From 30ef8745d3eb17586212c0e797158ac373934b58 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 29 Nov 2022 21:45:39 +0000
Subject: [PATCH] Avoid systemd warnings on 20.04

---
 cookbooks/systemd/resources/service.rb          | 2 +-
 cookbooks/systemd/templates/default/service.erb | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cookbooks/systemd/resources/service.rb b/cookbooks/systemd/resources/service.rb
index ef7c86d76..94d0217c6 100644
--- a/cookbooks/systemd/resources/service.rb
+++ b/cookbooks/systemd/resources/service.rb
@@ -127,7 +127,7 @@ action :create do
     service_variables[:protect_kernel_modules] = true unless property_is_set?(:protect_kernel_modules)
     service_variables[:protect_kernel_logs] = true unless property_is_set?(:protect_kernel_logs)
     service_variables[:protect_control_groups] = true unless property_is_set?(:protect_control_groups)
-    service_variables[:restrict_address_families] = "none" unless property_is_set?(:restrict_address_families)
+    service_variables[:restrict_address_families] = [] unless property_is_set?(:restrict_address_families)
     service_variables[:restrict_namespaces] = true unless property_is_set?(:restrict_namespaces)
     service_variables[:lock_personality] = true unless property_is_set?(:lock_personality)
     service_variables[:memory_deny_write_execute] = true unless property_is_set?(:memory_deny_write_execute)
diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb
index c53439a2b..e64ead225 100644
--- a/cookbooks/systemd/templates/default/service.erb
+++ b/cookbooks/systemd/templates/default/service.erb
@@ -111,10 +111,10 @@ StandardOutput=<%= @standard_output %>
 <% if @standard_error -%>
 StandardError=<%= @standard_error %>
 <% end -%>
-<% if @protect_proc -%>
+<% if @protect_proc && node[:lsb][:release].to_f >= 22.04  -%>
 ProtectProc=<%= @protect_proc %>
 <% end -%>
-<% if @proc_subset -%>
+<% if @proc_subset && node[:lsb][:release].to_f >= 22.04 -%>
 ProcSubset=<%= @proc_subset %>
 <% end -%>
 <% if @no_new_privileges -%>
@@ -147,7 +147,7 @@ PrivateDevices=<%= @private_devices %>
 <% if @private_network -%>
 PrivateNetwork=<%= @private_network %>
 <% end -%>
-<% if @private_ipc -%>
+<% if @private_ipc && node[:lsb][:release].to_f >= 22.04 -%>
 PrivateIPC=<%= @private_ipc %>
 <% end -%>
 <% if @private_users -%>
-- 
2.39.5