Beginning with 3.0.25, the "root preexec" setting only takes one parameter. In earlier versions it was possible to use
root preexec = command1 && command2
This is exactly what one of the security fixes did. We're now escaping everything passed to the scripts to avoid code insertion attacks. You have to put everything into one script now.