From 2e1a81e3a2ab194db4c78a0f54fe4551b9ec34db Mon Sep 17 00:00:00 2001
From: Ruben Kerkhof <ruben@rubenkerkhof.com>
Date: Wed, 12 Jul 2017 18:54:49 +0200
Subject: [PATCH] collectd.service: remove NoNewPrivileges setting

There are various issues with it in combination with SELinux.
See https://marc.info/?l=selinux&m=149971836431361&w=2 for some
background.
---
 contrib/systemd.collectd.service | 2 --
 1 file changed, 2 deletions(-)

diff --git a/contrib/systemd.collectd.service b/contrib/systemd.collectd.service
index 7bc15d7c..a3b689ac 100644
--- a/contrib/systemd.collectd.service
+++ b/contrib/systemd.collectd.service
@@ -29,8 +29,6 @@ ProtectHome=true
 # By default, drop all capabilities:
 CapabilityBoundingSet=
 
-NoNewPrivileges=true
-
 # Tell systemd it will receive a notification from collectd over it's control
 # socket once the daemon is ready. See systemd.service(5) for more details.
 Type=notify
-- 
2.11.0