From 6dd9c3232357321f5c6afa5f9c34f073d7839a00 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 11 Nov 2020 20:00:58 +0100 Subject: [PATCH] Not sure why but @priviledged is causing issue on some legit services.. --- conf/systemd.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/systemd.service b/conf/systemd.service index ca2ed1a..04d1c0d 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -25,7 +25,7 @@ ProtectControlGroups=yes ProtectKernelModules=yes ProtectKernelTunables=yes LockPersonality=yes -SystemCallFilter=~@clock @debug @module @mount @obsolete @privileged @reboot @setuid @swap +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap # Denying access to capabilities that should not be relevant for webapps # Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html