cmd/tailscaled/tailscaled.service: revert recent hardening for now

It broke Debian Stretch. We'll try again later. Updates #1245 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> (cherry picked from commit 2889fabaefc50040507ead652d6d2b212f476c2b)
2025-02-22 12:58:37 +00:00 · 2021-02-01 13:12:15 -08:00 · 2021-02-01 13:12:15 -08:00 · bb0ef32dd2
commit bb0ef32dd2
parent dde7ba4ecf
1 changed files with 0 additions and 19 deletions
--- a/cmd/tailscaled/tailscaled.service
+++ b/cmd/tailscaled/tailscaled.service
@ -20,24 +20,5 @@ CacheDirectory=tailscale
 CacheDirectoryMode=0750
 Type=notify
 DeviceAllow=/dev/net/tun
 DeviceAllow=/dev/null
 DeviceAllow=/dev/random
 DeviceAllow=/dev/urandom
 DevicePolicy=strict
 LockPersonality=true
 MemoryDenyWriteExecute=true
 PrivateTmp=true
 ProtectClock=true
 ProtectControlGroups=true
 ProtectHome=true
 ProtectKernelTunables=true
 ProtectSystem=strict
 ReadWritePaths=/etc/
 ReadWritePaths=/run/
 ReadWritePaths=/var/run/
 RestrictSUIDSGID=true
 SystemCallArchitectures=native
 [Install]
 WantedBy=multi-user.target