diff --git a/lib/lxc.sh b/lib/lxc.sh
index 705074f..26915c6 100644
--- a/lib/lxc.sh
+++ b/lib/lxc.sh
@@ -96,7 +96,7 @@ LXC_EXEC () {
     # Store the return code of the command
     local returncode=${PIPESTATUS[0]}
 
-    log_debug "Return code: $return_code"
+    log_debug "Return code: $returncode"
 
     stop_timer 1
     # Return the exit code of the ssh command
diff --git a/lib/tests.sh b/lib/tests.sh
index 4f84cee..a0a9c23 100644
--- a/lib/tests.sh
+++ b/lib/tests.sh
@@ -86,7 +86,7 @@ _INSTALL_APP () {
     local ret=$?
     [ $ret -eq 0 ] && log_debug "Installation successful." || log_error "Installation failed."
 
-    if LXC_EXEC "su nobody -s /bin/bash -c 'test -r /var/www/$app_id || test -w /var/www/$app_id || test -x /var/www/$app_id'"
+    if LXC_EXEC "su nobody -s /bin/bash -c \"test -r /var/www/$app_id || test -w /var/www/$app_id || test -x /var/www/$app_id\""
     then
         log_error "It looks like anybody can read/enter /var/www/$app_id, which ain't super great from a security point of view ... Config files or other files may contain secrets or information that should in most case not be world-readable. You should remove all 'others' permissions with 'chmod o-rwx', and setup appropriate, exclusive permissions to the appropriate owner/group with chmod/chown."
     fi