From c545dd24a13ede6490b802a9ec452abca5ad4581 Mon Sep 17 00:00:00 2001
From: Stephen Hoekstra <shoekstra@schubergphilis.com>
Date: Thu, 9 Nov 2017 21:37:32 +0100
Subject: [PATCH] Make ubuntu tests pass

Signed-off-by: Stephen Hoekstra <shoekstra@schubergphilis.com>
---
 recipes/minimize_access.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/recipes/minimize_access.rb b/recipes/minimize_access.rb
index bae4b889..45f4a67e 100644
--- a/recipes/minimize_access.rb
+++ b/recipes/minimize_access.rb
@@ -53,3 +53,9 @@
   mode '0750'
   not_if { node['os-hardening']['security']['users']['allow'].include?('change_user') }
 end
+
+# /var/log should restricted to root or syslog on ubuntu systems
+directory '/var/log' do
+  owner 'root'
+  group node['platform'] == 'ubuntu' ? 'syslog' : 'root'
+end