proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-06-04 02:58:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
60f067b410
systemd/man/systemd.socket.html
Jon Severinsson 60f067b410 Imported Upstream version 214
2014-07-11 02:23:25 +02:00

546 lines
47 KiB
HTML
Raw Blame History

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>systemd.socket</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
a.headerlink {
color: #c60f0f;
font-size: 0.8em;
padding: 0 4px 0 4px;
text-decoration: none;
visibility: hidden;
}
a.headerlink:hover {
background-color: #c60f0f;
color: white;
}
h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
visibility: visible;
}
</style><a href="index.html">Index </a>·
<a href="systemd.directives.html">Directives </a>·
<a href="../python-systemd/index.html">Python </a>·
<a href="../libudev/index.html">libudev </a>·
<a href="../libudev/index.html">gudev </a><span style="float:right">systemd 214</span><hr><div class="refentry"><a name="systemd.socket"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>systemd.socket — Socket unit configuration</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename"><em class="replaceable"><code>socket</code></em>.socket</code></p></div><div class="refsect1"><a name="idm214174500608"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description"></a></h2><p>A unit configuration file whose name ends in
"<code class="literal">.socket</code>" encodes information about
an IPC or network socket or a file system FIFO
controlled and supervised by systemd, for socket-based
activation.</p><p>This man page lists the configuration options
specific to this unit type. See
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>
for the common options of all unit configuration
files. The common configuration items are configured
in the generic [Unit] and [Install] sections. The
socket specific configuration options are configured
in the [Socket] section.</p><p>Additional options are listed in
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>,
which define the execution environment the
<code class="option">ExecStartPre=</code>,
<code class="option">ExecStartPost=</code>,
<code class="option">ExecStopPre=</code> and
<code class="option">ExecStopPost=</code> commands are executed
in, and in
<a href="systemd.kill.html"><span class="citerefentry"><span class="refentrytitle">systemd.kill</span>(5)</span></a>,
which define the way the processes are terminated, and
in
<a href="systemd.resource-control.html"><span class="citerefentry"><span class="refentrytitle">systemd.resource-control</span>(5)</span></a>,
which configure resource control settings for the
processes of the socket.</p><p>For each socket file, a matching service file
must exist, describing the service to start on
incoming traffic on the socket (see
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>
for more information about .service files). The name
of the .service unit is by default the same as the
name of the .socket unit, but can be altered with the
<code class="option">Service=</code> option described below.
Depending on the setting of the <code class="option">Accept=</code>
option described below, this .service unit must either
be named like the .socket unit, but with the suffix
replaced, unless overridden with
<code class="option">Service=</code>; or it must be a template
unit named the same way. Example: a socket file
<code class="filename">foo.socket</code> needs a matching
service <code class="filename">foo.service</code> if
<code class="option">Accept=false</code> is set. If
<code class="option">Accept=true</code> is set, a service
template file <code class="filename">foo@.service</code> must
exist from which services are instantiated for each
incoming connection.</p><p>Unless <code class="varname">DefaultDependencies=</code>
is set to <code class="option">false</code>, socket units will
implicitly have dependencies of type
<code class="varname">Requires=</code> and
<code class="varname">After=</code> on
<code class="filename">sysinit.target</code> as well as
dependencies of type <code class="varname">Conflicts=</code> and
<code class="varname">Before=</code> on
<code class="filename">shutdown.target</code>. These ensure
that socket units pull in basic system
initialization, and are terminated cleanly prior to
system shutdown. Only sockets involved with early
boot or late system shutdown should disable this
option.</p><p>Socket units will have a
<code class="varname">Before=</code> dependency on the service
which they trigger added implicitly. No implicit
<code class="varname">WantedBy=</code> or
<code class="varname">RequiredBy=</code> dependency from the
socket to the service is added. This means that the
service may be started without the socket, in which
case it must be able to open sockets by itself. To
prevent this, an explicit <code class="varname">Requires=</code>
dependency may be added.</p><p>Socket units may be used to implement on-demand
starting of services, as well as parallelized starting
of services. See the blog stories linked at the end
for an introduction.</p><p>Note that the daemon software configured for
socket activation with socket units needs to be able
to accept sockets from systemd, either via systemd's
native socket passing interface (see
<a href="sd_listen_fds.html"><span class="citerefentry"><span class="refentrytitle">sd_listen_fds</span>(3)</span></a>
for details) or via the traditional
<a href="inetd.html"><span class="citerefentry"><span class="refentrytitle">inetd</span>(8)</span></a>-style
socket passing (i.e. sockets passed in via standard input and
output, using <code class="varname">StandardInput=socket</code>
in the service file).</p></div><div class="refsect1"><a name="idm214178372784"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options"></a></h2><p>Socket files must include a [Socket] section,
which carries information about the socket or FIFO it
supervises. A number of options that may be used in
this section are shared with other unit types. These
options are documented in
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>
and
<a href="systemd.kill.html"><span class="citerefentry"><span class="refentrytitle">systemd.kill</span>(5)</span></a>. The
options specific to the [Socket] section of socket
units are the following:</p><div class="variablelist"><dl class="variablelist"><dt id="ListenStream="><span class="term"><code class="varname">ListenStream=</code>, </span><span class="term"><code class="varname">ListenDatagram=</code>, </span><span class="term"><code class="varname">ListenSequentialPacket=</code></span><a class="headerlink" title="Permalink to this term" href="#ListenStream="></a></dt><dd><p>Specifies an address
to listen on for a stream
(<code class="constant">SOCK_STREAM</code>), datagram (<code class="constant">SOCK_DGRAM</code>),
or sequential packet
(<code class="constant">SOCK_SEQPACKET</code>) socket, respectively. The address
can be written in various formats:</p><p>If the address starts with a
slash ("<code class="literal">/</code>"), it is read as file system
socket in the <code class="constant">AF_UNIX</code> socket
family.</p><p>If the address starts with an at
symbol ("<code class="literal">@</code>"), it is read as abstract
namespace socket in the
<code class="constant">AF_UNIX</code>
family. The "<code class="literal">@</code>" is
replaced with a
<code class="constant">NUL</code> character
before binding. For details, see
<a href="unix.html"><span class="citerefentry"><span class="refentrytitle">unix</span>(7)</span></a>.</p><p>If the address string is a
single number, it is read as port
number to listen on via
IPv6. Depending on the value of
<code class="varname">BindIPv6Only=</code> (see below) this
might result in the service being
available via both IPv6 and IPv4 (default) or
just via IPv6.
</p><p>If the address string is a
string in the format v.w.x.y:z, it is
read as IPv4 specifier for listening
on an address v.w.x.y on a port
z.</p><p>If the address string is a
string in the format [x]:y, it is read
as IPv6 address x on a port y. Note
that this might make the service
available via IPv4, too, depending on
the <code class="varname">BindIPv6Only=</code>
setting (see below).
</p><p>Note that <code class="constant">SOCK_SEQPACKET</code>
(i.e. <code class="varname">ListenSequentialPacket=</code>)
is only available for <code class="constant">AF_UNIX</code>
sockets. <code class="constant">SOCK_STREAM</code>
(i.e. <code class="varname">ListenStream=</code>)
when used for IP sockets refers to TCP
sockets, <code class="constant">SOCK_DGRAM</code>
(i.e. <code class="varname">ListenDatagram=</code>)
to UDP.</p><p>These options may be specified
more than once in which case incoming
traffic on any of the sockets will
trigger service activation, and all
listed sockets will be passed to the
service, regardless of whether there is
incoming traffic on them or not. If
the empty string is assigned to any of
these options, the list of addresses
to listen on is reset, all prior uses
of any of these options will have no
effect.</p><p>It is also possible to have more
than one socket unit for the same
service when using
<code class="varname">Service=</code>, and the
service will receive all the sockets
configured in all the socket units.
Sockets configured in one unit are
passed in the order of configuration,
but no ordering between socket units
is specified.</p><p>If an IP address is used here,
it is often desirable to listen on it
before the interface it is configured
on is up and running, and even
regardless of whether it will be up and
running at any point. To deal with this,
it is recommended to set the
<code class="varname">FreeBind=</code> option
described below.</p></dd><dt id="ListenFIFO="><span class="term"><code class="varname">ListenFIFO=</code></span><a class="headerlink" title="Permalink to this term" href="#ListenFIFO="></a></dt><dd><p>Specifies a file
system FIFO to listen on. This expects
an absolute file system path as
argument. Behavior otherwise is very
similar to the
<code class="varname">ListenDatagram=</code>
directive above.</p></dd><dt id="ListenSpecial="><span class="term"><code class="varname">ListenSpecial=</code></span><a class="headerlink" title="Permalink to this term" href="#ListenSpecial="></a></dt><dd><p>Specifies a special
file in the file system to listen
on. This expects an absolute file
system path as argument. Behavior
otherwise is very similar to the
<code class="varname">ListenFIFO=</code>
directive above. Use this to open
character device nodes as well as
special files in
<code class="filename">/proc</code> and
<code class="filename">/sys</code>.</p></dd><dt id="ListenNetlink="><span class="term"><code class="varname">ListenNetlink=</code></span><a class="headerlink" title="Permalink to this term" href="#ListenNetlink="></a></dt><dd><p>Specifies a Netlink
family to create a socket for to
listen on. This expects a short string
referring to the <code class="constant">AF_NETLINK</code> family
name (such as <code class="varname">audit</code>
or <code class="varname">kobject-uevent</code>)
as argument, optionally suffixed by a
whitespace followed by a multicast
group integer. Behavior otherwise is
very similar to the
<code class="varname">ListenDatagram=</code>
directive above.</p></dd><dt id="ListenMessageQueue="><span class="term"><code class="varname">ListenMessageQueue=</code></span><a class="headerlink" title="Permalink to this term" href="#ListenMessageQueue="></a></dt><dd><p>Specifies a POSIX
message queue name to listen on. This
expects a valid message queue name
(i.e. beginning with /). Behavior
otherwise is very similar to the
<code class="varname">ListenFIFO=</code>
directive above. On Linux message
queue descriptors are actually file
descriptors and can be inherited
between processes.</p></dd><dt id="BindIPv6Only="><span class="term"><code class="varname">BindIPv6Only=</code></span><a class="headerlink" title="Permalink to this term" href="#BindIPv6Only="></a></dt><dd><p>Takes a one of
<code class="option">default</code>,
<code class="option">both</code> or
<code class="option">ipv6-only</code>. Controls
the IPV6_V6ONLY socket option (see
<a href="ipv6.html"><span class="citerefentry"><span class="refentrytitle">ipv6</span>(7)</span></a>
for details). If
<code class="option">both</code>, IPv6 sockets
bound will be accessible via both IPv4
and IPv6. If
<code class="option">ipv6-only</code>, they will
be accessible via IPv6 only. If
<code class="option">default</code> (which is the
default, surprise!), the system wide
default setting is used, as controlled
by
<code class="filename">/proc/sys/net/ipv6/bindv6only</code>,
which in turn defaults to the
equivalent of
<code class="option">both</code>.</p></dd><dt id="Backlog="><span class="term"><code class="varname">Backlog=</code></span><a class="headerlink" title="Permalink to this term" href="#Backlog="></a></dt><dd><p>Takes an unsigned
integer argument. Specifies the number
of connections to queue that have not
been accepted yet. This setting
matters only for stream and sequential
packet sockets. See
<a href="listen.html"><span class="citerefentry"><span class="refentrytitle">listen</span>(2)</span></a>
for details. Defaults to SOMAXCONN
(128).</p></dd><dt id="BindToDevice="><span class="term"><code class="varname">BindToDevice=</code></span><a class="headerlink" title="Permalink to this term" href="#BindToDevice="></a></dt><dd><p>Specifies a network
interface name to bind this socket
to. If set, traffic will only be
accepted from the specified network
interfaces. This controls the
SO_BINDTODEVICE socket option (see
<a href="socket.html"><span class="citerefentry"><span class="refentrytitle">socket</span>(7)</span></a>
for details). If this option is used,
an automatic dependency from this
socket unit on the network interface
device unit
(<a href="systemd.device.html"><span class="citerefentry"><span class="refentrytitle">systemd.device</span>(5)</span></a>
is created.</p></dd><dt id="SocketUser="><span class="term"><code class="varname">SocketUser=</code>, </span><span class="term"><code class="varname">SocketGroup=</code></span><a class="headerlink" title="Permalink to this term" href="#SocketUser="></a></dt><dd><p>Takes a UNIX
user/group name. When specified
all AF_UNIX sockets and FIFO nodes in
the file system are owned by the
specified user and group. If unset
(the default), the nodes are owned by
the root user/group (if run in system
context) or the invoking user/group
(if run in user context). If only a
user is specified but no group, then
the group is derived from the user's
default group.</p></dd><dt id="SocketMode="><span class="term"><code class="varname">SocketMode=</code></span><a class="headerlink" title="Permalink to this term" href="#SocketMode="></a></dt><dd><p>If listening on a file
system socket or FIFO, this option
specifies the file system access mode
used when creating the file
node. Takes an access mode in octal
notation. Defaults to
0666.</p></dd><dt id="DirectoryMode="><span class="term"><code class="varname">DirectoryMode=</code></span><a class="headerlink" title="Permalink to this term" href="#DirectoryMode="></a></dt><dd><p>If listening on a file
system socket or FIFO, the parent
directories are automatically created
if needed. This option specifies the
file system access mode used when
creating these directories. Takes an
access mode in octal
notation. Defaults to
0755.</p></dd><dt id="Accept="><span class="term"><code class="varname">Accept=</code></span><a class="headerlink" title="Permalink to this term" href="#Accept="></a></dt><dd><p>Takes a boolean
argument. If true, a service instance
is spawned for each incoming
connection and only the connection
socket is passed to it. If false, all
listening sockets themselves are
passed to the started service unit,
and only one service unit is spawned
for all connections (also see
above). This value is ignored for
datagram sockets and FIFOs where a
single service unit unconditionally
handles all incoming traffic. Defaults
to <code class="option">false</code>. For
performance reasons, it is recommended
to write new daemons only in a way
that is suitable for
<code class="option">Accept=false</code>. A
daemon listening on an <code class="constant">AF_UNIX</code> socket
may, but does not need to, call
<a href="close.html"><span class="citerefentry"><span class="refentrytitle">close</span>(2)</span></a>
on the received socket before
exiting. However, it must not unlink
the socket from a file system. It
should not invoke
<a href="shutdown.html"><span class="citerefentry"><span class="refentrytitle">shutdown</span>(2)</span></a>
on sockets it got with
<code class="varname">Accept=false</code>, but
it may do so for sockets it got with
<code class="varname">Accept=true</code> set.
Setting <code class="varname">Accept=true</code>
is mostly useful to allow daemons
designed for usage with
<a href="inetd.html"><span class="citerefentry"><span class="refentrytitle">inetd</span>(8)</span></a>
to work unmodified with systemd socket
activation.</p></dd><dt id="MaxConnections="><span class="term"><code class="varname">MaxConnections=</code></span><a class="headerlink" title="Permalink to this term" href="#MaxConnections="></a></dt><dd><p>The maximum number of
connections to simultaneously run
services instances for, when
<code class="option">Accept=true</code> is
set. If more concurrent connections
are coming in, they will be refused
until at least one existing connection
is terminated. This setting has no
effect on sockets configured with
<code class="option">Accept=false</code> or datagram
sockets. Defaults to
64.</p></dd><dt id="KeepAlive="><span class="term"><code class="varname">KeepAlive=</code></span><a class="headerlink" title="Permalink to this term" href="#KeepAlive="></a></dt><dd><p>Takes a boolean
argument. If true, the TCP/IP stack
will send a keep alive message after
2h (depending on the configuration of
<code class="filename">/proc/sys/net/ipv4/tcp_keepalive_time</code>)
for all TCP streams accepted on this
socket. This controls the SO_KEEPALIVE
socket option (see
<a href="socket.html"><span class="citerefentry"><span class="refentrytitle">socket</span>(7)</span></a>
and the <a class="ulink" href="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/" target="_top">TCP
Keepalive HOWTO</a> for details.)
Defaults to
<code class="option">false</code>.</p></dd><dt id="Priority="><span class="term"><code class="varname">Priority=</code></span><a class="headerlink" title="Permalink to this term" href="#Priority="></a></dt><dd><p>Takes an integer
argument controlling the priority for
all traffic sent from this
socket. This controls the SO_PRIORITY
socket option (see
<a href="socket.html"><span class="citerefentry"><span class="refentrytitle">socket</span>(7)</span></a>
for details.).</p></dd><dt id="ReceiveBuffer="><span class="term"><code class="varname">ReceiveBuffer=</code>, </span><span class="term"><code class="varname">SendBuffer=</code></span><a class="headerlink" title="Permalink to this term" href="#ReceiveBuffer="></a></dt><dd><p>Takes an integer
argument controlling the receive or
send buffer sizes of this socket,
respectively. This controls the
SO_RCVBUF and SO_SNDBUF socket options
(see
<a href="socket.html"><span class="citerefentry"><span class="refentrytitle">socket</span>(7)</span></a>
for details.). The usual suffixes K,
M, G are supported and are understood
to the base of 1024.</p></dd><dt id="IPTOS="><span class="term"><code class="varname">IPTOS=</code></span><a class="headerlink" title="Permalink to this term" href="#IPTOS="></a></dt><dd><p>Takes an integer
argument controlling the IP
Type-Of-Service field for packets
generated from this socket. This
controls the IP_TOS socket option (see
<a href="ip.html"><span class="citerefentry"><span class="refentrytitle">ip</span>(7)</span></a>
for details.). Either a numeric string
or one of <code class="option">low-delay</code>,
<code class="option">throughput</code>,
<code class="option">reliability</code> or
<code class="option">low-cost</code> may be
specified.</p></dd><dt id="IPTTL="><span class="term"><code class="varname">IPTTL=</code></span><a class="headerlink" title="Permalink to this term" href="#IPTTL="></a></dt><dd><p>Takes an integer
argument controlling the IPv4
Time-To-Live/IPv6 Hop-Count field for
packets generated from this
socket. This sets the
IP_TTL/IPV6_UNICAST_HOPS socket
options (see
<a href="ip.html"><span class="citerefentry"><span class="refentrytitle">ip</span>(7)</span></a>
and
<a href="ipv6.html"><span class="citerefentry"><span class="refentrytitle">ipv6</span>(7)</span></a>
for details.)</p></dd><dt id="Mark="><span class="term"><code class="varname">Mark=</code></span><a class="headerlink" title="Permalink to this term" href="#Mark="></a></dt><dd><p>Takes an integer
value. Controls the firewall mark of
packets generated by this socket. This
can be used in the firewall logic to
filter packets from this socket. This
sets the SO_MARK socket option. See
<a href="iptables.html"><span class="citerefentry"><span class="refentrytitle">iptables</span>(8)</span></a>
for details.</p></dd><dt id="ReusePort="><span class="term"><code class="varname">ReusePort=</code></span><a class="headerlink" title="Permalink to this term" href="#ReusePort="></a></dt><dd><p>Takes a boolean
value. If true, allows multiple <a href="bind.html"><span class="citerefentry"><span class="refentrytitle">bind</span>(2)</span></a>s
to this TCP or UDP port. This
controls the SO_REUSEPORT socket
option. See
<a href="socket.html"><span class="citerefentry"><span class="refentrytitle">socket</span>(7)</span></a>
for details.</p></dd><dt id="SmackLabel="><span class="term"><code class="varname">SmackLabel=</code>, </span><span class="term"><code class="varname">SmackLabelIPIn=</code>, </span><span class="term"><code class="varname">SmackLabelIPOut=</code></span><a class="headerlink" title="Permalink to this term" href="#SmackLabel="></a></dt><dd><p>Takes a string
value. Controls the extended
attributes
"<code class="literal">security.SMACK64</code>",
"<code class="literal">security.SMACK64IPIN</code>"
and
"<code class="literal">security.SMACK64IPOUT</code>",
respectively, i.e. the security label
of the FIFO, or the security label for
the incoming or outgoing connections
of the socket, respectively. See
<a class="ulink" href="https://www.kernel.org/doc/Documentation/security/Smack.txt" target="_top">Smack.txt</a>
for details.</p></dd><dt id="PipeSize="><span class="term"><code class="varname">PipeSize=</code></span><a class="headerlink" title="Permalink to this term" href="#PipeSize="></a></dt><dd><p>Takes a size in
bytes. Controls the pipe buffer size
of FIFOs configured in this socket
unit. See
<a href="fcntl.html"><span class="citerefentry"><span class="refentrytitle">fcntl</span>(2)</span></a>
for details. The usual suffixes K, M,
G are supported and are understood to
the base of 1024.</p></dd><dt id="MessageQueueMaxMessages=,
MessageQueueMessageSize="><span class="term"><code class="varname">MessageQueueMaxMessages=</code>,
<code class="varname">MessageQueueMessageSize=</code></span><a class="headerlink" title="Permalink to this term" href="#MessageQueueMaxMessages=,%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20MessageQueueMessageSize="></a></dt><dd><p>These two settings
take integer values and control the
mq_maxmsg field or the mq_msgsize field, respectively, when
creating the message queue. Note that
either none or both of these variables
need to be set. See
<a href="mq_setattr.html"><span class="citerefentry"><span class="refentrytitle">mq_setattr</span>(3)</span></a>
for details.</p></dd><dt id="FreeBind="><span class="term"><code class="varname">FreeBind=</code></span><a class="headerlink" title="Permalink to this term" href="#FreeBind="></a></dt><dd><p>Takes a boolean
value. Controls whether the socket can
be bound to non-local IP
addresses. This is useful to configure
sockets listening on specific IP
addresses before those IP addresses
are successfully configured on a
network interface. This sets the
IP_FREEBIND socket option. For
robustness reasons it is recommended
to use this option whenever you bind a
socket to a specific IP
address. Defaults to <code class="option">false</code>.</p></dd><dt id="Transparent="><span class="term"><code class="varname">Transparent=</code></span><a class="headerlink" title="Permalink to this term" href="#Transparent="></a></dt><dd><p>Takes a boolean
value. Controls the IP_TRANSPARENT
socket option. Defaults to
<code class="option">false</code>.</p></dd><dt id="Broadcast="><span class="term"><code class="varname">Broadcast=</code></span><a class="headerlink" title="Permalink to this term" href="#Broadcast="></a></dt><dd><p>Takes a boolean
value. This controls the SO_BROADCAST
socket option, which allows broadcast
datagrams to be sent from this
socket. Defaults to
<code class="option">false</code>.</p></dd><dt id="PassCredentials="><span class="term"><code class="varname">PassCredentials=</code></span><a class="headerlink" title="Permalink to this term" href="#PassCredentials="></a></dt><dd><p>Takes a boolean
value. This controls the SO_PASSCRED
socket option, which allows <code class="constant">AF_UNIX</code> sockets to
receive the credentials of the sending
process in an ancillary message.
Defaults to
<code class="option">false</code>.</p></dd><dt id="PassSecurity="><span class="term"><code class="varname">PassSecurity=</code></span><a class="headerlink" title="Permalink to this term" href="#PassSecurity="></a></dt><dd><p>Takes a boolean
value. This controls the SO_PASSSEC
socket option, which allows <code class="constant">AF_UNIX</code>
sockets to receive the security
context of the sending process in an
ancillary message. Defaults to
<code class="option">false</code>.</p></dd><dt id="TCPCongestion="><span class="term"><code class="varname">TCPCongestion=</code></span><a class="headerlink" title="Permalink to this term" href="#TCPCongestion="></a></dt><dd><p>Takes a string
value. Controls the TCP congestion
algorithm used by this socket. Should
be one of "westwood", "veno", "cubic",
"lp" or any other available algorithm
supported by the IP stack. This
setting applies only to stream
sockets.</p></dd><dt id="ExecStartPre="><span class="term"><code class="varname">ExecStartPre=</code>, </span><span class="term"><code class="varname">ExecStartPost=</code></span><a class="headerlink" title="Permalink to this term" href="#ExecStartPre="></a></dt><dd><p>Takes one or more
command lines, which are executed
before or after the listening
sockets/FIFOs are created and
bound, respectively. The first token of the command
line must be an absolute filename,
then followed by arguments for the
process. Multiple command lines may be
specified following the same scheme as
used for
<code class="varname">ExecStartPre=</code> of
service unit files.</p></dd><dt id="ExecStopPre="><span class="term"><code class="varname">ExecStopPre=</code>, </span><span class="term"><code class="varname">ExecStopPost=</code></span><a class="headerlink" title="Permalink to this term" href="#ExecStopPre="></a></dt><dd><p>Additional commands
that are executed before or after
the listening sockets/FIFOs are closed
and removed, respectively. Multiple command lines
may be specified following the same
scheme as used for
<code class="varname">ExecStartPre=</code> of
service unit files.</p></dd><dt id="TimeoutSec="><span class="term"><code class="varname">TimeoutSec=</code></span><a class="headerlink" title="Permalink to this term" href="#TimeoutSec="></a></dt><dd><p>Configures the time to
wait for the commands specified in
<code class="varname">ExecStartPre=</code>,
<code class="varname">ExecStartPost=</code>,
<code class="varname">ExecStopPre=</code> and
<code class="varname">ExecStopPost=</code> to
finish. If a command does not exit
within the configured time, the socket
will be considered failed and be shut
down again. All commands still running,
will be terminated forcibly via
<code class="constant">SIGTERM</code>, and after another delay of
this time with <code class="constant">SIGKILL</code>. (See
<code class="option">KillMode=</code> in <a href="systemd.kill.html"><span class="citerefentry"><span class="refentrytitle">systemd.kill</span>(5)</span></a>.)
Takes a unit-less value in seconds, or
a time span value such as "5min
20s". Pass 0 to disable the timeout
logic. Defaults to <code class="varname">TimeoutStartSec=</code> from the
manager configuration file.</p></dd><dt id="Service="><span class="term"><code class="varname">Service=</code></span><a class="headerlink" title="Permalink to this term" href="#Service="></a></dt><dd><p>Specifies the service
unit name to activate on incoming
traffic. This setting is only allowed
for sockets with
<code class="varname">Accept=no</code>. It
defaults to the service that bears the
same name as the socket (with the
suffix replaced). In most cases, it
should not be necessary to use this
option.</p></dd><dt id="RemoveOnStop="><span class="term"><code class="varname">RemoveOnStop=</code></span><a class="headerlink" title="Permalink to this term" href="#RemoveOnStop="></a></dt><dd><p>Takes a boolean
argument. If enabled any file nodes
created by this socket unit are
removed when it is stopped. This
applies to AF_UNIX sockets in the file
system, POSIX message queues as well
as FIFOs, as well as any symlinks to
them configured with
<code class="varname">Symlinks=</code>. Normally
it should not be necessary to use this
option, and is not recommended as
services might continue to run after
the socket unit has been terminated
and it should still be possible to
communicate with them via their file
system node. Defaults to
off.</p></dd><dt id="Symlinks="><span class="term"><code class="varname">Symlinks=</code></span><a class="headerlink" title="Permalink to this term" href="#Symlinks="></a></dt><dd><p>Takes a list of file
system paths. The specified paths will
be created as symlinks to the AF_UNIX
socket path or FIFO path of this
socket unit. If this setting is used
only one AF_UNIX socket in the file
system or one FIFO may be configured
for the socket unit. Use this option
to manage one or more symlinked alias
names for a socket, binding their
lifecycle together. Defaults to the
empty list.</p></dd></dl></div><p>Check
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>
and
<a href="systemd.kill.html"><span class="citerefentry"><span class="refentrytitle">systemd.kill</span>(5)</span></a>
for more settings.</p></div><div class="refsect1"><a name="idm214173311424"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also"></a></h2><p>
<a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
<a href="systemctl.html"><span class="citerefentry"><span class="refentrytitle">systemctl</span>(8)</span></a>,
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>,
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>,
<a href="systemd.kill.html"><span class="citerefentry"><span class="refentrytitle">systemd.kill</span>(5)</span></a>,
<a href="systemd.resource-control.html"><span class="citerefentry"><span class="refentrytitle">systemd.resource-control</span>(5)</span></a>,
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
<a href="systemd.directives.html"><span class="citerefentry"><span class="refentrytitle">systemd.directives</span>(7)</span></a>
</p><p>
For more extensive descriptions see the "systemd for Developers" series:
<a class="ulink" href="http://0pointer.de/blog/projects/socket-activation.html" target="_top">Socket Activation</a>,
<a class="ulink" href="http://0pointer.de/blog/projects/socket-activation2.html" target="_top">Socket Activation, part II</a>,
<a class="ulink" href="http://0pointer.de/blog/projects/inetd.html" target="_top">Converting inetd Services</a>,
<a class="ulink" href="http://0pointer.de/blog/projects/socket-activated-containers.html" target="_top">Socket Activated Internet Services and OS Containers</a>.
</p></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink