From 781db29acc7eb1e6b07c32bdfeb8b38d5e80e353 Mon Sep 17 00:00:00 2001
From: ericgaspar <junk.eg@free.fr>
Date: Mon, 6 Sep 2021 09:44:25 +0200
Subject: [PATCH] Update systemd.service

---
 conf/systemd.service | 29 -----------------------------
 1 file changed, 29 deletions(-)

diff --git a/conf/systemd.service b/conf/systemd.service
index 97c3f6b..d804274 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -11,34 +11,5 @@ Group=__APP__
 ExecStart=__FINALPATH__/galene -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups /home/yunohost.app/__APP__/groups -recordings /home/yunohost.app/__APP__/recordings
 LimitNOFILE=65536
 
-# various hardening options
-ReadWritePaths=/home/yunohost.app/__APP__/recordings
-CapabilityBoundingSet=
-AmbientCapabilities=
-PrivateTmp=yes
-PrivateDevices=yes
-DevicePolicy=closed
-ProtectSystem=strict
-ProtectHome=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-ProtectKernelLogs=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectClock=yes
-NoNewPrivileges=yes
-MountFlags=private
-LockPersonality=yes
-RestrictRealtime=yes
-RestrictNamespaces=yes
-RestrictSUIDSGID=yes
-KeyringMode=private
-MemoryDenyWriteExecute=yes
-RemoveIPC=yes
-SystemCallArchitectures=native
-SystemCallFilter=~ @clock @cpu-emulation @debug @keyring @module @mount @raw-io @reboot @swap @obsolete @timer @resources @privileged @pkey @obsolete @setuid
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-UMask=0077
-
 [Install]
 WantedBy=multi-user.target