collectd.service: remove NoNewPrivileges setting

There are various issues with it in combination with SELinux.
See https://marc.info/?l=selinux&m=149971836431361&w=2 for some
background.

diff --git a/contrib/systemd.collectd.service b/contrib/systemd.collectd.service
index 7bc15d7..a3b689a 100644 (file)
--- a/contrib/systemd.collectd.service
+++ b/contrib/systemd.collectd.service
@@ -29,8 +29,6 @@ ProtectHome=true
 # By default, drop all capabilities:
 CapabilityBoundingSet=
 
-NoNewPrivileges=true
-
 # Tell systemd it will receive a notification from collectd over it's control
 # socket once the daemon is ready. See systemd.service(5) for more details.
 Type=notify