which configure resource control settings for the
processes of the socket.</para>
- <para>For each socket file a matching service file
+ <para>For each socket file, a matching service file
must exist, describing the service to start on
incoming traffic on the socket (see
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more information about .service files). The name
of the .service unit is by default the same as the
- name of the .socket unit, but can be altered with
+ name of the .socket unit, but can be altered with the
<option>Service=</option> option described below.
- Depending on the setting of <option>Accept=</option>
+ Depending on the setting of the <option>Accept=</option>
option described below, this .service unit must either
be named like the .socket unit, but with the suffix
replaced, unless overridden with
<para>Socket units may be used to implement on-demand
starting of services, as well as parallelized starting
of services. See the blog stories linked at the end
- for introduction.</para>
+ for an introduction.</para>
<para>Note that the daemon software configured for
socket activation with socket units needs to be able
replaced with a
<constant>NUL</constant> character
before binding. For details, see
- <citerefentry><refentrytitle>unix</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+ <citerefentry project='man-pages'><refentrytitle>unix</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
<para>If the address string is a
single number, it is read as port
before the interface it is configured
on is up and running, and even
regardless of whether it will be up and
- running at any point. To deal with this
+ running at any point. To deal with this,
it is recommended to set the
<varname>FreeBind=</varname> option
described below.</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>DirectoryMode=</varname></term>
- <listitem><para>If listening on a file
- system socket or FIFO, the parent
- directories are automatically created
- if needed. This option specifies the
- file system access mode used when
- creating these directories. Takes an
- access mode in octal
- notation. Defaults to
- 0755.</para></listitem>
+ <term><varname>SocketUser=</varname></term>
+ <term><varname>SocketGroup=</varname></term>
+
+ <listitem><para>Takes a UNIX
+ user/group name. When specified,
+ all AF_UNIX sockets and FIFO nodes in
+ the file system are owned by the
+ specified user and group. If unset
+ (the default), the nodes are owned by
+ the root user/group (if run in system
+ context) or the invoking user/group
+ (if run in user context). If only a
+ user is specified but no group, then
+ the group is derived from the user's
+ default group.</para></listitem>
</varlistentry>
<varlistentry>
0666.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>DirectoryMode=</varname></term>
+ <listitem><para>If listening on a file
+ system socket or FIFO, the parent
+ directories are automatically created
+ if needed. This option specifies the
+ file system access mode used when
+ creating these directories. Takes an
+ access mode in octal
+ notation. Defaults to
+ 0755.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>Accept=</varname></term>
<listitem><para>Takes a boolean
<option>false</option>.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>KeepAliveTimeSec=</varname></term>
+ <listitem><para>Takes time (in seconds) as argument . The connection needs to remain
+ idle before TCP starts sending keepalive probes. This controls the TCP_KEEPIDLE
+ socket option (see
+ <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ and the <ulink
+ url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
+ Keepalive HOWTO</ulink> for details.)
+ Defaults value is 7200 seconds (2 hours).</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>KeepAliveIntervalSec=</varname></term>
+ <listitem><para>Takes time (in seconds) as argument between individual keepalive probes,
+ if the socket option SO_KEEPALIVE has been set on this socket seconds as argument.
+ This controls the TCP_KEEPINTVL socket option (see
+ <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ and the <ulink
+ url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
+ Keepalive HOWTO</ulink> for details.)
+ Defaults value is 75 seconds.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>KeepAliveProbes=</varname></term>
+ <listitem><para>Takes integer as argument. It's the number of unacknowledged probes to
+ send before considering the connection dead and notifying the application layer.
+ This controls the TCP_KEEPCNT socket option (see
+ <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ and the <ulink
+ url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
+ Keepalive HOWTO</ulink> for details.)
+ Defaults value is 9.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>NoDelay=</varname></term>
+ <listitem><para>Takes a boolean
+ argument. TCP Nagle's algorithm works by combining a number of
+ small outgoing messages, and sending them all at once.
+ This controls the TCP_NODELAY socket option (see
+ <citerefentry><refentrytitle>tcp</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ Defaults to
+ <option>false</option>.</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>Priority=</varname></term>
<listitem><para>Takes an integer
for details.).</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>DeferAcceptSec=</varname></term>
+
+ <listitem><para>Takes time (in
+ seconds) as argument. If set, the
+ listening process will be awakened
+ only when data arrives on the socket,
+ and not immediately when connection is
+ established. When this option is set,
+ the
+ <constant>TCP_DEFER_ACCEPT</constant>
+ socket option will be used (see
+ <citerefentry><refentrytitle>tcp</refentrytitle><manvolnum>7</manvolnum></citerefentry>),
+ and the kernel will ignore initial ACK
+ packets without any data. The argument
+ specifies the approximate amount of
+ time the kernel should wait for
+ incoming data before falling back to
+ the normal behaviour of honouring
+ empty ACK packets. This option is
+ beneficial for protocols where the
+ client sends the data first (e.g.
+ HTTP, in contrast to SMTP), because
+ the server process will not be woken
+ up unnecessarily before it can take
+ any action.
+ </para>
+
+ <para>If the client also uses the
+ <constant>TCP_DEFER_ACCEPT</constant>
+ option, the latency of the initial
+ connection may be reduced, because the
+ kernel will send data in the final
+ packet establishing the connection
+ (the third packet in the "three-way
+ handshake").</para>
+
+ <para>Disabled by default.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>ReceiveBuffer=</varname></term>
<term><varname>SendBuffer=</varname></term>
<listitem><para>Takes an integer
- argument controlling the receive
- or send buffer sizes of this
- socket, respectively. This controls the SO_RCVBUF
- and SO_SNDBUF socket options (see
+ argument controlling the receive or
+ send buffer sizes of this socket,
+ respectively. This controls the
+ SO_RCVBUF and SO_SNDBUF socket options
+ (see
<citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- for details.).</para></listitem>
+ for details.). The usual suffixes K,
+ M, G are supported and are understood
+ to the base of 1024.</para></listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>PipeSize=</varname></term>
- <listitem><para>Takes an integer
- value. Controls the pipe buffer size
+ <listitem><para>Takes a size in
+ bytes. Controls the pipe buffer size
of FIFOs configured in this socket
unit. See
<citerefentry><refentrytitle>fcntl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
- for details.</para></listitem>
+ for details. The usual suffixes K, M,
+ G are supported and are understood to
+ the base of 1024.</para></listitem>
</varlistentry>
<varlistentry>
finish. If a command does not exit
within the configured time, the socket
will be considered failed and be shut
- down again. All commands still running,
+ down again. All commands still running
will be terminated forcibly via
<constant>SIGTERM</constant>, and after another delay of
this time with <constant>SIGKILL</constant>. (See
<option>KillMode=</option> in <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.)
Takes a unit-less value in seconds, or
a time span value such as "5min
- 20s". Pass 0 to disable the timeout
- logic. Defaults to <varname>TimeoutStartSec=</varname> from the
- manager configuration file.</para></listitem>
+ 20s". Pass <literal>0</literal> to disable the timeout
+ logic. Defaults to <varname>DefaultTimeoutStartSec=</varname> from the
+ manager configuration file
+ (see <citerefentry><refentrytitle>systemd-systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
+ </para></listitem>
</varlistentry>
<varlistentry>
<varname>Accept=no</varname>. It
defaults to the service that bears the
same name as the socket (with the
- suffix replaced). In most cases it
+ suffix replaced). In most cases, it
should not be necessary to use this
option.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>RemoveOnStop=</varname></term>
+ <listitem><para>Takes a boolean
+ argument. If enabled, any file nodes
+ created by this socket unit are
+ removed when it is stopped. This
+ applies to AF_UNIX sockets in the file
+ system, POSIX message queues, FIFOs,
+ as well as any symlinks to
+ them configured with
+ <varname>Symlinks=</varname>. Normally,
+ it should not be necessary to use this
+ option, and is not recommended as
+ services might continue to run after
+ the socket unit has been terminated
+ and it should still be possible to
+ communicate with them via their file
+ system node. Defaults to
+ off.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>Symlinks=</varname></term>
+ <listitem><para>Takes a list of file
+ system paths. The specified paths will
+ be created as symlinks to the AF_UNIX
+ socket path or FIFO path of this
+ socket unit. If this setting is used,
+ only one AF_UNIX socket in the file
+ system or one FIFO may be configured
+ for the socket unit. Use this option
+ to manage one or more symlinked alias
+ names for a socket, binding their
+ lifecycle together. Defaults to the
+ empty list.</para></listitem>
+ </varlistentry>
+
</variablelist>
<para>Check
~ianmdlvl / elogind.git / blobdiff