diff --git a/.gitignore b/.gitignore
index edbd874..1de1341 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@
 /dkopecek-usbguard-fcde518.tar.gz
 /dkopecek-usbguard-522c34c.tar.gz
 /dkopecek-usbguard-e528ff6.tar.gz
+/usbguard-0.7.0.tar.gz
diff --git a/sources b/sources
index 5858005..50ed7e9 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (dkopecek-usbguard-e528ff6.tar.gz) = 9aca5e19ebfc32b964ce52b38d6ef2b1b1523112f78c78b6ac6667216061c3143fdeddb7d5f8458d6e4e95928f63db66d3e59aa04ac0c50046de4632abf1c83a
+SHA512 (usbguard-0.7.0.tar.gz) = e0a63457011379f50cc5eb14516bb1b6192d5710c81e7fa9042b67c481514158811e761e982ad16a9b1fcae62c58e68574910da1a98be3a07e6c99f69d5c03c4
diff --git a/usbguard-daemon.conf b/usbguard-daemon.conf
index 8fe701a..9c44903 100644
--- a/usbguard-daemon.conf
+++ b/usbguard-daemon.conf
@@ -34,7 +34,7 @@ ImplicitPolicyTarget=block
 # * apply-policy - evaluate the ruleset for every present
 #                  device
 #
-PresentDevicePolicy=keep
+PresentDevicePolicy=apply-policy
 
 #
 # Present controller policy.
@@ -93,3 +93,8 @@ IPCAllowedGroups=wheel
 # details.
 #
 DeviceRulesWithPort=false
+
+#
+# USBGuard audit events log file path.
+#
+AuditFilePath=/var/log/usbguard/usbguard-audit.log
diff --git a/usbguard.spec b/usbguard.spec
index 452e8eb..b0fc6a3 100644
--- a/usbguard.spec
+++ b/usbguard.spec
@@ -1,27 +1,20 @@
 %global _hardened_build 1
 
-%global gitdate 	20170319
-%global gittag  	e528ff6fa8ce2ec522004e25fb3e3c48a63f5bbd
-%global shorttag	%(c=%{gittag}; echo ${c:0:7})
-%global user 		dkopecek
+%define with_gui_qt5 1
+%define with_dbus    1
 
 Name:           usbguard
-Version:        0.6.3
-Release:        0.1.%{gitdate}git%{shorttag}%{?dist}
+Version:        0.7.0
+Release:        1%{?dist}
 Summary:        A tool for implementing USB device usage policy
 Group:          System Environment/Daemons
 License:        GPLv2+
 ## Not installed
 # src/ThirdParty/Catch: Boost Software License - Version 1.0
 URL:            https://dkopecek.github.io/usbguard
-# Regular source URL
-#Source0:        https://github.com/dkopecek/usbguard/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz
-# Snapshot source URL
-Source0:	https://github.com/%{user}/%{name}/tarball/%{gittag}/%{user}-%{name}-%{shorttag}.tar.gz
+Source0:        https://github.com/dkopecek/usbguard/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz
 Source1:        usbguard-daemon.conf
 
-Patch0: usbguard-0.6.3-disable-cast-align-warning.patch
-
 Requires: systemd
 Requires(post): systemd
 Requires(preun): systemd
@@ -31,20 +24,33 @@ Requires(postun): /sbin/ldconfig
 
 BuildRequires: libqb-devel
 BuildRequires: libgcrypt-devel
-BuildRequires: systemd systemd-devel
 BuildRequires: libstdc++-devel
 BuildRequires: protobuf-devel protobuf-compiler
 BuildRequires: PEGTL-static
+BuildRequires: catch-devel
+BuildRequires: autoconf automake libtool
+BuildRequires: bash-completion
+# For `pkg-config systemd` only
+BuildRequires: systemd
+
+%if 0%{with_gui_qt5}
 BuildRequires: qt5-qtbase-devel qt5-qtsvg-devel qt5-linguist
+%endif
+
+%if 0%{with_dbus}
 BuildRequires: dbus-glib-devel
 BuildRequires: dbus-devel
 BuildRequires: glib2-devel
 BuildRequires: polkit-devel
 BuildRequires: libxslt
 BuildRequires: libxml2
-BuildRequires: catch-devel
+%endif
+
+%if 0%{?fedora}
 BuildRequires: pandoc
-BuildRequires: autoconf automake libtool
+%endif
+
+Patch0: usbguard-0.6.3-disable-cast-align-warning.patch
 
 %description
 The USBGuard software framework helps to protect your computer against rogue USB
@@ -71,6 +77,8 @@ Requires:       %{name} = %{version}-%{release}
 The %{name}-tools package contains optional tools from the USBGuard
 software framework.
 
+%if 0%{with_gui_qt5}
+###
 %package        applet-qt
 Summary:        USBGuard Qt 5.x Applet
 Group:          Applications/System
@@ -80,7 +88,11 @@ Obsoletes:      usbguard-applet-qt <= 0.3
 %description    applet-qt
 The %{name}-applet-qt package contains an optional Qt 5.x desktop applet
 for interacting with the USBGuard daemon component.
+###
+%endif
 
+%if 0%{with_dbus}
+###
 %package        dbus
 Summary:        USBGuard D-Bus Service
 Group:          Applications/System
@@ -91,9 +103,11 @@ Requires:       polkit
 %description    dbus
 The %{name}-dbus package contains an optional component that provides
 a D-Bus interface to the USBGuard daemon component.
+###
+%endif
 
 %prep
-%setup -q -n %{user}-%{name}-%{shorttag}
+%setup -q
 # Remove bundled library sources before build
 rm -rf src/ThirdParty/{Catch,PEGTL}
 
@@ -107,9 +121,16 @@ autoreconf -i -v --no-recursive ./
     --without-bundled-catch \
     --without-bundled-pegtl \
     --enable-systemd \
+%if 0%{with_gui_qt5}
     --with-gui-qt=qt5 \
+%endif
+%if 0%{with_dbus}
     --with-dbus \
     --with-polkit \
+%else
+    --without-dbus \
+    --without-polkit \
+%endif
     --with-crypto-library=gcrypt \
     --enable-werror
 
@@ -146,14 +167,17 @@ find %{buildroot} \( -name '*.la' -o -name '*.a' \) -exec rm -f {} ';'
 %{_libdir}/*.so.*
 %{_sbindir}/usbguard-daemon
 %{_bindir}/usbguard
+%dir %{_localstatedir}/log/usbguard
 %dir %{_sysconfdir}/usbguard
-%config(noreplace) %{_sysconfdir}/usbguard/usbguard-daemon.conf
-%config(noreplace) %{_sysconfdir}/usbguard/rules.conf
+%dir %{_sysconfdir}/usbguard/IPCAccessControl.d
+%config(noreplace) %attr(0600,-,-) %{_sysconfdir}/usbguard/usbguard-daemon.conf
+%config(noreplace) %attr(0600,-,-) %{_sysconfdir}/usbguard/rules.conf
 %{_unitdir}/usbguard.service
 %{_datadir}/man/man8/usbguard-daemon.8.gz
 %{_datadir}/man/man5/usbguard-daemon.conf.5.gz
 %{_datadir}/man/man5/usbguard-rules.conf.5.gz
 %{_datadir}/man/man1/usbguard.1.gz
+%{_datadir}/bash-completion/completions/usbguard
 
 %files devel
 %defattr(-,root,root,-)
@@ -165,13 +189,19 @@ find %{buildroot} \( -name '*.la' -o -name '*.a' \) -exec rm -f {} ';'
 %defattr(-,root,root,-)
 %{_bindir}/usbguard-rule-parser
 
+%if 0%{with_gui_qt5}
+###
 %files applet-qt
 %defattr(-,root,root,-)
 %{_bindir}/usbguard-applet-qt
 %{_mandir}/man1/usbguard-applet-qt.1.gz
 %{_datadir}/applications/usbguard-applet-qt.desktop
 %{_datadir}/icons/hicolor/scalable/apps/usbguard-icon.svg
+###
+%endif
 
+%if 0%{with_dbus}
+###
 %files dbus
 %defattr(-,root,root,-)
 %{_sbindir}/usbguard-dbus
@@ -189,9 +219,18 @@ find %{buildroot} \( -name '*.la' -o -name '*.a' \) -exec rm -f {} ';'
 
 %postun dbus
 %systemd_postun_with_restart usbguard-dbus.service
-
+###
+%endif
 
 %changelog
+* Thu Apr 13 2017 Daniel Kopeček <dkopecek@redhat.com> 0.7.0-1
+- Update to 0.7.0
+  - changed PresentDevicePolicy setting from keep to apply-policy
+  - added AuditFilePath configuration option pointing to
+    /var/log/usbguard/usbguard-audit.log file
+  - install bash-completion script
+  - use 0600 file permissions for usbguard-daemon.conf and rules.conf
+
 * Sun Mar 19 2017 Daniel Kopeček <dkopecek@redhat.com> 0.6.3-0.1.20170319
 - Update to latest git snapshot