diff --git a/systemd/system/auditd.service.d/override.conf b/systemd/system/auditd.service.d/override.conf
new file mode 100644
index 0000000..ad7372c
--- /dev/null
+++ b/systemd/system/auditd.service.d/override.conf
@@ -0,0 +1,3 @@
+[Service]
+CapabilityBoundingSet=
+NoNewPrivileges=false
diff --git a/systemd/system/cron.service.d/override.conf b/systemd/system/cron.service.d/override.conf
new file mode 100644
index 0000000..9c81f0b
--- /dev/null
+++ b/systemd/system/cron.service.d/override.conf
@@ -0,0 +1,2 @@
+[Service]
+ProtectSystem=false
\ No newline at end of file
diff --git a/systemd/system/lm-sensors.service.d/override.conf b/systemd/system/lm-sensors.service.d/override.conf
new file mode 100644
index 0000000..225db39
--- /dev/null
+++ b/systemd/system/lm-sensors.service.d/override.conf
@@ -0,0 +1,2 @@
+[Service]
+PrivateDevices=false
diff --git a/systemd/system/restorecond.service.d/override.conf b/systemd/system/restorecond.service.d/override.conf
new file mode 100644
index 0000000..ea23c39
--- /dev/null
+++ b/systemd/system/restorecond.service.d/override.conf
@@ -0,0 +1,4 @@
+[Service]
+CapabilityBoundingSet=
+ProtectSystem=true      # restorecond handles files in /etc
+ProtectHome=false       # restorecond handles files in /root
diff --git a/systemd/system/ssh.service.d/override.conf b/systemd/system/ssh.service.d/override.conf
new file mode 100644
index 0000000..ad7372c
--- /dev/null
+++ b/systemd/system/ssh.service.d/override.conf
@@ -0,0 +1,3 @@
+[Service]
+CapabilityBoundingSet=
+NoNewPrivileges=false