From 7415970a3e853ba153c4e8147147751d15e7ea98 Mon Sep 17 00:00:00 2001
From: MidAutumnMoon <me@418.im>
Date: Mon, 24 Oct 2022 10:46:56 +0800
Subject: [PATCH] nixos/endlessh-go: set proper SystemCallFilter

---
 nixos/modules/services/security/endlessh-go.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/security/endlessh-go.nix b/nixos/modules/services/security/endlessh-go.nix
index 61cca5531739..6557ec953cd8 100644
--- a/nixos/modules/services/security/endlessh-go.nix
+++ b/nixos/modules/services/security/endlessh-go.nix
@@ -126,7 +126,7 @@ in
           RestrictRealtime = true;
           RestrictSUIDSGID = true;
           SystemCallArchitectures = "native";
-          SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
+          SystemCallFilter = [ "@system-service" "~@privileged" ];
         };
     };