In issue 18187 (now closed) Jacob and Simon tell us that syncthing’s systemd files have options to prevent writes to /etc and other system places by default, and that we can change that option with systemctl edit syncthing@ by adding
[Service]
ProtectSystem=off
When I do that I find that the systemd config file seems to have a default of
# # Hardening
# ProtectSystem=full
This suggests that ProtectSystem has options other than full or off. Is there documentation on these options, or syncthing systemd configuration in general? (My Google Fu is failing me!) Or is it possible to turn off protection for only specific system files/dirs?