summaryrefslogtreecommitdiffstats
path: root/man/systemd.socket.xml
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--man/systemd.socket.xml81
1 files changed, 48 insertions, 33 deletions
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 73c8c5b..a944efa 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -1,6 +1,6 @@
<?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
- "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<refentry id="systemd.socket" xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -167,9 +167,9 @@
information about the socket or FIFO it supervises. A number of
options that may be used in this section are shared with other
unit types. These options are documented in
- <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- and
- <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> and
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
The options specific to the [Socket] section of socket units are
the following:</para>
@@ -221,7 +221,9 @@
<replaceable>x</replaceable> on a port <replaceable>y</replaceable> address in the
<constant>AF_VSOCK</constant> family. The CID is a unique 32-bit integer identifier in
<constant>AF_VSOCK</constant> analogous to an IP address. Specifying the CID is optional, and may be
- set to the empty string.</para>
+ set to the empty string. <literal>vsock</literal> may be replaced with
+ <literal>vsock-stream</literal>, <literal>vsock-dgram</literal> or <literal>vsock-seqpacket</literal>
+ to force usage of the corresponding socket type.</para>
<para>Note that <constant>SOCK_SEQPACKET</constant> (i.e.
<varname>ListenSequentialPacket=</varname>) is only available
@@ -458,21 +460,18 @@
<varlistentry>
<term><varname>MaxConnections=</varname></term>
- <listitem><para>The maximum number of connections to
- simultaneously run services instances for, when
- <option>Accept=yes</option> is set. If more concurrent
- connections are coming in, they will be refused until at least
- one existing connection is terminated. This setting has no
- effect on sockets configured with
- <option>Accept=no</option> or datagram sockets. Defaults to
- 64.</para></listitem>
+ <listitem><para>The maximum number of connections to simultaneously run services instances for, when
+ <option>Accept=yes</option> is set. If more concurrent connections are coming in, they will be refused
+ until at least one existing connection is terminated. This setting has no effect on sockets configured
+ with <option>Accept=no</option> or datagram sockets. Defaults to 64.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>MaxConnectionsPerSource=</varname></term>
- <listitem><para>The maximum number of connections for a service per source IP address.
- This is very similar to the <varname>MaxConnections=</varname> directive
- above. Disabled by default.</para>
+ <listitem><para>The maximum number of connections for a service per source IP address (in case of
+ IPv4/IPv6), per source CID (in case of <constant>AF_VSOCK</constant>), or source UID (in case of
+ <constant>AF_UNIX</constant>). This is very similar to the <varname>MaxConnections=</varname>
+ directive above. Defaults to 0, i.e. disabled.</para>
<xi:include href="version-info.xml" xpointer="v232"/>
</listitem>
@@ -919,6 +918,20 @@
<xi:include href="version-info.xml" xpointer="v255"/></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>PassFileDescriptorsToExec=</varname></term>
+
+ <listitem><para>Takes a boolean argument. Defaults to off. If enabled, file descriptors created by
+ the socket unit are passed to <varname>ExecStartPost=</varname>, <varname>ExecStopPre=</varname>, and
+ <varname>ExecStopPost=</varname> commands from the socket unit. The passed file descriptors can be
+ accessed with
+ <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry> as
+ if the commands were invoked from the associated service units. Note that
+ <varname>ExecStartPre=</varname> command cannot access socket file descriptors.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/></listitem>
+ </varlistentry>
+
</variablelist>
<xi:include href="systemd.service.xml" xpointer="shared-unit-options" />
@@ -926,25 +939,27 @@
<refsect1>
<title>See Also</title>
- <para>
- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry>
- </para>
+ <para><simplelist type="inline">
+ <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
+ </simplelist></para>
<para>
For more extensive descriptions see the "systemd for Developers" series:
- <ulink url="https://0pointer.de/blog/projects/socket-activation.html">Socket Activation</ulink>,
- <ulink url="https://0pointer.de/blog/projects/socket-activation2.html">Socket Activation, part II</ulink>,
- <ulink url="https://0pointer.de/blog/projects/inetd.html">Converting inetd Services</ulink>,
- <ulink url="https://0pointer.de/blog/projects/socket-activated-containers.html">Socket Activated Internet Services and OS Containers</ulink>.
+ <simplelist type="inline">
+ <member><ulink url="https://0pointer.de/blog/projects/socket-activation.html">Socket Activation</ulink></member>
+ <member><ulink url="https://0pointer.de/blog/projects/socket-activation2.html">Socket Activation, part II</ulink></member>
+ <member><ulink url="https://0pointer.de/blog/projects/inetd.html">Converting inetd Services</ulink></member>
+ <member><ulink url="https://0pointer.de/blog/projects/socket-activated-containers.html">Socket Activated Internet Services and OS Containers</ulink></member>
+ </simplelist>.
</para>
</refsect1>