use files permissions from official package

tasks/xpack/security/elasticsearch-security-file.yml

@@ -18,7 +18,7 @@
     src: "{{ es_conf_dir }}/x-pack/users"
     dest: "{{ es_conf_dir }}/users"
     group: "{{ es_group }}"
-    owner: "{{ es_user }}"
+    owner: root
   when: old_users_file.stat.exists
 # End of users migrations
 
@@ -95,11 +95,11 @@
 #Copy Roles files
 - name: Copy roles.yml File for Instance
   become: yes
-  template: src=security/roles.yml.j2 dest={{ es_conf_dir }}/roles.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
+  template: src=security/roles.yml.j2 dest={{ es_conf_dir }}/roles.yml owner=root group={{ es_group }} mode=0660 force=yes
   when: es_roles is defined and es_roles.file is defined
 
 #Overwrite users_roles file
 - name: Copy User Roles
   become: yes
-  template: src=security/users_roles.j2 dest={{ es_conf_dir }}/users_roles owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
+  template: src=security/users_roles.j2 dest={{ es_conf_dir }}/users_roles owner=root group={{ es_group }} mode=0660 force=yes
   when: manage_file_users and users_roles | length > 0

tasks/xpack/security/elasticsearch-security.yml

@@ -46,5 +46,5 @@
 #Copy Roles files
 - name: Copy role_mapping.yml File for Instance
   become: yes
-  template: src=security/role_mapping.yml.j2 dest={{ es_conf_dir }}/role_mapping.yml owner={{ es_user }} group={{ es_group }} mode=0644 force=yes
+  template: src=security/role_mapping.yml.j2 dest={{ es_conf_dir }}/role_mapping.yml owner=root group={{ es_group }} mode=0660 force=yes
   when: es_role_mapping is defined