diff --git a/lib/systemd/system-preset/50-security-misc.preset b/lib/systemd/system-preset/50-security-misc.preset
index 451ef04..86601e6 100644
--- a/lib/systemd/system-preset/50-security-misc.preset
+++ b/lib/systemd/system-preset/50-security-misc.preset
@@ -2,3 +2,6 @@
 ## See the file COPYING for copying conditions.
 
 disable hide-hardware-info.service
+
+## Disable for now until development finished / tested.
+disable permission-hardening.service
diff --git a/lib/systemd/system/permission-hardening.service b/lib/systemd/system/permission-hardening.service
index 48d732b..216da23 100644
--- a/lib/systemd/system/permission-hardening.service
+++ b/lib/systemd/system/permission-hardening.service
@@ -8,9 +8,7 @@ After=local-fs.target
 
 [Service]
 Type=oneshot
-## Disable for now until development finished / tested.
-ExecStart=/bin/true
-#ExecStart=/usr/lib/security-misc/permission-hardening
+ExecStart=/usr/lib/security-misc/permission-hardening
 
 [Install]
 WantedBy=sysinit.target
diff --git a/usr/lib/security-misc/permission-hardening b/usr/lib/security-misc/permission-hardening
index 0da1dff..79708c3 100755
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@@ -11,8 +11,7 @@ config_file="/etc/permission-hardening.conf"
 
 echo_wrapper() {
    echo "run: $@"
-   ## TODO
-   #"$@"
+   "$@"
 }
 
 add_nosuid_statoverride_entry() {