daemon: systemd unit cannot use ProtectSystem=strict

lldpd needs to create its socket in `/run`. It's put outside the chroot
on purpose but it's not on a directory on its own.

diff --git a/src/daemon/lldpd.service.in b/src/daemon/lldpd.service.in
index 4f4ff0ee79720b304f37411731342ad879168813..c95afa7d63cf8fdcf5985fb22d9234e29d1657e3 100644 (file)
--- a/src/daemon/lldpd.service.in
+++ b/src/daemon/lldpd.service.in
@@ -18,10 +18,8 @@ PrivateTmp=yes
 # systemd >= 214
 #ProtectHome=yes
 #ProtectSystem=yes
-# systemd >= 231
-#ReadWritePaths=@PRIVSEP_CHROOT@
 # systemd >= 232
-#ProtectSystem=strict
+#ProtectSystem=full
 #ProtectKernelTunables=yes
 #ProtectControlGroups=yes
 #ProtectKernelModules=yes