# {{ ansible_managed }}

[Service]
LockPersonality=true
NoNewPrivileges=true
ProtectSystem=strict
ReadWritePaths=-{{ php_fpm_log_dir }}/
ReadWritePaths=-/var/run/
ReadWritePaths=-/run/
InaccessiblePaths=-/root/