diff --git a/roles/base/templates/doas.conf.j2 b/roles/base/templates/doas.conf.j2
index e3945ec..2b83565 100644
--- a/roles/base/templates/doas.conf.j2
+++ b/roles/base/templates/doas.conf.j2
@@ -2,6 +2,7 @@
 permit setenv {SSH_AUTH_SOCK SSH_TTY PKG_PATH HOME=/root ENV=/root/.profile} :{{ evobsd_group }}
 permit nopass root
 permit setenv {ENV PS1 SSH_AUTH_SOCK SSH_TTY} nopass :{{ evobsd_group }} as root cmd /usr/share/scripts/evomaintenance.sh
+permit nopass _collectd as root cmd /bin/cat
 permit nopass _collectd as root cmd /usr/sbin/bgpctl
 permit nopass _nrpe as root cmd /sbin/bioctl args sd2
 permit nopass _nrpe as root cmd /usr/local/libexec/nagios/check_mailq
diff --git a/roles/collectd/tasks/main.yml b/roles/collectd/tasks/main.yml
index 4ff066b..28a2c46 100644
--- a/roles/collectd/tasks/main.yml
+++ b/roles/collectd/tasks/main.yml
@@ -95,12 +95,3 @@
   when: collectd_plugin_exec_dns_stats
   tags:
     - collectd
-
-- name: Delete doas configuration for dns_stats.sh execution
-  lineinfile:
-    path: /etc/doas.conf
-    line: 'permit nopass _collectd as root cmd /bin/cat'
-    state: absent
-  when: not collectd_plugin_exec_dns_stats
-  tags:
-    - collectd