services: auditd: Provide default configuration directory.

* gnu/services/auditd.scm (auditd.conf)
(%default-auditd-configuration-directory): New variables.
(<auditd-configuration>): Switch to 'define-record-type*'.
[configuration-directory]: New field.
(auditd-shepherd-service): Honor 'configuration-directory'.  Pass #:pid-file.
(auditd-service-type)[description]: Tweak.
[default-value]: Provide 'configuration-directory'.
* doc/guix.texi (Miscellaneous Services): Update docs to reflect
changes.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>

1 files changed, 9 insertions, 2 deletions

diff --git a/doc/guix.texi b/doc/guix.texi
index d45deed21e..d4557b360a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27612,10 +27612,12 @@ Network access
 @command{auditctl} from the @code{audit} package can be used in order
 to add or remove events to be tracked (until the next reboot).
 In order to permanently track events, put the command line arguments
-of auditctl into @file{/etc/audit/audit.rules}.
+of auditctl into a file called @code{audit.rules} in the configuration
+directory (see below).
 @command{aureport} from the @code{audit} package can be used in order
 to view a report of all recorded events.
-The audit daemon usually logs into the directory @file{/var/log/audit}.
+The audit daemon by default logs into the file
+@file{/var/log/audit.log}.
 
 @end defvr
 
@@ -27627,6 +27629,11 @@ This is the data type representing the configuration of auditd.
 @item @code{audit} (default: @code{audit})
 The audit package to use.
 
+@item @code{configuration-directory} (default: @code{%default-auditd-configuration-directory})
+The directory containing the configuration file for the audit package, which
+must be named @code{auditd.conf}, and optionally some audit rules to
+instantiate on startup.
+
 @end table
 @end deftp