From e92022a21cbe2df76026b36482f5c71e3471b344 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Sat, 16 Nov 2019 14:56:28 +0000
Subject: [PATCH] Remove systemd sandboxing

---
 lib/systemd/system/proc-hidepid.service | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/lib/systemd/system/proc-hidepid.service b/lib/systemd/system/proc-hidepid.service
index 3ec2414..e4cd70e 100644
--- a/lib/systemd/system/proc-hidepid.service
+++ b/lib/systemd/system/proc-hidepid.service
@@ -13,23 +13,5 @@ After=local-fs.target
 Type=oneshot
 ExecStart=/bin/mount -o remount,nosuid,nodev,noexec,hidepid=2 /proc
 
-## Disabled since not working in Qubes.
-#ProtectSystem=strict
-#ProtectHome=true
-#ProtectKernelTunables=true
-#ProtectKernelModules=true
-#ProtectControlGroups=true
-#PrivateTmp=true
-#PrivateMounts=true
-#PrivateDevices=true
-#MemoryDenyWriteExecute=true
-#NoNewPrivileges=true
-#RestrictRealtime=true
-#SystemCallArchitectures=native
-#RestrictNamespaces=true
-#SystemCallFilter=mount munmap access read open close stat fstat lstat mmap mprotect brk rt_sigaction rt_sigprocmask execve readlink getrlimit getuid getgid geteuid getegid statfs prctl arch_prctl set_tid_address newfstatat set_robust_list openat mkdir
-
-PrivateNetwork=true
-
 [Install]
 WantedBy=sysinit.target