diff --git a/tmpfiles.patch b/tmpfiles.patch
new file mode 100644
index 0000000..4eb6b0f
--- /dev/null
+++ b/tmpfiles.patch
@@ -0,0 +1,58 @@
+From 306cad81aee91d6adb61acdb9f1a9900fe2a13cd Mon Sep 17 00:00:00 2001
+From: Cropi <alakatos@redhat.com>
+Date: Thu, 6 Feb 2025 08:00:59 +0100
+Subject: [PATCH] =?UTF-8?q?At=20boot=20time,=20systemd=E2=80=91tmpfiles=20?=
+ =?UTF-8?q?processes=20this=20file=20and=20creates=20/var/log/usbguard=20s?=
+ =?UTF-8?q?o=20that=20the=20usbguard=20service=20can=20start=20successfull?=
+ =?UTF-8?q?y.?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ Makefile.am            | 13 +++++++++++--
+ usbguard-tmpfiles.conf |  1 +
+ 2 files changed, 12 insertions(+), 2 deletions(-)
+ create mode 100644 usbguard-tmpfiles.conf
+
+diff --git a/Makefile.am b/Makefile.am
+index 7dc6849..2a8bfeb 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -90,8 +90,8 @@ $(top_builddir)/%.roff: %.adoc
+ 	$(INSTALL) -m 644 $(top_builddir)/$(@:.roff=) $(top_builddir)/$@
+ endif
+ 
+-install-data-hook: install-daemon-conf install-systemd-service install-data-dbus
+-uninstall-hook: uninstall-daemon-conf uninstall-systemd-service uninstall-data-dbus
++install-data-hook: install-daemon-conf install-systemd-service install-data-dbus install-tmpfiles
++uninstall-hook: uninstall-daemon-conf uninstall-systemd-service uninstall-data-dbus uninstall-tmpfiles
+ 
+ CLEANFILES+=\
+ 	$(top_builddir)/usbguard-daemon.conf
+@@ -106,6 +106,15 @@ usbguard_confdir= $(sysconfdir)/usbguard
+ 
+ distuninstallcheck_listfiles= find . -type f ! -name rules.conf -print
+ 
++EXTRA_DIST+=usbguard-tmpfiles.conf
++
++install-tmpfiles:
++	mkdir -p ${DESTDIR}$(prefix)/lib/tmpfiles.d/
++	$(INSTALL_DATA) -m 640 ${srcdir}/usbguard-tmpfiles.conf ${DESTDIR}$(prefix)/lib/tmpfiles.d/usbguard.conf
++
++uninstall-tmpfiles:
++	rm ${DESTDIR}$(prefix)/lib/tmpfiles.d/usbguard.conf
++
+ install-daemon-conf: $(top_builddir)/usbguard-daemon.conf
+ 	$(MKDIR_P) $(DESTDIR)/$(usbguard_confdir)
+ 	$(MKDIR_P) $(DESTDIR)/$(usbguard_confdir)/IPCAccessControl.d
+diff --git a/usbguard-tmpfiles.conf b/usbguard-tmpfiles.conf
+new file mode 100644
+index 0000000..e90908f
+--- /dev/null
++++ b/usbguard-tmpfiles.conf
+@@ -0,0 +1 @@
++d /var/log/usbguard 0700 root root - -
+-- 
+2.48.1
+
diff --git a/usbguard.spec b/usbguard.spec
index 43a3650..c4a4773 100644
--- a/usbguard.spec
+++ b/usbguard.spec
@@ -8,7 +8,7 @@
 
 Name:           usbguard
 Version:        1.0.0
-Release:        15%{?dist}
+Release:        16%{?dist}
 Summary:        A tool for implementing USB device usage policy
 Group:          System Environment/Daemons
 License:        GPLv2+
@@ -66,6 +66,7 @@ Patch13: usbguard-consistent-rules.patch
 Patch14: usbguard-missing-doc.patch
 Patch15: usbguard-permanent-rules.patch
 Patch16: usbguard-disable-console-log.patch
+Patch17: tmpfiles.patch
 
 %description
 The USBGuard software framework helps to protect your computer against rogue USB
@@ -142,22 +143,23 @@ device presence changes and displays them as pop-up notifications.
 # Remove bundled library sources before build
 rm -rf src/ThirdParty/{Catch,PEGTL}
 
-%patch1 -p1 -b .notifier
-%patch2 -p1 -b .audit-write
-%patch3 -p1 -b .selinux-audit-write
-%patch4 -p1 -b .pidfile
-%patch5 -p1 -b .ipc-override-fix
-%patch6 -p1 -b .validate-acl
-%patch7 -p1 -b .notifier-decrease-spam
-%patch8 -p1 -b .dbus-CVE
-%patch9 -p1 -b .selinux-dbus-CVE
-%patch10 -p1 -b .dbus-CVE-leak
-%patch11 -p1 -b .oomscore-adjust
-%patch12 -p1 -b .race-condition
-%patch13 -p1 -b .consistent-rules
-%patch14 -p1 -b .missing-doc
-%patch15 -p1 -b .permanent-rules
-%patch16 -p1 -b .disable-syslog
+%patch -P 1 -p1 -b .notifier
+%patch -P 2 -p1 -b .audit-write
+%patch -P 3 -p1 -b .selinux-audit-write
+%patch -P 4 -p1 -b .pidfile
+%patch -P 5 -p1 -b .ipc-override-fix
+%patch -P 6 -p1 -b .validate-acl
+%patch -P 7 -p1 -b .notifier-decrease-spam
+%patch -P 8 -p1 -b .dbus-CVE
+%patch -P 9 -p1 -b .selinux-dbus-CVE
+%patch -P 10 -p1 -b .dbus-CVE-leak
+%patch -P 11 -p1 -b .oomscore-adjust
+%patch -P 12 -p1 -b .race-condition
+%patch -P 13 -p1 -b .consistent-rules
+%patch -P 14 -p1 -b .missing-doc
+%patch -P 15 -p1 -b .permanent-rules
+%patch -P 16 -p1 -b .disable-syslog
+%patch -P 17 -p1 -b .tmpfiles
 
 %build
 mkdir -p ./m4
@@ -257,6 +259,7 @@ find %{buildroot} \( -name '*.la' -o -name '*.a' \) -exec rm -f {} ';'
 %{_datadir}/man/man5/usbguard-rules.conf.5.gz
 %{_datadir}/man/man1/usbguard.1.gz
 %{_datadir}/bash-completion/completions/usbguard
+%attr(640,root,root) %{_tmpfilesdir}/usbguard.conf
 
 %files devel
 %defattr(-,root,root,-)
@@ -322,6 +325,10 @@ fi
 
 
 %changelog
+* Thu Feb 06 2025 Attila Lakatos <alakatos@redhat.com> - 1.0.0-16
+- Install usbguard-tmpfles.conf
+  Resolves: RHEL-78188
+
 * Thu Jan 12 2023 Attila Lakatos <alakatos@redhat.com> - 1.0.0-15
 - Disable logging to console, logging to syslog is still enabled
 Resolves: rhbz#2122109