From 5073248911d438161dd43425bf1d0f903a259ed1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=94=D0=BC=D0=B8=D1=82=D1=80=D0=B8=D0=B9=20=D0=9C=D0=B0?=
 =?UTF-8?q?=D1=80=D0=BA=D0=BE=D0=B2?= <13werwolf13@mail.ru>
Date: Thu, 12 Mar 2026 12:47:03 +0500
Subject: [PATCH] systemd contrib, add sysuser & tmpfiles configs, fix service

---
 contrib/systemd/telemt.service | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/contrib/systemd/telemt.service b/contrib/systemd/telemt.service
index 8e08efc..e2bae67 100644
--- a/contrib/systemd/telemt.service
+++ b/contrib/systemd/telemt.service
@@ -8,22 +8,14 @@ Type=simple
 User=telemt
 Group=telemt
 WorkingDirectory=/var/lib/telemt
-ExecStart=/bin/telemt /etc/telemt/telemt.toml
+ExecStart=/usr/bin/telemt /etc/telemt/telemt.toml
 Restart=on-failure
 RestartSec=10
 LimitNOFILE=65536
 AmbientCapabilities=CAP_NET_BIND_SERVICE
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 NoNewPrivileges=true
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectKernelTunables=yes
-ProtectKernelModules=yes
-ProtectControlGroups=yes
-ProtectSystem=strict
-ProtectHome=read-only
-SystemCallFilter=~@mount
-ReadWritePaths=/var/lib/telemt
+
 
 [Install]
 WantedBy=multi-user.target