man/systemd.socket: Document JoinsNamespaceOf= support

This has been supported since systemd v242 (specifically commit
7619cb32f0 if I’m not mistaken; added to NEWS in commit 4107452e51), but
the man page still claimed otherwise.

diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index 213ceffcdbd745e4b1a7b4f17ffc031d8c90f4d4..0de281f02eca78276929abdd250475c793675845 100644 (file)
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -90,7 +90,7 @@
     socket passing (i.e. sockets passed in via standard input and output, using
     <varname>StandardInput=socket</varname> in the service file).</para>
 
-    <para>All network sockets allocated through <filename>.socket</filename> units are allocated in the host's network
+    <para>By default, network sockets allocated through <filename>.socket</filename> units are allocated in the host's network
     namespace (see <citerefentry
     project='man-pages'><refentrytitle>network_namespaces</refentrytitle><manvolnum>7</manvolnum></citerefentry>). This
     does not mean however that the service activated by a configured socket unit has to be part of the host's network
@@ -101,6 +101,11 @@
     the host's network namespace is only permitted through the activation sockets passed in while all sockets allocated
     from the service code itself will be associated with the service's own namespace, and thus possibly subject to a
     restrictive configuration.</para>
+
+    <para>Alternatively, it is possible to run a <filename>.socket</filename> unit in another network namespace
+    by setting <option>PrivateNetwork=yes</option> in combination with <varname>JoinsNamespaceOf=</varname>, see
+    <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> and
+    <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para>
   </refsect1>
 
   <refsect1>