… but leave the "trusted" profile unmodified, it shall have full access
to all system calls, as before.
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RestrictNamespaces=yes
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RestrictNamespaces=yes
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
PrivateNetwork=yes
IPAddressDeny=any
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RestrictNamespaces=yes
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
PrivateNetwork=yes
IPAddressDeny=any