Mode 600 will set incorrect permissions on files.

[janorn]

Using non string 600 is a booby trap. Read the docs here. https://docs.ansible.com/ansible/latest/collections/ansible/builtin/get_url_module.html#parameter-mode Newly installed hosts without an rpm key bombs hard on this (RHEL9)

https://github.com/DataDog/ansible-datadog/blob/f53b1ab1d63c99410b832f22208470d23b30d71a/tasks/pkg-redhat.yml#L30-L35

Here is an example playbook:

- name: Mode test
  hosts: localhost
  tasks:
    - name: Create file
      file:
        path: /tmp/mode_test
        mode: 600
        state: touch

Result:

$ ls -l /tmp/mode_test
---x-wx--T 1 user user 0 Nov 13 11:10 /tmp/mode_test

Here is a correct playbook:

- name: Mode test
  hosts: localhost
  tasks:
    - name: Create file
      file:
        path: /tmp/mode_test
        mode: '600'
        state: touch

Result:

$ ls -l /tmp/mode_test
-rw------- 1 user user 0 Nov 13 11:11 /tmp/mode_test

[janorn]

Running the role as root. Will hide this issue.

[daseeds]

Thank you ! I have exactly this issue and cannot run as root as root doesn't have password activated on remote host

[janorn]

For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, '644' or '1777') so Ansible receives a string and can do its own conversion from string into number. Adding a leading zero (for example, 0755) works sometimes, but can fail in loops and some other circumstances.