Revert some hardening that breaks LXC

For each of these, we should be OK since we run as an unprivileged user anyways.
2021-12-12 16:57:35 -05:00 · 2021-12-12 16:57:35 -05:00 · 9a2b88cb1f
commit 9a2b88cb1f
parent 2c6d6dbbf8
1 changed files with 6 additions and 6 deletions
--- a/debian/jellyfin.service
+++ b/debian/jellyfin.service
@ -13,17 +13,17 @@ TimeoutSec = 15
 NoNewPrivileges=true
 SystemCallArchitectures=native
 RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=true
+RestrictNamespaces=false
 RestrictRealtime=true
 RestrictSUIDSGID=true
 ProtectClock=true
-ProtectControlGroups=true
+ProtectControlGroups=false
 ProtectHostname=true
-ProtectKernelLogs=true
+ProtectKernelLogs=false
-ProtectKernelModules=true
+ProtectKernelModules=false
-ProtectKernelTunables=true
+ProtectKernelTunables=false
 LockPersonality=true
-PrivateTmp=true
+PrivateTmp=false
 PrivateDevices=false
 PrivateUsers=true
 RemoveIPC=true