[Unit] Description=Test for SystemCallFilter [Service] ExecStart=/bin/echo "Foo bar" SystemCallFilter=~read write open execve ioperm SystemCallFilter=ioctl SystemCallFilter=read write open execve SystemCallFilter=~ioperm