NoNewPrivileges=yes
ProtectControlGroups=yes
ProtectHome=yes
-ProtectHostname=yes
ProtectKernelModules=yes
ProtectSystem=strict
Restart=on-failure
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET
RestrictNamespaces=yes
RestrictRealtime=yes
+RestrictSUIDSGID=yes
RuntimeDirectory=systemd/netif
RuntimeDirectoryPreserve=yes
SystemCallArchitectures=native