diff --git a/packaging/linux/portmaster.service b/packaging/linux/portmaster.service
index 5a56ceb3..cd25c262 100644
--- a/packaging/linux/portmaster.service
+++ b/packaging/linux/portmaster.service
@@ -23,6 +23,7 @@ Environment=LOGLEVEL=info
 Environment=PORTMASTER_ARGS=
 EnvironmentFile=-/etc/default/portmaster
 ProtectSystem=true
+ReadWritePaths=/usr/lib/portmaster
 RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
 RestrictNamespaces=yes
 ProtectHome=read-only