1 files changed, 48 insertions, 33 deletions

diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 73c8c5b..a944efa 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -1,6 +1,6 @@
 <?xml version='1.0'?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
-  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
 <!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
 
 <refentry id="systemd.socket" xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -167,9 +167,9 @@
     information about the socket or FIFO it supervises. A number of
     options that may be used in this section are shared with other
     unit types. These options are documented in
-    <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-    and
-    <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+    <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+    <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> and
+    <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
     The options specific to the [Socket] section of socket units are
     the following:</para>
 
@@ -221,7 +221,9 @@
         <replaceable>x</replaceable> on a port <replaceable>y</replaceable> address in the
         <constant>AF_VSOCK</constant> family.  The CID is a unique 32-bit integer identifier in
         <constant>AF_VSOCK</constant> analogous to an IP address.  Specifying the CID is optional, and may be
-        set to the empty string.</para>
+        set to the empty string. <literal>vsock</literal> may be replaced with
+        <literal>vsock-stream</literal>, <literal>vsock-dgram</literal> or <literal>vsock-seqpacket</literal>
+        to force usage of the corresponding socket type.</para>
 
         <para>Note that <constant>SOCK_SEQPACKET</constant> (i.e.
         <varname>ListenSequentialPacket=</varname>) is only available
@@ -458,21 +460,18 @@
 
       <varlistentry>
         <term><varname>MaxConnections=</varname></term>
-        <listitem><para>The maximum number of connections to
-        simultaneously run services instances for, when
-        <option>Accept=yes</option> is set. If more concurrent
-        connections are coming in, they will be refused until at least
-        one existing connection is terminated. This setting has no
-        effect on sockets configured with
-        <option>Accept=no</option> or datagram sockets. Defaults to
-        64.</para></listitem>
+        <listitem><para>The maximum number of connections to simultaneously run services instances for, when
+        <option>Accept=yes</option> is set. If more concurrent connections are coming in, they will be refused
+        until at least one existing connection is terminated. This setting has no effect on sockets configured
+        with <option>Accept=no</option> or datagram sockets. Defaults to 64.</para></listitem>
       </varlistentry>
 
       <varlistentry>
         <term><varname>MaxConnectionsPerSource=</varname></term>
-        <listitem><para>The maximum number of connections for a service per source IP address.
-        This is very similar to the <varname>MaxConnections=</varname> directive
-        above. Disabled by default.</para>
+        <listitem><para>The maximum number of connections for a service per source IP address (in case of
+        IPv4/IPv6), per source CID (in case of <constant>AF_VSOCK</constant>), or source UID (in case of
+        <constant>AF_UNIX</constant>). This is very similar to the <varname>MaxConnections=</varname>
+        directive above. Defaults to 0, i.e. disabled.</para>
 
         <xi:include href="version-info.xml" xpointer="v232"/>
         </listitem>
@@ -919,6 +918,20 @@
         <xi:include href="version-info.xml" xpointer="v255"/></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><varname>PassFileDescriptorsToExec=</varname></term>
+
+        <listitem><para>Takes a boolean argument. Defaults to off. If enabled, file descriptors created by
+        the socket unit are passed to <varname>ExecStartPost=</varname>, <varname>ExecStopPre=</varname>, and
+        <varname>ExecStopPost=</varname> commands from the socket unit. The passed file descriptors can be
+        accessed with
+        <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry> as
+        if the commands were invoked from the associated service units.  Note that
+        <varname>ExecStartPre=</varname> command cannot access socket file descriptors.</para>
+
+        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
+      </varlistentry>
+
     </variablelist>
 
     <xi:include href="systemd.service.xml" xpointer="shared-unit-options" />
@@ -926,25 +939,27 @@
 
   <refsect1>
       <title>See Also</title>
-      <para>
-        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-      </para>
+      <para><simplelist type="inline">
+        <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
+        <member><citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
+      </simplelist></para>
       <para>
         For more extensive descriptions see the "systemd for Developers" series:
-        <ulink url="https://0pointer.de/blog/projects/socket-activation.html">Socket Activation</ulink>,
-        <ulink url="https://0pointer.de/blog/projects/socket-activation2.html">Socket Activation, part II</ulink>,
-        <ulink url="https://0pointer.de/blog/projects/inetd.html">Converting inetd Services</ulink>,
-        <ulink url="https://0pointer.de/blog/projects/socket-activated-containers.html">Socket Activated Internet Services and OS Containers</ulink>.
+        <simplelist type="inline">
+          <member><ulink url="https://0pointer.de/blog/projects/socket-activation.html">Socket Activation</ulink></member>
+          <member><ulink url="https://0pointer.de/blog/projects/socket-activation2.html">Socket Activation, part II</ulink></member>
+          <member><ulink url="https://0pointer.de/blog/projects/inetd.html">Converting inetd Services</ulink></member>
+          <member><ulink url="https://0pointer.de/blog/projects/socket-activated-containers.html">Socket Activated Internet Services and OS Containers</ulink></member>
+        </simplelist>.
       </para>
   </refsect1>