auditd.service: set LogsDirectory and RuntimeDirectory

This ensures systemd will create these directories
ahead of starting the auditd service. It also ensures
the auditd service has write permissions, even if
someone might add additional hardening options to
the systemd service in the future.

Directory permission bits were copied from the
systemd tmpfiles config for the log directory, and
`make_audit_run_dir()` for the runtime directory.

Author: LordGrimmauld

init.d/auditd.service.in

@@ -35,6 +35,11 @@ ExecStart=@sbindir@/auditd
 Restart=on-failure
 ## Do not restart for intentional exits. See EXIT CODES section in auditd(8).
 RestartPreventExitStatus=2 4 6
+## Create Log and Runtime directory
+LogsDirectory=audit
+LogsDirectoryMode=0700
+RuntimeDirectory=audit
+RuntimeDirectoryMode=0755
 
 ### Security Settings ###
 MemoryDenyWriteExecute=true