Merge master into staging-next

author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> 2023-08-18 00:01:46 +0000
committer: GitHub <noreply@github.com> 2023-08-18 00:01:46 +0000
commit: f1d7a13229bdf135d2701848045d846f83b77524 (patch)
tree: 95415eb78a9afb99b9c9e92c0fcb116d33268418 /nixos/modules/services/web-apps/photoprism.nix
parent: fbb4f932eeb6b4458051cd51001bf6c508eebfc3 (diff)
parent: 52042e1e9b1fb43a80d261e157cd6894aa1f88f2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/web-apps/photoprism.nix b/nixos/modules/services/web-apps/photoprism.nix
index d5ca6014780ab..423ad5375baab 100644
--- a/nixos/modules/services/web-apps/photoprism.nix
+++ b/nixos/modules/services/web-apps/photoprism.nix
@@ -123,7 +123,7 @@ in
         RestrictNamespaces = true;
         RestrictRealtime = true;
         SystemCallArchitectures = "native";
-        SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ];
+        SystemCallFilter = [ "@system-service" "~@setuid @keyring" ];
         UMask = "0066";
       } // lib.optionalAttrs (cfg.port < 1024) {
         AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
author	github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2023-08-18 00:01:46 +0000
committer	GitHub <noreply@github.com>	2023-08-18 00:01:46 +0000
commit	f1d7a13229bdf135d2701848045d846f83b77524 (patch)
tree	95415eb78a9afb99b9c9e92c0fcb116d33268418 /nixos/modules/services/web-apps/photoprism.nix
parent	fbb4f932eeb6b4458051cd51001bf6c508eebfc3 (diff)
parent	52042e1e9b1fb43a80d261e157cd6894aa1f88f2 (diff)