grawity/hidepid.conf.xml

## hidepid.conf.xml
<?xml version="1.0"?>
<!-- /etc/dbus-1/system.d/hidepid.conf -->
<!-- This prevents users from bypassing /proc hidepid= restrictions using 'systemctl status'. -->
<busconfig>
	<!-- Allow root to use systemctl -->
	<policy user="root">
		<allow send_destination="org.freedesktop.systemd1"
			send_interface="org.freedesktop.systemd1.Manager"
			send_member="GetUnitProcesses"/>
	</policy>

	<!-- Optional, but can be used to match the "no-hidepid" gid= if you have it specified -->
	<policy group="proc">
		<allow send_destination="org.freedesktop.systemd1"
			send_interface="org.freedesktop.systemd1.Manager"
			send_member="GetUnitProcesses"/>
	</policy>

	<!-- Deny for everyone else -->
	<policy context="default">
		<deny send_destination="org.freedesktop.systemd1"
			send_interface="org.freedesktop.systemd1.Manager"
			send_member="GetUnitProcesses"/>
	</policy>
</busconfig>
	<?xml version="1.0"?>
	<!-- /etc/dbus-1/system.d/hidepid.conf -->
	<!-- This prevents users from bypassing /proc hidepid= restrictions using 'systemctl status'. -->
	<busconfig>
	<!-- Allow root to use systemctl -->
	<policy user="root">
	<allow send_destination="org.freedesktop.systemd1"
	send_interface="org.freedesktop.systemd1.Manager"
	send_member="GetUnitProcesses"/>
	</policy>

	<!-- Optional, but can be used to match the "no-hidepid" gid= if you have it specified -->
	<policy group="proc">
	<allow send_destination="org.freedesktop.systemd1"
	send_interface="org.freedesktop.systemd1.Manager"
	send_member="GetUnitProcesses"/>
	</policy>

	<!-- Deny for everyone else -->
	<policy context="default">
	<deny send_destination="org.freedesktop.systemd1"
	send_interface="org.freedesktop.systemd1.Manager"
	send_member="GetUnitProcesses"/>
	</policy>
	</busconfig>