From 9ea8c59f48be7f90cdce5bb988e977457061d9f5 Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Sun, 22 Jan 2023 15:52:24 -0800
Subject: [PATCH] Try setting TMPDIR

---
 objectifier-module.nix | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/objectifier-module.nix b/objectifier-module.nix
index 52e586d..66975a6 100644
--- a/objectifier-module.nix
+++ b/objectifier-module.nix
@@ -63,17 +63,18 @@ in {
         OBJECTIFIER_BUFFER_SIZE = "524288";
         OBJECTIFIER_CLEANUP_MAX_AGE = toString cfg.cleanup.max_file_age;
         OBJECTIFIER_CLEANUP_DELAY = toString cfg.cleanup.delay;
+        TMPDIR = "/tmp";
       };
       serviceConfig = {
         PrivateUsers = true;
         PrivateDevices = true;
-        # PrivateTmp = true;
-        # PrivateMounts = true;
-        # ProtectControlGroups = true;
+        PrivateTmp = true;
+        PrivateMounts = true;
+        ProtectControlGroups = true;
         ProtectKernelTunables = true;
         ProtectKernelModules = true;
-        # ProtectSystem = true;
-        # ProtectHostname = true;
+        ProtectSystem = true;
+        ProtectHostname = true;
         ProtectHome = true;
         ProtectClock = true;
         ProtectKernelLogs = true;