From af9cac5b78507c58f72ab6e389583755f50cdc5f Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Wed, 16 Nov 2022 12:03:56 +0000
Subject: [PATCH] user unit: remove ProtectSystem=

In a user unit ProtectSystem= cannot work without PrivateUsers=yes,
as mounts can only be done in a user namespace when not running as root.
In the future this will be implicit, so remove it to avoid unintended
sandboxing from being enabled.
---
 data/user/uresourced.service.in | 1 -
 1 file changed, 1 deletion(-)

diff --git a/data/user/uresourced.service.in b/data/user/uresourced.service.in
index 09212a2..0be14e8 100644
--- a/data/user/uresourced.service.in
+++ b/data/user/uresourced.service.in
@@ -20,5 +20,4 @@ ExecStart=@libexecdir@/uresourced --user
 TimeoutStopSec=5s
 
 
-ProtectSystem=strict
 RestrictAddressFamilies=AF_UNIX
-- 
GitLab