daemon: don't enable ProtectSystem by default

If the chroot is in `/usr` (like `/usr/local/var/run/lldpd` which is
the default), neither systemd nor lldpd will be able to create and
write to it. This may be solved with `ReadWritePaths` (unsure if it
would create the directory), but this doesn't exist in older versions
of systemd.

Just comment the directive to let people know it exists and should
work in most cases.

Fix #308

diff --git a/src/daemon/lldpd.service.in b/src/daemon/lldpd.service.in
index 920a1311975d302549bdb4ea90b4b3ea21a5d82b..ef13dad91e641777f79c9a7421d442a11ee4136f 100644 (file)
--- a/src/daemon/lldpd.service.in
+++ b/src/daemon/lldpd.service.in
@@ -13,11 +13,10 @@ ExecStart=@sbindir@/lldpd $DAEMON_ARGS $LLDPD_OPTIONS
 Restart=on-failure
 PrivateTmp=yes
 ProtectHome=yes
-ProtectSystem=yes
-ProtectSystem=full
 ProtectKernelTunables=yes
 ProtectControlGroups=yes
 ProtectKernelModules=yes
+#ProtectSystem=full
 
 [Install]
 WantedBy=multi-user.target