diff --git a/ArchiSteamFarm/overlay/variant-base/linux/ArchiSteamFarm@.service b/ArchiSteamFarm/overlay/variant-base/linux/ArchiSteamFarm@.service
index eaefa8569..60dba6878 100644
--- a/ArchiSteamFarm/overlay/variant-base/linux/ArchiSteamFarm@.service
+++ b/ArchiSteamFarm/overlay/variant-base/linux/ArchiSteamFarm@.service
@@ -33,12 +33,16 @@ RestrictAddressFamilies=AF_INET AF_INET6
 RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
-SecureBits=noroot-locked
 SystemCallArchitectures=native
 SystemCallFilter=@system-service
 SystemCallFilter=~@privileged
 UMask=0077
 
+# TODO: Requires systemd v247+ due to https://github.com/systemd/systemd/issues/16666
+# Since we don't want to enforce OS upgrade for everybody just yet, it's commented out for now
+# We'll likely enforce it when .NET switches to Debian 11+ requirement
+#SecureBits=noroot-locked
+
 [Unit]
 After=network.target
 Description=ArchiSteamFarm Service (on %I)
diff --git a/ArchiSteamFarm/overlay/variant-specific/generic-netf/ArchiSteamFarm@.service b/ArchiSteamFarm/overlay/variant-specific/generic-netf/ArchiSteamFarm@.service
index 90280ee75..ddd74a12f 100644
--- a/ArchiSteamFarm/overlay/variant-specific/generic-netf/ArchiSteamFarm@.service
+++ b/ArchiSteamFarm/overlay/variant-specific/generic-netf/ArchiSteamFarm@.service
@@ -33,12 +33,16 @@ RestrictAddressFamilies=AF_INET AF_INET6
 RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
-SecureBits=noroot-locked
 SystemCallArchitectures=native
 SystemCallFilter=@system-service
 SystemCallFilter=~@privileged
 UMask=0077
 
+# TODO: Requires systemd v247+ due to https://github.com/systemd/systemd/issues/16666
+# Since we don't want to enforce OS upgrade for everybody just yet, it's commented out for now
+# We'll likely enforce it when .NET switches to Debian 11+ requirement
+#SecureBits=noroot-locked
+
 [Unit]
 After=network.target
 Description=ArchiSteamFarm Service (on %I)
diff --git a/ArchiSteamFarm/overlay/variant-specific/generic/ArchiSteamFarm@.service b/ArchiSteamFarm/overlay/variant-specific/generic/ArchiSteamFarm@.service
index 0eba78b69..ea59e3b6e 100644
--- a/ArchiSteamFarm/overlay/variant-specific/generic/ArchiSteamFarm@.service
+++ b/ArchiSteamFarm/overlay/variant-specific/generic/ArchiSteamFarm@.service
@@ -33,12 +33,16 @@ RestrictAddressFamilies=AF_INET AF_INET6
 RestrictNamespaces=yes
 RestrictRealtime=yes
 RestrictSUIDSGID=yes
-SecureBits=noroot-locked
 SystemCallArchitectures=native
 SystemCallFilter=@system-service
 SystemCallFilter=~@privileged
 UMask=0077
 
+# TODO: Requires systemd v247+ due to https://github.com/systemd/systemd/issues/16666
+# Since we don't want to enforce OS upgrade for everybody just yet, it's commented out for now
+# We'll likely enforce it when .NET switches to Debian 11+ requirement
+#SecureBits=noroot-locked
+
 [Unit]
 After=network.target
 Description=ArchiSteamFarm Service (on %I)