<title>Description</title>
<para>A unit configuration file whose name ends in
- <filename>.socket</filename> encodes information about
+ <literal>.socket</literal> encodes information about
an IPC or network socket or a file system FIFO
controlled and supervised by systemd, for socket-based
activation.</para>
<option>ExecStopPre=</option> and
<option>ExecStopPost=</option> commands are executed
in, and in
- <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- which define the way the processes are
- terminated.</para>
+ <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ which define the way the processes are terminated, and
+ in
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ which configure resource control settings for the
+ processes of the socket.</para>
<para>For each socket file a matching service file
(see
<filename>foo.socket</filename> needs a matching
service <filename>foo.service</filename> if
<option>Accept=false</option> is set. If
- <option>Accept=true</option> is set a service template
+ <option>Accept=true</option> is set, a service template
file <filename>foo@.service</filename> must exist from
which services are instantiated for each incoming
connection.</para>
can be written in various formats:</para>
<para>If the address starts with a
- slash (/), it is read as file system
+ slash (<literal>/</literal>), it is read as file system
socket in the <constant>AF_UNIX</constant> socket
family.</para>
- <para>If the address starts with an
- at symbol (@) it is read as abstract
- namespace socket in the <constant>AF_UNIX</constant>
- family. The @ is replaced with a NUL
- character before binding. For details
- see
+ <para>If the address starts with an at
+ symbol (<literal>@</literal>), it is read as abstract
+ namespace socket in the
+ <constant>AF_UNIX</constant>
+ family. The <literal>@</literal> is
+ replaced with a
+ <constant>NUL</constant> character
+ before binding. For details, see
<citerefentry><refentrytitle>unix</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
<para>If the address string is a
- single number it is read as port
+ single number, it is read as port
number to listen on via
IPv6. Depending on the value of
<varname>BindIPv6Only=</varname> (see below) this
</para>
<para>If the address string is a
- string in the format v.w.x.y:z it is
+ string in the format v.w.x.y:z, it is
read as IPv4 specifier for listening
on an address v.w.x.y on a port
z.</para>
<para>If the address string is a
- string in the format [x]:y it is read
+ string in the format [x]:y, it is read
as IPv6 address x on a port y. Note
that this might make the service
available via IPv4, too, depending on
<option>ipv6-only</option>, they will
be accessible via IPv6 only. If
<option>default</option> (which is the
- default, surprise!) the system wide
+ default, surprise!), the system wide
default setting is used, as controlled
by
<filename>/proc/sys/net/ipv6/bindv6only</filename>,
<term><varname>BindToDevice=</varname></term>
<listitem><para>Specifies a network
interface name to bind this socket
- to. If set traffic will only be
+ to. If set, traffic will only be
accepted from the specified network
interfaces. This controls the
SO_BINDTODEVICE socket option (see
for details.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>ReusePort=</varname></term>
+ <listitem><para>Takes a boolean
+ value. If true, allows multiple <citerefentry><refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum></citerefentry>s
+ to this TCP or UDP port. This
+ controls the SO_REUSEPORT socket
+ option. See
+ <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ for details.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>SmackLabel=</varname></term>
<term><varname>SmackLabelIPIn=</varname></term>
will be considered failed and be shut
down again. All commands still running,
will be terminated forcibly via
- SIGTERM, and after another delay of
- this time with SIGKILL. (See
+ <constant>SIGTERM</constant>, and after another delay of
+ this time with <constant>SIGKILL</constant>. (See
<option>KillMode=</option> in <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.)
Takes a unit-less value in seconds, or
a time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to
- 90s.</para></listitem>
+ logic. Defaults to <varname>TimeoutStartSec=</varname> from the
+ manager configuration file.</para></listitem>
</varlistentry>
<varlistentry>
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
</para>