DescriptionA unit configuration file whose name ends in
- .socket encodes information about
+ .socket encodes information about
an IPC or network socket or a file system FIFO
controlled and supervised by systemd, for socket-based
activation.
@@ -77,9 +77,12 @@
and
commands are executed
in, and in
- systemd.kill5
- which define the way the processes are
- terminated.
+ systemd.kill5,
+ which define the way the processes are terminated, and
+ in
+ systemd.resource-control5,
+ which configure resource control settings for the
+ processes of the socket.
For each socket file a matching service file
(see
@@ -93,7 +96,7 @@
foo.socket needs a matching
service foo.service if
is set. If
- is set a service template
+ is set, a service template
file foo@.service must exist from
which services are instantiated for each incoming
connection.
@@ -156,20 +159,22 @@
can be written in various formats:
If the address starts with a
- slash (/), it is read as file system
+ slash (/), it is read as file system
socket in the AF_UNIX socket
family.
- If the address starts with an
- at symbol (@) it is read as abstract
- namespace socket in the AF_UNIX
- family. The @ is replaced with a NUL
- character before binding. For details
- see
+ If the address starts with an at
+ symbol (@), it is read as abstract
+ namespace socket in the
+ AF_UNIX
+ family. The @ is
+ replaced with a
+ NUL character
+ before binding. For details, see
unix7.If the address string is a
- single number it is read as port
+ single number, it is read as port
number to listen on via
IPv6. Depending on the value of
BindIPv6Only= (see below) this
@@ -179,13 +184,13 @@
If the address string is a
- string in the format v.w.x.y:z it is
+ string in the format v.w.x.y:z, it is
read as IPv4 specifier for listening
on an address v.w.x.y on a port
z.If the address string is a
- string in the format [x]:y it is read
+ string in the format [x]:y, it is read
as IPv6 address x on a port y. Note
that this might make the service
available via IPv4, too, depending on
@@ -208,7 +213,7 @@
traffic on any of the sockets will
trigger service activation, and all
listed sockets will be passed to the
- service, regardless whether there is
+ service, regardless of whether there is
incoming traffic on them or not. If
the empty string is assigned to any of
these options, the list of addresses
@@ -220,7 +225,7 @@
it is often desirable to listen on it
before the interface it is configured
on is up and running, and even
- regardless whether it will be up and
+ regardless of whether it will be up and
running ever at all. To deal with this
it is recommended to set the
FreeBind= option
@@ -298,7 +303,7 @@
, they will
be accessible via IPv6 only. If
(which is the
- default, surprise!) the system wide
+ default, surprise!), the system wide
default setting is used, as controlled
by
/proc/sys/net/ipv6/bindv6only,
@@ -325,7 +330,7 @@
BindToDevice=Specifies a network
interface name to bind this socket
- to. If set traffic will only be
+ to. If set, traffic will only be
accepted from the specified network
interfaces. This controls the
SO_BINDTODEVICE socket option (see
@@ -502,6 +507,17 @@
for details.
+
+ ReusePort=
+ Takes a boolean
+ value. If true, allows multiple bind2s
+ to this TCP or UDP port. This
+ controls the SO_REUSEPORT socket
+ option. See
+ socket7
+ for details.
+
+
SmackLabel=SmackLabelIPIn=
@@ -657,14 +673,14 @@
will be considered failed and be shut
down again. All commands still running,
will be terminated forcibly via
- SIGTERM, and after another delay of
- this time with SIGKILL. (See
+ SIGTERM, and after another delay of
+ this time with SIGKILL. (See
in systemd.kill5.)
Takes a unit-less value in seconds, or
a time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to
- 90s.
+ logic. Defaults to TimeoutStartSec= from the
+ manager configuration file.
@@ -696,6 +712,7 @@
systemd.unit5,
systemd.exec5,
systemd.kill5,
+ systemd.resource-control5,
systemd.service5,
systemd.directives7