Don't let systemd hide /home and /tmp

Admins might expect ejabberd to be able to access data below /home or /tmp. For example, they might use those locations to dump/restore Mnesia backups, or as a document root for mod_http_fileserver or mod_http_upload. Fixes #1297.
author: Holger Weiss <holger@zedat.fu-berlin.de> 2016-10-19 23:11:26 +0200
committer: Holger Weiss <holger@zedat.fu-berlin.de> 2016-10-19 23:11:26 +0200
commit: f56840a68271c52fa17a51f7de2601e55da14018 (patch)
tree: a43148759ddf66f96c93ab7b4eea46438daeb465 /ejabberd.service.template
parent: Merge pull request #1343 from gardenia/mod_muc_configurable_max_discoitems (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/ejabberd.service.template b/ejabberd.service.template
index 49ba14737..fdb8fd0b7 100644
--- a/ejabberd.service.template
+++ b/ejabberd.service.template
@@ -14,9 +14,7 @@ Type=oneshot
 RemainAfterExit=yes
 # The CAP_DAC_OVERRIDE capability is required for pam authentication to work
 CapabilityBoundingSet=CAP_DAC_OVERRIDE
-PrivateTmp=true
 PrivateDevices=true
-ProtectHome=true
 ProtectSystem=full
 NoNewPrivileges=true
author	Holger Weiss <holger@zedat.fu-berlin.de>	2016-10-19 23:11:26 +0200
committer	Holger Weiss <holger@zedat.fu-berlin.de>	2016-10-19 23:11:26 +0200
commit	f56840a68271c52fa17a51f7de2601e55da14018 (patch)
tree	a43148759ddf66f96c93ab7b4eea46438daeb465 /ejabberd.service.template
parent	Merge pull request #1343 from gardenia/mod_muc_configurable_max_discoitems (diff)