Add SystemCallArchitectures=native

3 years ago · 05daf22a1e
parent 73fc350b84
commit 05daf22a1e
1 changed files with 1 additions and 0 deletions
--- a/systemd/step-ca.service
+++ b/systemd/step-ca.service
@ -48,6 +48,7 @@ RemoveIPC=true
 RestrictRealtime=true
 PrivateDevices=true
 SystemCallFilter=@system-service
+SystemCallArchitectures=native
 MemoryDenyWriteExecute=true
 ReadWriteDirectories=/etc/step-ca/db