]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.socket.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
systemd.socket.xml: fix typo
[thirdparty/systemd.git] / man / systemd.socket.xml
CommitLineData
1f812fea
LP		 1<?xml version='1.0'?> <!--*-nxml-*-->
2<?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5
6<!--
7 This file is part of systemd.
8
9 Copyright 2010 Lennart Poettering
10
11 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 12 under the terms of the GNU Lesser General Public License as published by
13 the Free Software Foundation; either version 2.1 of the License, or
1f812fea
LP		 14 (at your option) any later version.
15
16 systemd is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 19 Lesser General Public License for more details.
1f812fea 20
5430f7f2 21 You should have received a copy of the GNU Lesser General Public License
1f812fea
LP		 22 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23-->
24
25<refentry id="systemd.socket">
26 <refentryinfo>
27 <title>systemd.socket</title>
28 <productname>systemd</productname>
29
30 <authorgroup>
31 <author>
32 <contrib>Developer</contrib>
33 <firstname>Lennart</firstname>
34 <surname>Poettering</surname>
35 <email>lennart@poettering.net</email>
36 </author>
37 </authorgroup>
38 </refentryinfo>
39
40 <refmeta>
41 <refentrytitle>systemd.socket</refentrytitle>
42 <manvolnum>5</manvolnum>
43 </refmeta>
44
45 <refnamediv>
46 <refname>systemd.socket</refname>
34511ca7 47 <refpurpose>Socket unit configuration</refpurpose>
1f812fea
LP		 48 </refnamediv>
49
50 <refsynopsisdiv>
51 <para><filename>systemd.socket</filename></para>
52 </refsynopsisdiv>
53
54 <refsect1>
55 <title>Description</title>
56
65232ea7
LP		 57 <para>A unit configuration file whose name ends in
58 <filename>.socket</filename> encodes information about
59 an IPC or network socket or a file system FIFO
60 controlled and supervised by systemd, for socket-based
61 activation.</para>
1f812fea
LP		 62
63 <para>This man page lists the configuration options
64 specific to this unit type. See
65 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
66 for the common options of all unit configuration
67 files. The common configuration items are configured
68 in the generic [Unit] and [Install] sections. The
cdb788e4 69 socket specific configuration options are configured
1f812fea
LP		 70 in the [Socket] section.</para>
71
72 <para>Additional options are listed in
ba60f905
LP		 73 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
74 which define the execution environment the
75 <option>ExecStartPre=</option>,
76 <option>ExecStartPost=</option>,
77 <option>ExecStopPre=</option> and
78 <option>ExecStoptPost=</option> commands are executed
4819ff03
LP		 79 in, and in
80 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
81 which define the way the processes are
82 terminated.</para>
1f812fea 83
65232ea7
LP		 84 <para>For each socket file a matching service file
85 (see
86 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
87 for details) must exist, describing the service to
88 start on incoming traffic on the socket. Depending on
b439c6ee 89 the setting of <option>Accept=</option> (see below),
65232ea7
LP		 90 this must either be named like the socket unit, but
91 with the suffix replaced; or it must be a template
92 file named the same way. Example: a socket file
1f812fea
LP		 93 <filename>foo.socket</filename> needs a matching
94 service <filename>foo.service</filename> if
95 <option>Accept=false</option> is set. If
96 <option>Accept=true</option> is set a service template
97 file <filename>foo@.service</filename> must exist from
98 which services are instantiated for each incoming
99 connection.</para>
65232ea7 100
62adf224
LP		 101 <para>Unless <varname>DefaultDependencies=</varname>
102 is set to <option>false</option>, socket units will
103 implicitly have dependencies of type
104 <varname>Requires=</varname> and
105 <varname>After=</varname> on
106 <filename>sysinit.target</filename> as well as
107 dependencies of type <varname>Conflicts=</varname> and
108 <varname>Before=</varname> on
109 <filename>shutdown.target</filename>. These ensure
110 that socket units pull in basic system
111 initialization, and are terminated cleanly prior to
112 system shutdown. Only sockets involved with early
113 boot or late system shutdown should disable this
114 option.</para>
115
65232ea7 116 <para>Socket units may be used to implement on-demand
b439c6ee 117 starting of services, as well as parallelized starting
65232ea7 118 of services.</para>
be039669
LP		 119
120 <para>Note that the daemon software configured for
121 socket activation with socket units needs to be able
122 to accept sockets from systemd, either via systemd's
123 native socket passing interface (see
124 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
125 for details) or via the traditional
126 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>-style
127 socket passing (i.e. sockets passed in via STDIN and
128 STDOUT, using <varname>StandardInput=socket</varname>
129 in the service file).</para>
1f812fea
LP		 130 </refsect1>
131
132 <refsect1>
133 <title>Options</title>
134
135 <para>Socket files must include a [Socket] section,
136 which carries information about the socket or FIFO it
137 supervises. A number of options that may be used in
138 this section are shared with other unit types. These
139 options are documented in
4819ff03
LP		 140 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
141 and
142 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>. The
65232ea7 143 options specific to the [Socket] section of socket
1f812fea
LP		 144 units are the following:</para>
145
146 <variablelist>
147 <varlistentry>
148 <term><varname>ListenStream=</varname></term>
149 <term><varname>ListenDatagram=</varname></term>
150 <term><varname>ListenSequentialPacket=</varname></term>
151 <listitem><para>Specifies an address
152 to listen on for a stream
16dad32e
AE		 153 (SOCK_STREAM), datagram (SOCK_DGRAM),
154 or sequential packet
155 (SOCK_SEQPACKET) socket, respectively. The address
1f812fea
LP		 156 can be written in various formats:</para>
157
158 <para>If the address starts with a
159 slash (/), it is read as file system
160 socket in the AF_UNIX socket
161 family.</para>
162
163 <para>If the address starts with an
7e115808 164 at symbol (@) it is read as abstract
1f812fea
LP		 165 namespace socket in the AF_UNIX
166 family. The @ is replaced with a NUL
167 character before binding. For details
168 see
169 <citerefentry><refentrytitle>unix</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
170
171 <para>If the address string is a
172 single number it is read as port
5198dabc
LP		 173 number to listen on via
174 IPv6. Depending on the value of
175 <varname>BindIPv6Only=</varname> (see below) this
176 might result in the service being
177 available via both IPv6 and IPv4 (default) or
178 just via IPv6.
179 </para>
1f812fea
LP		 180
181 <para>If the address string is a
182 string in the format v.w.x.y:z it is
183 read as IPv4 specifier for listening
184 on an address v.w.x.y on a port
185 z.</para>
186
187 <para>If the address string is a
188 string in the format [x]:y it is read
5198dabc
LP		 189 as IPv6 address x on a port y. Note
190 that this might make the service
191 available via IPv4, too, depending on
192 the <varname>BindIPv6Only=</varname>
193 setting (see below).
194 </para>
1f812fea
LP		 195
196 <para>Note that SOCK_SEQPACKET
197 (i.e. <varname>ListenSequentialPacket=</varname>)
198 is only available for AF_UNIX
199 sockets. SOCK_STREAM
200 (i.e. <varname>ListenStream=</varname>)
201 when used for IP sockets refers to TCP
202 sockets, SOCK_DGRAM
203 (i.e. <varname>ListenDatagram=</varname>)
204 to UDP.</para>
205
206 <para>These options may be specified
207 more than once in which case incoming
208 traffic on any of the sockets will trigger
209 service activation, and all listed
210 sockets will be passed to the service,
211 regardless whether there is incoming
212 traffic on them or not.</para>
213
b439c6ee 214 <para>If an IP address is used here, it
1f812fea
LP		 215 is often desirable to listen on it
216 before the interface it is configured
217 on is up and running, and even
218 regardless whether it will be up and
219 running ever at all. To deal with this it is
220 recommended to set the
221 <varname>FreeBind=</varname> option
222 described below.</para></listitem>
223 </varlistentry>
224
225 <varlistentry>
226 <term><varname>ListenFIFO=</varname></term>
227 <listitem><para>Specifies a file
228 system FIFO to listen on. This expects
229 an absolute file system path as
c5315881 230 argument. Behavior otherwise is very
1f812fea
LP		 231 similar to the
232 <varname>ListenDatagram=</varname>
7a22745a
LP		 233 directive above.</para></listitem>
234 </varlistentry>
235
b0a3f2bc
LP		 236 <varlistentry>
237 <term><varname>ListenSpecial=</varname></term>
238 <listitem><para>Specifies a special
239 file in the file system to listen
240 on. This expects an absolute file
c5315881 241 system path as argument. Behavior
b0a3f2bc
LP		 242 otherwise is very similar to the
243 <varname>ListenFIFO=</varname>
244 directive above. Use this to open
245 character device nodes as well as
246 special files in
247 <filename>/proc</filename> and
248 <filename>/sys</filename>.</para></listitem>
249 </varlistentry>
250
7a22745a
LP		 251 <varlistentry>
252 <term><varname>ListenNetlink=</varname></term>
253 <listitem><para>Specifies a Netlink
254 family to create a socket for to
255 listen on. This expects a short string
256 referring to the AF_NETLINK family
257 name (such as <varname>audit</varname>
258 or <varname>kobject-uevent</varname>)
259 as argument, optionally suffixed by a
260 whitespace followed by a multicast
c5315881 261 group integer. Behavior otherwise is
7a22745a
LP		 262 very similar to the
263 <varname>ListenDatagram=</varname>
1f812fea
LP		 264 directive above.</para></listitem>
265 </varlistentry>
266
916abb21
LP		 267 <varlistentry>
268 <term><varname>ListenMessageQueue=</varname></term>
269 <listitem><para>Specifies a POSIX
270 message queue name to listen on. This
271 expects a valid message queue name
c5315881 272 (i.e. beginning with /). Behavior
916abb21
LP		 273 otherwise is very similar to the
274 <varname>ListenFIFO=</varname>
275 directive above. On Linux message
276 queue descriptors are actually file
277 descriptors and can be inherited
278 between processes.</para></listitem>
279 </varlistentry>
280
1f812fea
LP		 281 <varlistentry>
282 <term><varname>BindIPv6Only=</varname></term>
283 <listitem><para>Takes a one of
284 <option>default</option>,
285 <option>both</option> or
286 <option>ipv6-only</option>. Controls
287 the IPV6_V6ONLY socket option (see
288 <citerefentry><refentrytitle>ipv6</refentrytitle><manvolnum>7</manvolnum></citerefentry>
289 for details). If
290 <option>both</option>, IPv6 sockets
291 bound will be accessible via both IPv4
292 and IPv6. If
293 <option>ipv6-only</option>, they will
294 be accessible via IPv6 only. If
295 <option>default</option> (which is the
296 default, surprise!) the system wide
297 default setting is used, as controlled
298 by
5198dabc
LP		 299 <filename>/proc/sys/net/ipv6/bindv6only</filename>,
300 which in turn defaults to the
301 equivalent of
302 <option>both</option>.</para>
1f812fea
LP		 303 </listitem>
304 </varlistentry>
305
306 <varlistentry>
307 <term><varname>Backlog=</varname></term>
308 <listitem><para>Takes an unsigned
309 integer argument. Specifies the number
310 of connections to queue that have not
311 been accepted yet. This setting
312 matters only for stream and sequential
313 packet sockets. See
314 <citerefentry><refentrytitle>listen</refentrytitle><manvolnum>2</manvolnum></citerefentry>
315 for details. Defaults to SOMAXCONN
316 (128).</para></listitem>
317 </varlistentry>
318
319 <varlistentry>
320 <term><varname>BindToDevice=</varname></term>
321 <listitem><para>Specifies a network
322 interface name to bind this socket
323 to. If set traffic will only be
324 accepted from the specified network
325 interfaces. This controls the
326 SO_BINDTODEVICE socket option (see
327 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
b439c6ee 328 for details). If this option is used,
1f812fea
LP		 329 an automatic dependency from this
330 socket unit on the network interface
331 device unit
332 (<citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
333 is created.</para></listitem>
334 </varlistentry>
335
336 <varlistentry>
337 <term><varname>DirectoryMode=</varname></term>
338 <listitem><para>If listening on a file
7277f5a9 339 system socket or FIFO, the parent
1f812fea
LP		 340 directories are automatically created
341 if needed. This option specifies the
342 file system access mode used when
dd1eb43b
LP		 343 creating these directories. Takes an
344 access mode in octal
345 notation. Defaults to
346 0755.</para></listitem>
1f812fea
LP		 347 </varlistentry>
348
349 <varlistentry>
350 <term><varname>SocketMode=</varname></term>
351 <listitem><para>If listening on a file
7277f5a9 352 system socket or FIFO, this option
1f812fea
LP		 353 specifies the file system access mode
354 used when creating the file
dd1eb43b
LP		 355 node. Takes an access mode in octal
356 notation. Defaults to
1f812fea
LP		 357 0666.</para></listitem>
358 </varlistentry>
359
360 <varlistentry>
361 <term><varname>Accept=</varname></term>
362 <listitem><para>Takes a boolean
b439c6ee 363 argument. If true, a service instance
1f812fea
LP		 364 is spawned for each incoming
365 connection and only the connection
b439c6ee 366 socket is passed to it. If false, all
1f812fea
LP		 367 listening sockets themselves are
368 passed to the started service unit,
369 and only one service unit is spawned
370 for all connections (also see
371 above). This value is ignored for
372 datagram sockets and FIFOs where
b439c6ee 373 a single service unit unconditionally
1f812fea
LP		 374 handles all incoming traffic. Defaults
375 to <option>false</option>. For
b439c6ee 376 performance reasons, it is recommended
1f812fea
LP		 377 to write new daemons only in a way
378 that is suitable for
379 <option>Accept=false</option>. This
380 option is mostly useful to allow
381 daemons designed for usage with
b439c6ee
KS		 382 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
383 to work unmodified with systemd socket
1f812fea
LP		 384 activation.</para></listitem>
385 </varlistentry>
386
387 <varlistentry>
388 <term><varname>MaxConnections=</varname></term>
389 <listitem><para>The maximum number of
390 connections to simultaneously run
391 services instances for, when
392 <option>Accept=true</option> is
393 set. If more concurrent connections
b439c6ee 394 are coming in, they will be refused
1f812fea
LP		 395 until at least one existing connection
396 is terminated. This setting has no
397 effect for sockets configured with
f848f8d8 398 <option>Accept=false</option> or datagram
1f812fea
LP		 399 sockets. Defaults to
400 64.</para></listitem>
401 </varlistentry>
402
403 <varlistentry>
404 <term><varname>KeepAlive=</varname></term>
405 <listitem><para>Takes a boolean
406 argument. If true, the TCP/IP stack
407 will send a keep alive message after
408 2h (depending on the configuration of
409 <filename>/proc/sys/net/ipv4/tcp_keepalive_time</filename>)
410 for all TCP streams accepted on this
411 socket. This controls the SO_KEEPALIVE
412 socket option (see
413 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
414 and the <ulink
415 url="http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/">TCP
416 Keepalive HOWTO</ulink> for details.)
417 Defaults to
418 <option>false</option>.</para></listitem>
419 </varlistentry>
420
421 <varlistentry>
422 <term><varname>Priority=</varname></term>
423 <listitem><para>Takes an integer
424 argument controlling the priority for
425 all traffic sent from this
426 socket. This controls the SO_PRIORITY
427 socket option (see
428 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
429 for details.).</para></listitem>
430 </varlistentry>
431
432 <varlistentry>
433 <term><varname>ReceiveBuffer=</varname></term>
434 <term><varname>SendBuffer=</varname></term>
435 <listitem><para>Takes an integer
436 argument controlling the receive
16dad32e
AE		 437 or send buffer sizes of this
438 socket, respectively. This controls the SO_RCVBUF
439 and SO_SNDBUF socket options (see
1f812fea
LP		 440 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>7</manvolnum></citerefentry>
441 for details.).</para></listitem>
442 </varlistentry>
443
444 <varlistentry>
445 <term><varname>IPTOS=</varname></term>
446 <listitem><para>Takes an integer
447 argument controlling the IP
448 Type-Of-Service field for packets
449 generated from this socket. This
450 controls the IP_TOS socket option (see
451 <citerefentry><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry>
452 for details.). Either a numeric string
453 or one of <option>low-delay</option>,
454 <option>throughput</option>,
455 <option>reliability</option> or
456 <option>low-cost</option> may be
457 specified.</para></listitem>
458 </varlistentry>
459
460 <varlistentry>
461 <term><varname>IPTTL=</varname></term>
462 <listitem><para>Takes an integer
463 argument controlling the IPv4
464 Time-To-Live/IPv6 Hop-Count field for
465 packets generated from this
466 socket. This sets the
467 IP_TTL/IPV6_UNICAST_HOPS socket
468 options (see
469 <citerefentry><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry>
470 and
471 <citerefentry><refentrytitle>ipv6</refentrytitle><manvolnum>7</manvolnum></citerefentry>
472 for details.)</para></listitem>
473 </varlistentry>
474
475 <varlistentry>
476 <term><varname>Mark=</varname></term>
477 <listitem><para>Takes an integer
478 value. Controls the firewall mark of
479 packets generated by this socket. This
480 can be used in the firewall logic to
481 filter packets from this socket. This
482 sets the SO_MARK socket option. See
483 <citerefentry><refentrytitle>iptables</refentrytitle><manvolnum>8</manvolnum></citerefentry>
484 for details.</para></listitem>
485 </varlistentry>
486
0eb59ccf
AK		 487 <varlistentry>
488 <term><varname>SmackLabel=</varname></term>
489 <term><varname>SmackLabelIPIn=</varname></term>
490 <term><varname>SmackLabelIPOut=</varname></term>
491 <listitem><para>Takes a string
492 value. Controls the extended
493 attributes
494 <literal>security.SMACK64</literal>,
495 <literal>security.SMACK64IPIN</literal>
496 and
497 <literal>security.SMACK64IPOUT</literal>,
498 respectively, i.e. the security label
499 of the FIFO, or the security label for
500 the incoming or outgoing connections
501 of the socket, respectively. See
502 <ulink
503 url="https://www.kernel.org/doc/Documentation/security/Smack.txt">Smack.txt</ulink>
504 for details.</para></listitem>
505 </varlistentry>
506
1f812fea
LP		 507 <varlistentry>
508 <term><varname>PipeSize=</varname></term>
509 <listitem><para>Takes an integer
510 value. Controls the pipe buffer size
511 of FIFOs configured in this socket
512 unit. See
513 <citerefentry><refentrytitle>fcntl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
514 for details.</para></listitem>
515 </varlistentry>
516
916abb21
LP		 517 <varlistentry>
518 <term><varname>MessageQueueMaxMessages=</varname>,
519 <varname>MessageQueueMessageSize=</varname></term>
520 <listitem><para>These two settings
521 take integer values and control the
16dad32e 522 mq_maxmsg field or the mq_msgsize field, respectively, when
916abb21
LP		 523 creating the message queue. Note that
524 either none or both of these variables
525 need to be set. See
526 <citerefentry><refentrytitle>mq_setattr</refentrytitle><manvolnum>3</manvolnum></citerefentry>
527 for details.</para></listitem>
528 </varlistentry>
529
1f812fea
LP		 530 <varlistentry>
531 <term><varname>FreeBind=</varname></term>
532 <listitem><para>Takes a boolean
533 value. Controls whether the socket can
534 be bound to non-local IP
535 addresses. This is useful to configure
536 sockets listening on specific IP
537 addresses before those IP addresses
538 are successfully configured on a
539 network interface. This sets the
540 IP_FREEBIND socket option. For
541 robustness reasons it is recommended
542 to use this option whenever you bind a
543 socket to a specific IP
544 address. Defaults to <option>false</option>.</para></listitem>
545 </varlistentry>
546
6b6d2dee
LP		 547 <varlistentry>
548 <term><varname>Transparent=</varname></term>
549 <listitem><para>Takes a boolean
550 value. Controls the IP_TRANSPARENT
271b032a 551 socket option. Defaults to
6b6d2dee
LP		 552 <option>false</option>.</para></listitem>
553 </varlistentry>
554
ec6370a2
LP		 555 <varlistentry>
556 <term><varname>Broadcast=</varname></term>
557 <listitem><para>Takes a boolean
558 value. This controls the SO_BROADCAST
271b032a 559 socket option, which allows broadcast
ec6370a2
LP		 560 datagrams to be sent from this
561 socket. Defaults to
562 <option>false</option>.</para></listitem>
563 </varlistentry>
564
42e87475 565 <varlistentry>
271b032a 566 <term><varname>PassCredentials=</varname></term>
42e87475
MS		 567 <listitem><para>Takes a boolean
568 value. This controls the SO_PASSCRED
54ecda32 569 socket option, which allows AF_UNIX sockets to
42e87475
MS		 570 receive the credentials of the sending
571 process in an ancillary message.
572 Defaults to
573 <option>false</option>.</para></listitem>
574 </varlistentry>
575
54ecda32
LP		 576 <varlistentry>
577 <term><varname>PassSecurity=</varname></term>
578 <listitem><para>Takes a boolean
579 value. This controls the SO_PASSSEC
580 socket option, which allows AF_UNIX
581 sockets to receive the security
582 context of the sending process in an
583 ancillary message. Defaults to
584 <option>false</option>.</para></listitem>
585 </varlistentry>
586
cebf8b20
TT		 587 <varlistentry>
588 <term><varname>TCPCongestion=</varname></term>
589 <listitem><para>Takes a string
590 value. Controls the TCP congestion
591 algorithm used by this socket. Should
592 be one of "westwood", "veno", "cubic",
593 "lp" or any other available algorithm
594 supported by the IP stack. This
595 setting applies only to stream
596 sockets.</para></listitem>
597 </varlistentry>
598
1f812fea
LP		 599 <varlistentry>
600 <term><varname>ExecStartPre=</varname></term>
601 <term><varname>ExecStartPost=</varname></term>
b3eaa628
LP		 602 <listitem><para>Takes one or more
603 command lines, which are executed
16dad32e 604 before or after the listening
b3eaa628 605 sockets/FIFOs are created and
16dad32e 606 bound, respectively. The first token of the command
1f812fea
LP		 607 line must be an absolute file name,
608 then followed by arguments for the
b3eaa628
LP		 609 process. Multiple command lines may be
610 specified following the same scheme as
611 used for
612 <varname>ExecStartPre=</varname> of
613 service unit files.</para></listitem>
1f812fea
LP		 614 </varlistentry>
615
616 <varlistentry>
617 <term><varname>ExecStopPre=</varname></term>
618 <term><varname>ExecStopPost=</varname></term>
619 <listitem><para>Additional commands
16dad32e 620 that are executed before or after
1f812fea 621 the listening sockets/FIFOs are closed
16dad32e 622 and removed, respectively. Multiple command lines
b3eaa628
LP		 623 may be specified following the same
624 scheme as used for
625 <varname>ExecStartPre=</varname> of
626 service unit files.</para></listitem>
1f812fea
LP		 627 </varlistentry>
628
1f812fea
LP		 629 <varlistentry>
630 <term><varname>TimeoutSec=</varname></term>
631 <listitem><para>Configures the time to
632 wait for the commands specified in
633 <varname>ExecStartPre=</varname>,
634 <varname>ExecStartPost=</varname>,
635 <varname>ExecStopPre=</varname> and
636 <varname>ExecStopPost=</varname> to
b439c6ee
KS		 637 finish. If a command does not exit
638 within the configured time, the socket
1f812fea 639 will be considered failed and be shut
b439c6ee 640 down again. All commands still running,
1f812fea
LP		 641 will be terminated forcibly via
642 SIGTERM, and after another delay of
643 this time with SIGKILL. (See
4819ff03 644 <option>KillMode=</option> in <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.)
1f812fea
LP		 645 Takes a unit-less value in seconds, or
646 a time span value such as "5min
647 20s". Pass 0 to disable the timeout
648 logic. Defaults to
ecb963cc 649 90s.</para></listitem>
1f812fea
LP		 650 </varlistentry>
651
d9ff321a
LP		 652 <varlistentry>
653 <term><varname>Service=</varname></term>
654 <listitem><para>Specifies the service
655 unit name to activate on incoming
656 traffic. This defaults to the service
657 that bears the same name as the socket
658 (ignoring the different suffixes). In
659 most cases it should not be necessary
660 to use this option.</para></listitem>
661 </varlistentry>
662
1f812fea 663 </variablelist>
4819ff03
LP		 664
665 <para>Check
666 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
667 and
668 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
669 for more settings.</para>
670
1f812fea
LP		 671 </refsect1>
672
673 <refsect1>
674 <title>See Also</title>
675 <para>
f3e219a2 676 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1f812fea
LP		 677 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
678 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
679 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
4819ff03 680 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1f812fea
LP		 681 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
682 </para>
683 </refsect1>
684
685</refentry>
Unnamed repository; edit this file 'description' to name the repository.