[Service]
NoNewPrivileges=no
MemoryDenyWriteExecute=no
LockPersonality=no
RestrictNamespaces=no