DescriptionA unit configuration file whose name ends in
- .socket encodes information about
+ .socket encodes information about
an IPC or network socket or a file system FIFO
controlled and supervised by systemd, for socket-based
activation.
@@ -77,9 +77,12 @@
and
commands are executed
in, and in
- systemd.kill5
+ systemd.kill5,
which define the way the processes are
- terminated.
+ terminated, and in
+ systemd.cgroup5,
+ which configure control group settings for the
+ processes of the service.
For each socket file a matching service file
(see
@@ -150,22 +153,24 @@
ListenSequentialPacket=Specifies an address
to listen on for a stream
- (SOCK_STREAM), datagram (SOCK_DGRAM),
+ (SOCK_STREAM), datagram (SOCK_DGRAM),
or sequential packet
- (SOCK_SEQPACKET) socket, respectively. The address
+ (SOCK_SEQPACKET) socket, respectively. The address
can be written in various formats:If the address starts with a
- slash (/), it is read as file system
- socket in the AF_UNIX socket
+ slash (/), it is read as file system
+ socket in the AF_UNIX socket
family.
- If the address starts with an
- at symbol (@) it is read as abstract
- namespace socket in the AF_UNIX
- family. The @ is replaced with a NUL
- character before binding. For details
- see
+ If the address starts with an at
+ symbol (@) it is read as abstract
+ namespace socket in the
+ AF_UNIX
+ family. The @ is
+ replaced with a
+ NUL character
+ before binding. For details see
unix7.If the address string is a
@@ -193,13 +198,13 @@
setting (see below).
- Note that SOCK_SEQPACKET
+ Note that SOCK_SEQPACKET
(i.e. ListenSequentialPacket=)
- is only available for AF_UNIX
- sockets. SOCK_STREAM
+ is only available for AF_UNIX
+ sockets. SOCK_STREAM
(i.e. ListenStream=)
when used for IP sockets refers to TCP
- sockets, SOCK_DGRAM
+ sockets, SOCK_DGRAM
(i.e. ListenDatagram=)
to UDP.
@@ -258,7 +263,7 @@
Specifies a Netlink
family to create a socket for to
listen on. This expects a short string
- referring to the AF_NETLINK family
+ referring to the AF_NETLINK family
name (such as audit
or kobject-uevent)
as argument, optionally suffixed by a
@@ -382,13 +387,13 @@
to write new daemons only in a way
that is suitable for
. A
- daemon listening on an AF_UNIX socket
+ daemon listening on an AF_UNIX socket
may, but does not need to, call
close2
on the received socket before
exiting. However, it must not unlink
- the socket from a filesystem. It
- should note invoke
+ the socket from a file system. It
+ should not invoke
shutdown2
on sockets it got with
Accept=false, but
@@ -412,7 +417,7 @@
are coming in, they will be refused
until at least one existing connection
is terminated. This setting has no
- effect for sockets configured with
+ effect on sockets configured with
or datagram
sockets. Defaults to
64.
@@ -502,6 +507,17 @@
for details.
+
+ ReusePort=
+ Takes a boolean
+ value. If true, allows multiple bind()s
+ to this TCP or UDP port. This
+ controls the SO_REUSEPORT socket
+ option. See
+ socket7
+ for details.
+
+
SmackLabel=SmackLabelIPIn=
@@ -516,7 +532,7 @@
respectively, i.e. the security label
of the FIFO, or the security label for
the incoming or outgoing connections
- of the socket, respectively. See
+ of the socket, respectively. See
Smack.txt
for details.
@@ -527,7 +543,7 @@
Takes an integer
value. Controls the pipe buffer size
of FIFOs configured in this socket
- unit. See
+ unit. See
fcntl2
for details.
@@ -584,7 +600,7 @@
PassCredentials=Takes a boolean
value. This controls the SO_PASSCRED
- socket option, which allows AF_UNIX sockets to
+ socket option, which allows AF_UNIX sockets to
receive the credentials of the sending
process in an ancillary message.
Defaults to
@@ -595,10 +611,10 @@
PassSecurity=Takes a boolean
value. This controls the SO_PASSSEC
- socket option, which allows AF_UNIX
+ socket option, which allows AF_UNIX
sockets to receive the security
context of the sending process in an
- ancillary message. Defaults to
+ ancillary message. Defaults to
.
@@ -622,7 +638,7 @@
before or after the listening
sockets/FIFOs are created and
bound, respectively. The first token of the command
- line must be an absolute file name,
+ line must be an absolute filename,
then followed by arguments for the
process. Multiple command lines may be
specified following the same scheme as
@@ -657,8 +673,8 @@
will be considered failed and be shut
down again. All commands still running,
will be terminated forcibly via
- SIGTERM, and after another delay of
- this time with SIGKILL. (See
+ SIGTERM, and after another delay of
+ this time with SIGKILL. (See
in systemd.kill5.)
Takes a unit-less value in seconds, or
a time span value such as "5min
@@ -696,12 +712,13 @@
systemd.unit5,
systemd.exec5,
systemd.kill5,
+ systemd.cgroup5,
systemd.service5,
systemd.directives7
- For more extensive descriptions see the "Systemd for Developers" series:
+ For more extensive descriptions see the "systemd for Developers" series:
Socket Activation,
Socket Activation, part II,
Converting inetd Services,