Luca Boccassi authored Mar 20, 2023 and Luca Boccassi committed Aug 03, 2023

When starting as root files in /proc/self/fdinfo/ will be owned as root
and set to 400, so we cannot read them. Nowadays it is not necessary to
start as root when running under systemd, so just add User/Group with
the configured user to the system unit.

If libaudit support is enabled, add AmbientCapabilities=CAP_AUDIT_WRITE
so that we can still write to the audit log.

Signed-off-by: Luca Boccassi <bluca@debian.org>