From c44d87ee5f227f229f4055f60baf8768968b3f11 Mon Sep 17 00:00:00 2001
From: Martin Nikov <mnikov12@gmail.com>
Date: Thu, 18 Jan 2024 20:11:49 +0200
Subject: [PATCH] config(modules/baseServiceConfig): Revert ProcSubset=pid
 (default is all)

`ProcSubset=pid` causes various problems for both nimbus and geth
(and possibly other services), so it's better to revert that change.
---
 modules/geth/default.nix | 1 -
 modules/lib.nix          | 1 -
 2 files changed, 2 deletions(-)

diff --git a/modules/geth/default.nix b/modules/geth/default.nix
index 18d38abf..ae0ac425 100644
--- a/modules/geth/default.nix
+++ b/modules/geth/default.nix
@@ -121,7 +121,6 @@ in {
               serviceConfig = mkMerge [
                 baseServiceConfig
                 {
-                  ProcSubset = "all";
                   User = serviceName;
                   StateDirectory = serviceName;
                   ExecStart = "${cfg.package}/bin/geth ${scriptArgs}";
diff --git a/modules/lib.nix b/modules/lib.nix
index 217bd673..c8d6c6f2 100644
--- a/modules/lib.nix
+++ b/modules/lib.nix
@@ -81,7 +81,6 @@ lib: let
     #   * ProtectHome = "read-only"
     DynamicUser = mkDefault true;
 
-    ProcSubset = mkDefault "pid";
     ProtectClock = mkDefault true;
     ProtectProc = mkDefault "noaccess";
     ProtectKernelLogs = mkDefault true;