relvalconsumer: allow fedmsg-hub to write the token cache

Been getting access denied errors lately, and from a look at
the python-openidc-client code, seems that clients may need to
write as well as read the token cache sometimes.

Signed-off-by: Adam Williamson <awilliam@redhat.com>

roles/relvalconsumer/tasks/main.yml

@@ -64,7 +64,7 @@
   file: path=/root/.openidc state=directory owner=root group=root mode=0700
 
 - name: Create /usr/share/fedmsg/.openidc (token file location for fedmsg consumer runs)
-  file: path=/usr/share/fedmsg/.openidc state=directory owner=root group=fedmsg mode=0750
+  file: path=/usr/share/fedmsg/.openidc state=directory owner=root group=fedmsg mode=0770
 
 - name: Write wikitcms token file for root
   copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600
@@ -73,7 +73,7 @@
   - config
 
 - name: Write wikitcms token file for fedmsg
-  copy: src={{ wikitcms_token }} dest=/usr/share/fedmsg/.openidc/oidc_wikitcms.json owner=root group=fedmsg mode=0640
+  copy: src={{ wikitcms_token }} dest=/usr/share/fedmsg/.openidc/oidc_wikitcms.json owner=root group=fedmsg mode=0660
   when: "wikitcms_token is defined"
   tags:
   - config