From 26b733383f2c09d7a8d17c24d3d45a5583c683b0 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Fri, 26 Jun 2020 18:48:36 +0200
Subject: [PATCH] The log directory must not be readable by others.

---
 tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index 710c1c2..701e677 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -33,10 +33,10 @@
   tags: [ 'tomcat', 'tomcat_instances' ]
 
 - name: Create the instances log dirs
-  file: dest={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory
+  file: dest={{ tomcat_m_instances_logdir_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode='0750' state=directory
   with_items: '{{ tomcat_m_instances }}'
   register: tomcat_first_install
-  tags: [ 'tomcat', 'tomcat_instances' ]
+  tags: [ 'tomcat', 'tomcat_instances', 'tomcat_log_dir' ]
 
 - name: Create the instances work dirs
   file: dest={{ tomcat_m_cache_base }}/{{ item.http_port }} owner={{ item.user }} group={{ item.user }} mode=0755 state=directory