I have installed Suricata from OISF provided RPMs on CentOS 7. When services starts the following warnings occurs:
[/usr/lib/systemd/system/suricata.service:17] Unknown lvalue ‘MemoryDenyWriteExecute’ in section ‘Service’
[/usr/lib/systemd/system/suricata.service:18] Unknown lvalue ‘LockPersonality’ in section ‘Service’
[/usr/lib/systemd/system/suricata.service:19] Unknown lvalue ‘ProtectControlGroups’ in section ‘Service’
[/usr/lib/systemd/system/suricata.service:20] Unknown lvalue ‘ProtectKernelModules’ in section ‘Service’
In the suricata.service these four parameters are set to “true”. If the value “yes” is used the warnings don’t occur. Theoretically based on man systemd.unit the boolean arguments can be written in various formats (1, yes, true and on are equivalent). It looks like it is not. The suricata.service in CentOS/RHEL rpms can be corrected.