diff --git a/templates/usr/local/lib/systemd/system/rosetta_maintenance_begin.service.j2 b/templates/usr/local/lib/systemd/system/rosetta_maintenance_begin.service.j2
index 056d22d47836c774352f9556e7826a3448a5d773..9a63802746c2656ca743701f6776f2a8e4274f17 100644
--- a/templates/usr/local/lib/systemd/system/rosetta_maintenance_begin.service.j2
+++ b/templates/usr/local/lib/systemd/system/rosetta_maintenance_begin.service.j2
@@ -15,15 +15,15 @@ Group={{ vault_rosetta_group }}
 # or at `man (5) systemd.exec`
 ProtectSystem=strict
 ProtectHome=read-only
-ProtectHostname=true
-ProtectClock=true
-ProtectKernelTunables=true
-ProtectKernelModules=true
-ProtectKernelLogs=true
-ProtectControlGroups=true
-LockPersonality=true
-MemoryDenyWriteExecute=true
-RestrictRealtime=true
+#ProtectHostname=true
+#ProtectClock=true
+#ProtectKernelTunables=true
+#ProtectKernelModules=true
+#ProtectKernelLogs=true
+#ProtectControlGroups=true
+#LockPersonality=true
+#MemoryDenyWriteExecute=true
+#RestrictRealtime=true
 #RestrictSUIDSGID=true
 ## RemoveIPC=true
 ## PrivateMounts=true