From d03fe5bf7d52ff3af30d988da9e50b01cfb16199 Mon Sep 17 00:00:00 2001
From: Jonas L <jooola@users.noreply.github.com>
Date: Mon, 10 Oct 2022 16:57:56 +0200
Subject: [PATCH] fix: disable some systemd security features on bionic (#2219)

Fixes #2217
---
 install | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install b/install
index d2cca6032..ee781e4a1 100755
--- a/install
+++ b/install
@@ -283,6 +283,13 @@ install_service() {
       -e "s|@@LOG_DIR@@|${LOG_DIR}|g" \
       -e "s|@@WORKING_DIR@@|${WORKING_DIR}|g"
 
+  # TODO: Remove when Bionic support is dropped
+  if [[ $distro == "bionic" ]]; then
+    for feature in ProtectClock ProtectHostname ProtectKernelLogs ProtectProc; do
+      sed -i -e "s|^${feature}=|#${feature}=|" "$service_dest"
+    done
+  fi
+
   chmod 0644 "$service_dest"
   chown root:root "$service_dest"
   systemctl enable "$service_name"