From a7adc6b719fecd901f70606e179ea834373ab0d1 Mon Sep 17 00:00:00 2001
From: Thomas <51749973+Thovi98@users.noreply.github.com>
Date: Thu, 9 Mar 2023 00:03:56 +0100
Subject: [PATCH] revert part of hardenned service

---
 conf/fittrackee.service | 18 +-----------------
 1 file changed, 1 insertion(+), 17 deletions(-)

diff --git a/conf/fittrackee.service b/conf/fittrackee.service
index ee5baf3..b6857e4 100644
--- a/conf/fittrackee.service
+++ b/conf/fittrackee.service
@@ -36,23 +36,7 @@ ExecStart=__INSTALL_DIR__/.venv/bin/gunicorn -b 127.0.0.1:__PORT__ "fittrackee:c
 
 
 
-NoNewPrivileges=yes
-PrivateTmp=yes
-PrivateDevices=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=yes
-RestrictRealtime=yes
-DevicePolicy=closed
-ProtectClock=yes
-ProtectHostname=yes
-ProtectProc=invisible
-ProtectSystem=full
-ProtectControlGroups=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-LockPersonality=yes
-SystemCallArchitectures=native
-SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
+
 
 # Denying access to capabilities that should not be relevant for webapps
 # Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html