Log audit startup and validate audit path

main.py

@@ -8,7 +8,7 @@ from services.alerts import monitor_resources, monitor_smart
 from services.metrics import MetricsStore, start_sampler
 from services.queue import worker as queue_worker
 from services.notify import notify
-from services.audit import AuditMiddleware
+from services.audit import AuditMiddleware, audit_start
 import state
 import handlers.menu
 import handlers.status
@@ -31,6 +31,7 @@ async def notify_start():
 
 async def main():
     dp.update.outer_middleware(AuditMiddleware(cfg))
+    audit_start(cfg)
     state.DOCKER_MAP.clear()
     state.DOCKER_MAP.update(await discover_containers(cfg))
     if cfg.get("docker", {}).get("watchdog", True):

services/audit.py

@@ -40,6 +40,28 @@ def get_audit_logger(cfg: dict[str, Any]) -> logging.Logger:
     return logger
 
 
+def audit_health(cfg: dict[str, Any]) -> tuple[bool, str]:
+    path = _get_audit_path(cfg)
+    directory = os.path.dirname(path)
+    try:
+        os.makedirs(directory, exist_ok=True)
+        if not os.path.exists(path):
+            with open(path, "a", encoding="utf-8"):
+                pass
+        if not os.access(path, os.W_OK):
+            return False, f"Audit log not writable: {path}"
+    except Exception as e:
+        return False, f"Audit log error: {e}"
+    return True, path
+
+
+def audit_start(cfg: dict[str, Any]) -> None:
+    logger = get_audit_logger(cfg)
+    ok, detail = audit_health(cfg)
+    status = "ok" if ok else "error"
+    logger.info("startup\tstatus=%s\tpath=%s", status, detail)
+
+
 def _user_label(message: Message | CallbackQuery) -> str:
     user = message.from_user
     if not user: