From aadbef60ced08d8c93cbd16677c27217c58deb5a Mon Sep 17 00:00:00 2001
From: ericgaspar <junk.eg@free.fr>
Date: Wed, 12 Jan 2022 10:25:38 +0100
Subject: [PATCH] Update systemd.service

---
 conf/systemd.service | 44 --------------------------------------------
 1 file changed, 44 deletions(-)

diff --git a/conf/systemd.service b/conf/systemd.service
index a052a94..eeb2d71 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -10,51 +10,7 @@ Group=__APP__
 WorkingDirectory=__FINALPATH__/
 ExecStart=__FINALPATH__/shiori serve --port __PORT__
 Restart=always
-
 Environment="SHIORI_DIR=__DATADIR__"
-DynamicUser=true
-PrivateUsers=true
-ProtectHome=true
-ProtectKernelLogs=true
-RestrictAddressFamilies=AF_INET AF_INET6
-StateDirectory=shiori
-SystemCallErrorNumber=EPERM
-SystemCallFilter=@system-service
-SystemCallFilter=~@chown
-SystemCallFilter=~@keyring
-SystemCallFilter=~@memlock
-SystemCallFilter=~@setuid
-DeviceAllow=
-
-CapabilityBoundingSet=
-LockPersonality=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-PrivateDevices=true
-PrivateTmp=true
-ProtectControlGroups=true
-ProtectKernelTunables=true
-ProtectSystem=full
-ProtectClock=true
-ProtectKernelModules=true
-ProtectProc=noaccess
-ProtectHostname=true
-ProcSubset=pid
-RestrictNamespaces=true
-RestrictRealtime=true
-RestrictSUIDSGID=true
-SystemCallArchitectures=native
-SystemCallFilter=~@clock
-SystemCallFilter=~@debug
-SystemCallFilter=~@module
-SystemCallFilter=~@mount
-SystemCallFilter=~@raw-io
-SystemCallFilter=~@reboot
-SystemCallFilter=~@privileged
-SystemCallFilter=~@resources
-SystemCallFilter=~@cpu-emulation
-SystemCallFilter=~@obsolete
-UMask=0077
 
 [Install]
 WantedBy=multi-user.target