Revert "MDEV-36591: RHEL8(+compat)/Ubuntu 20.04 cannot start systemd servce (EXIT_CAPABILTIES/218)"

This reverts commit 8925877dc8.

cmake/systemd.cmake

@@ -57,15 +57,6 @@ MACRO(CHECK_SYSTEMD)
 # ProtectSystem=full prevents it
 ReadWritePaths=-${MYSQL_DATADIR}\n")
         ENDIF()
-	# systemd version 245 (Ubuntu 20.04) and less cannot
-        # handle ambient capbilities on non-root processes
-	# 247 (Debian 11) is a version afterwards that is known to work.
-        IF(LIBSYSTEMD_VERSION VERSION_GREATER_EQUAL 247)
-          SET(SYSTEMD_AMBIENT_CAPABILITIES
-"# CAP_IPC_LOCK To allow --memlock to be used as non-root user
-AmbientCapabilities=CAP_IPC_LOCK
-")
-        ENDIF()
 
         MESSAGE_ONCE(systemd "Systemd features enabled")
       ELSE()

support-files/mariadb.service.in

@@ -47,7 +47,10 @@ PrivateNetwork=false
 User=mysql
 Group=mysql
 
-@SYSTEMD_AMBIENT_CAPABILITIES@
+# CAP_IPC_LOCK To allow memlock to be used as non-root user
+# These are enabled by default
+AmbientCapabilities=CAP_IPC_LOCK
+
 # CAP_DAC_OVERRIDE To allow auth_pam_tool (which is SUID root) to read /etc/shadow when it's chmod 0
 #   does nothing for non-root, not needed if /etc/shadow is u+r
 # CAP_AUDIT_WRITE auth_pam_tool needs it on Debian for whatever reason

support-files/mariadb@.service.in

@@ -177,7 +177,10 @@ PrivateNetwork=false
 ## Package maintainers
 ##
 
-@SYSTEMD_AMBIENT_CAPABILITIES@
+# CAP_IPC_LOCK To allow memlock to be used as non-root user
+# These are enabled by default
+AmbientCapabilities=CAP_IPC_LOCK
+
 # CAP_DAC_OVERRIDE To allow auth_pam_tool (which is SUID root) to read /etc/shadow when it's chmod 0
 #   does nothing for non-root, not needed if /etc/shadow is u+r
 # CAP_AUDIT_WRITE auth_pam_tool needs it on Debian for whatever reason