https://bugzilla.suse.com/show_bug.cgi?id=1178154 https://bugzilla.suse.com/show_bug.cgi?id=1178154#c11 --- Comment #11 from Thorsten Kukuk <kukuk@suse.com> --- (In reply to Matthias Gerstner from comment #10)

(In reply to kukuk@suse.com from comment #9)

...

An "audit" group for the audit package should be provided by the audit package and not system-users. It's not a generic used system wide group.

This is not about an audit specific group but about a kind of "logaccess" group, see comment 2 / comment 4.

/var/log/audit is owned by audit package /var/log/audit/audit.log is owned by audit package If audit is not installed, an audit group doesn't make sense. And on current systems, audit.log is more or less the last log file besides zypper. Everything else is meanwhile using journald/journalctl. If other log files (which?) should be owned by the audit group, the name of the group "audit" would be wrong and we need something better. But I don't see a valid usecase for other log files. -- You are receiving this mail because: You are on the CC list for the bug.