Writes PrivateTmp=yes, giving the service a private view of temporary directories such as /tmp.

This helps isolate temporary files from the rest of the system. Do not use it when the service must share files through /tmp with other processes.