TT#110904 TT#76552 Fix systemd hardening for rand() access

We need readonly access to /dev/urandom, otherwise the rand()
calls might fail, as seen in kamailio-config-tests.

Change-Id: Id132191994ae5fe74ec3ebb7d34a4a5d50769dbc
Thanks: Victor Seva for reporting

debian/ngcp-mediator.service

@@ -75,6 +75,7 @@ PrivateNetwork=false
 # Control access to specific device nodes by the executed processes
 DevicePolicy=strict
 DeviceAllow=/dev/null rw
+DeviceAllow=/dev/urandom r
 
 # Maximum number of bytes of memory that may be locked into RAM
 LimitMEMLOCK=0