From 68b8c6b5a0383913527aa14a8312f8f9ed1d6172 Mon Sep 17 00:00:00 2001
From: neonmei <neonmei@pm.me>
Date: Thu, 12 Nov 2020 11:32:49 -0300
Subject: [PATCH 1/2] roles/filebeat-oss: add missing file mode and ownership
 for security_actions tasks

---
 roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
index 95503159..8a6c5aad 100644
--- a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
+++ b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
@@ -4,11 +4,16 @@
     file:
       path: "{{ filebeat_ssl_dir }}"
       state: directory
+      owner: root
+      group: root
+      mode: 0774
 
   - name: Copy the certificates from local to the Manager instance
     copy:
       src: "{{ local_certs_path }}/certs/{{ item }}"
       dest: "{{ filebeat_ssl_dir }}"
+      owner: root
+      group: root
       mode: 0644
     with_items:
       - "{{ filebeat_node_name }}.key"

From 8be12f0c5aa4e26679356c064183ad8bbcf8d908 Mon Sep 17 00:00:00 2001
From: neonmei <neonmei@pm.me>
Date: Thu, 12 Nov 2020 11:33:09 -0300
Subject: [PATCH 2/2] roles/filebeat-oss: remove extra file permissions task

---
 .../wazuh/ansible-filebeat-oss/tasks/security_actions.yml  | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
index 8a6c5aad..fdec3c04 100644
--- a/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
+++ b/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml
@@ -20,13 +20,6 @@
       - "{{ filebeat_node_name }}.pem"
       - "root-ca.pem"
 
-  - name: Ensuring folder & certs permissions
-    file:
-      path: "{{ filebeat_ssl_dir }}/"
-      mode: 0774
-      state: directory
-      recurse: yes
-
   tags:
   - security
   when: