Procfs

ProtectKernelTunables setting

Restrict systemd units to access information from the kernel tunables in the /proc and /sys directories with the unit setting ProtectKernelTunables.

ProcSubset setting

Restrict systemd units to access information from the /proc directory with the unit setting ProcSubset.

ProtectProc setting

Restrict systemd units to access information from the /proc directory with the unit setting ProtectProc.