Let systemd bitcoind write to /etc/bitcoin #14674

The hardening measure ProtectSystem=full makes /etc read-only along with its subdirectories, including /etc/bitcoin. That prevents bitcoind from launching successfully when it finds it cannot write to /etc/bitcoin/debug.log and such.

Exempt /etc/bitcoin with the directive ReadWritePaths=/etc/bitcoin

To verify this change:

1. Log in as root.
2. Copy bitcoind.service to the relevant directory for your OS, e.g.:

$ cp bitcoind.service /lib/systemd/system/bitcoind.service

3. Reload systemd's daemon configs, enable, and start bitcoind through systemd:

$ sudo systemctl daemon-reload
$ sudo systemctl enable bitcoind
$ sudo systemctl start bitcoind

4. Verify that bitcoind launched successfully:

$ sudo systemctl status bitcoind.service
* bitcoind.service - Bitcoin daemon
   Loaded: loaded (/lib/systemd/system/bitcoind.service; enabled; vendor preset:
   Active: active (running) since 

bitcoind should never be writing to /etc

debug.log belongs under /var/lib

<!--e57a25ab6845829454e8d69fc972939a-->

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

<!--174a7506f384e20aa4161008e828411d-->

Conflicts

No conflicts as of last run.

Oh, I had apparently misinterpreted the intent of this file referring to /etc/bitcoin/bitcoin.conf . I thought that suggested that the files normally in ~/.bitcoin (including chainstate, data, and wallet directories) were meant to be placed in /etc/bitcoin when configured to launch automatically through systemd. Since that's apparently not the intent, I'll close this PR.