diff --git a/contrib/redlib.service b/contrib/redlib.service
index c43ef49..e483460 100644
--- a/contrib/redlib.service
+++ b/contrib/redlib.service
@@ -30,7 +30,8 @@ RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
 SystemCallArchitectures=native
-SystemCallFilter=@system-service ~@privileged ~@resources
+SystemCallFilter=@system-service
+SystemCallFilter=~@privileged @resources
 UMask=0077
 
 [Install]