fesoj000 schreef op wo 09-03-2022 om 20:21 [+0100]:
> Currently auditd writes logs to /var/log/audit.log. This is a problem because
> auditd changes the permissions of the directory audit.log lives in to
> 700.

Why is auditd doing this?  Can this behaviour be patched out? Is there
an upstream report?

>  /var/log usually has 755, this is assumed by some services. postgresql
> for example, fails when used together with auditd.

Why does postgresql care about the group and other bits?
Could postgresql be modified not to care?

What are the reasons for changing the group and other bits?
Perhaps that should be done by default by Guix when creating
/var/log (POLA)?

In any case, I would recommend adding to auditd.scm to make clear
why the default log location is unacceptable.

Greetings,
Maxime.