements_upgrades/pipreqcheck/requirements.in"
       requirements: "{{ pip_check_requirements_in }}"
@@ -465,7 +465,7 @@
     dest: "{{ item.file }}"
     owner: root
     group: pipreqcheck
-    mode: 0640
+    mode: "0640"
   with_items:
     - file: "/etc/pip_check_requirements_upgrades/pipreqcheck/requirements.txt"
       requirements: "{{ pip_check_requirements }}"
@@ -495,7 +495,7 @@
     dest: "/usr/local/bin/pip_check_requirements_upgrades.sh"
     owner: root
     group: root
-    mode: 0755
+    mode: "0755"
 
 - name: Deploy crontab entry for checking pip requirements
   copy:
@@ -503,7 +503,7 @@
     dest: "/etc/cron.d/check_pip_requirements"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
 
 - name: Install NTP packages
   apt:
@@ -528,7 +528,7 @@
     dest: "/etc/ntpsec/ntp.conf"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   when: ntp_pools | length > 0
   notify:
     - Restart NTP server