cryptsetup: lock ourselves into memory as long as we deal with passwords

[elogind.git] / man / systemd.socket.xml

diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 81f9deab365bf936e11e7f82b8cd63be8553290b..78d379de92e587a59c7db467bab5cbd2d743289c 100644 (file)
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -95,6 +95,21 @@
                 which services are instantiated for each incoming
                 connection.</para>
 
                 which services are instantiated for each incoming
                 connection.</para>
 

+                <para>Unless <varname>DefaultDependencies=</varname>
+                is set to <option>false</option>, socket units will
+                implicitly have dependencies of type
+                <varname>Requires=</varname> and
+                <varname>After=</varname> on
+                <filename>sysinit.target</filename> as well as
+                dependencies of type <varname>Conflicts=</varname> and
+                <varname>Before=</varname> on
+                <filename>shutdown.target</filename>. These ensure
+                that socket units pull in basic system
+                initialization, and are terminated cleanly prior to
+                system shutdown. Only sockets involved with early
+                boot or late system shutdown should disable this
+                option.</para>
+

                 <para>Socket units may be used to implement on-demand
                 starting of services, as well as parallelized starting
                 of services.</para>
                 <para>Socket units may be used to implement on-demand
                 starting of services, as well as parallelized starting
                 of services.</para>


@@ -251,8 +266,10 @@
                                 directories are automatically created
                                 if needed. This option specifies the
                                 file system access mode used when
                                 directories are automatically created
                                 if needed. This option specifies the
                                 file system access mode used when

-                                creating these directories. Defaults
-                                to 0755.</para></listitem>
+                                creating these directories. Takes an
+                                access mode in octal
+                                notation. Defaults to
+                                0755.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -261,7 +278,8 @@
                                 system socket of FIFO, this option
                                 specifies the file system access mode
                                 used when creating the file
                                 system socket of FIFO, this option
                                 specifies the file system access mode
                                 used when creating the file

-                                node. Defaults to
+                                node. Takes an access mode in octal
+                                notation. Defaults to

                                 0666.</para></listitem>
                         </varlistentry>
 
                                 0666.</para></listitem>
                         </varlistentry>
 


@@ -419,19 +437,33 @@
                                 address. Defaults to <option>false</option>.</para></listitem>
                         </varlistentry>
 
                                 address. Defaults to <option>false</option>.</para></listitem>
                         </varlistentry>
 

+                        <varlistentry>
+                                <term><varname>TCPCongestion=</varname></term>
+                                <listitem><para>Takes a string
+                                value. Controls the TCP congestion
+                                algorithm used by this socket. Should
+                                be one of "westwood", "veno", "cubic",
+                                "lp" or any other available algorithm
+                                supported by the IP stack. This
+                                setting applies only to stream
+                                sockets.</para></listitem>
+                        </varlistentry>
+

                         <varlistentry>
                                 <term><varname>ExecStartPre=</varname></term>
                                 <term><varname>ExecStartPost=</varname></term>
                         <varlistentry>
                                 <term><varname>ExecStartPre=</varname></term>
                                 <term><varname>ExecStartPost=</varname></term>

-                                <listitem><para>Takes a command line,
-                                which is executed before (resp. after)
-                                the listening sockets/FIFOs are created and
+                                <listitem><para>Takes one or more
+                                command lines, which are executed
+                                before (resp. after) the listening
+                                sockets/FIFOs are created and

                                 bound. The first token of the command
                                 line must be an absolute file name,
                                 then followed by arguments for the
                                 bound. The first token of the command
                                 line must be an absolute file name,
                                 then followed by arguments for the

-                                process. If specified more than once,
-                                all commands are executed one after
-                                the other, fully serialized. The use of
-                                these settings is optional.</para></listitem>
+                                process. Multiple command lines may be
+                                specified following the same scheme as
+                                used for
+                                <varname>ExecStartPre=</varname> of
+                                service unit files.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -440,10 +472,11 @@
                                 <listitem><para>Additional commands
                                 that are executed before (resp. after)
                                 the listening sockets/FIFOs are closed
                                 <listitem><para>Additional commands
                                 that are executed before (resp. after)
                                 the listening sockets/FIFOs are closed

-                                and removed. If specified more than
-                                once, all commands are executed one
-                                after the other, fully serialized. The use of
-                                these settings is optional.</para></listitem>
+                                and removed. Multiple command lines
+                                may be specified following the same
+                                scheme as used for
+                                <varname>ExecStartPre=</varname> of
+                                service unit files.</para></listitem>

                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>


@@ -485,13 +518,25 @@
                                 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
                                 for details.</para></listitem>
                         </varlistentry>
                                 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
                                 for details.</para></listitem>
                         </varlistentry>

+
+                        <varlistentry>
+                                <term><varname>Service=</varname></term>
+                                <listitem><para>Specifies the service
+                                unit name to activate on incoming
+                                traffic. This defaults to the service
+                                that bears the same name as the socket
+                                (ignoring the different suffixes). In
+                                most cases it should not be necessary
+                                to use this option.</para></listitem>
+                        </varlistentry>
+

                 </variablelist>
         </refsect1>
 
         <refsect1>
                   <title>See Also</title>
                   <para>
                 </variablelist>
         </refsect1>
 
         <refsect1>
                   <title>See Also</title>
                   <para>

-                          <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,

                           <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,