socket: add SocketUser= and SocketGroup= for chown()ing sockets in the file system

This is relatively complex, as we cannot invoke NSS from PID 1, and thus need to fork a helper process temporarily.
author: Lennart Poettering <lennart@poettering.net> 2014-06-05 09:55:53 +0200
committer: Lennart Poettering <lennart@poettering.net> 2014-06-05 09:55:53 +0200
commit: 3900e5fdff688dc3c273f177d9d913b7389d5561 (patch)
tree: 7752c89ee7d52087e03fc915594ee54c38bc32cb /man/systemd.socket.xml
parent: a8330cd118993c20629565684144e0cc0e2edabe (diff)
1 files changed, 28 insertions, 10 deletions
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
index f65704d67b..b3607a8b63 100644
--- a/man/systemd.socket.xml
+++ b/man/systemd.socket.xml
@@ -372,16 +372,21 @@
                         </varlistentry>
 
                         <varlistentry>
-                                <term><varname>DirectoryMode=</varname></term>
-                                <listitem><para>If listening on a file
-                                system socket or FIFO, the parent
-                                directories are automatically created
-                                if needed. This option specifies the
-                                file system access mode used when
-                                creating these directories. Takes an
-                                access mode in octal
-                                notation. Defaults to
-                                0755.</para></listitem>
+                                <term><varname>SocketUser=</varname></term>
+                                <term><varname>SocketGroup=</varname></term>
+
+                                <listitem><para>Takes a UNIX
+                                user/group name. When specified
+                                all AF_UNIX sockets and FIFO nodes in
+                                the file system are owned by the
+                                specified user and group. If unset
+                                (the default), the nodes are owned by
+                                the root user/group (if run in system
+                                context) or the invoking user/group
+                                (if run in user context). If only a
+                                user is specified but no group, then
+                                the group is derived from the user's
+                                default group.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
@@ -396,6 +401,19 @@
                         </varlistentry>
 
                         <varlistentry>
+                                <term><varname>DirectoryMode=</varname></term>
+                                <listitem><para>If listening on a file
+                                system socket or FIFO, the parent
+                                directories are automatically created
+                                if needed. This option specifies the
+                                file system access mode used when
+                                creating these directories. Takes an
+                                access mode in octal
+                                notation. Defaults to
+                                0755.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
                                 <term><varname>Accept=</varname></term>
                                 <listitem><para>Takes a boolean
                                 argument. If true, a service instance
author	Lennart Poettering <lennart@poettering.net>	2014-06-05 09:55:53 +0200
committer	Lennart Poettering <lennart@poettering.net>	2014-06-05 09:55:53 +0200
commit	3900e5fdff688dc3c273f177d9d913b7389d5561 (patch)
tree	7752c89ee7d52087e03fc915594ee54c38bc32cb /man/systemd.socket.xml
parent	a8330cd118993c20629565684144e0cc0e2edabe (diff)