diff -up ./usbguard.service.in.forking ./usbguard.service.in
--- ./usbguard.service.in.forking	2020-06-17 20:07:04.720564149 +0200
+++ ./usbguard.service.in	2020-06-17 20:10:00.744063846 +0200
@@ -8,11 +8,12 @@ AmbientCapabilities=
 CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER
 DeviceAllow=/dev/null rw
 DevicePolicy=strict
-ExecStart=%sbindir%/usbguard-daemon -k -c %sysconfdir%/usbguard/usbguard-daemon.conf
+ExecStart=%sbindir%/usbguard-daemon -f -s -c %sysconfdir%/usbguard/usbguard-daemon.conf
 IPAddressDeny=any
 LockPersonality=yes
 MemoryDenyWriteExecute=yes
 NoNewPrivileges=yes
+PIDFile=/var/run/usbguard.pid
 PrivateDevices=yes
 PrivateTmp=yes
 ProtectControlGroups=yes
@@ -20,14 +21,14 @@ ProtectHome=yes
 ProtectKernelModules=yes
 ProtectSystem=yes
 ReadOnlyPaths=-/
-ReadWritePaths=-/dev/shm -%localstatedir%/log/usbguard -/tmp -%sysconfdir%/usbguard/
+ReadWritePaths=-/dev/shm -%localstatedir%/log/usbguard -/tmp -%sysconfdir%/usbguard/ -/var/run
 Restart=on-failure
 RestrictAddressFamilies=AF_UNIX AF_NETLINK
 RestrictNamespaces=yes
 RestrictRealtime=yes
 SystemCallArchitectures=native
 SystemCallFilter=@system-service
-Type=simple
+Type=forking
 UMask=0077
 
 [Install]