1 .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
2 .\" Permission is granted to distribute possibly modified copies
3 .\" of this page provided the header is included verbatim,
4 .\" and in case of nontrivial modification author and date
5 .\" of the modification is added to the header.
7 .\" Modified, 2 Dec 2002, Michael Kerrisk, mtk16@ext.canterbury.ac.nz
9 .TH UNIX 7 2002-12-02 "Linux Man Page" "Linux Programmer's Manual"
11 unix, PF_UNIX, AF_UNIX, PF_LOCAL, AF_LOCAL \- Sockets for local interprocess communication.
13 .B #include <sys/socket.h>
15 .B #include <sys/un.h>
17 .IB unix_socket " = socket(PF_UNIX, type, 0);"
19 .IB error " = socketpair(PF_UNIX, type, 0, int *" sv ");"
26 socket family is used to communicate between processes on the same machine
27 efficiently. Unix sockets can be either anonymous (created by
29 or associated with a file of type socket.
30 Linux also supports an abstract namespace which is independent of the
35 for a stream oriented socket and
37 for a datagram oriented socket that preserves message boundaries. Unix
38 sockets are always reliable and don't reorder datagrams.
40 Unix sockets support passing file descriptors or process credentials to other
41 processes using ancillary data.
44 A unix address is defined as a filename in the filesystem or
45 as a unique string in the abstract namespace. Sockets created by
47 are anonymous. For non-anonymous sockets the target address can be set
50 The local address can be set using
52 When a socket is connected and it doesn't already have a local address a
53 unique address in the abstract namespace will be generated automatically.
57 #define UNIX_PATH_MAX 108
61 sa_family_t sun_family; /* AF_UNIX */
62 char sun_path[UNIX_PATH_MAX]; /* pathname */
71 contains the zero-terminated pathname of the socket in the file system.
74 starts with a zero byte it refers to the abstract namespace maintained by
75 the Unix protocol module.
76 The socket's address in this namespace is given by the rest of the bytes in
78 Note that names in the abstract namespace are not zero-terminated.
81 For historical reasons these socket options are specified with a
82 SOL_SOCKET type even though they are PF_UNIX specific.
87 by specifying SOL_SOCKET as the socket family.
90 Enables the receiving of the credentials of the sending process
91 ancillary message. When this option is set and the socket is not yet connected
92 a unique name in the abstract namespace will be generated automatically.
93 Expects an integer boolean flag.
95 .SH "ANCILLARY MESSAGES"
96 Ancillary data is sent and received using
100 For historical reasons the ancillary message types listed below
101 are specified with a SOL_SOCKET type even though they are PF_UNIX specific.
106 to SOL_SOCKET and the
108 field to the type. For more information see
113 Send or receive a set of open file descriptors from another process.
114 The data portion contains an integer array of the file descriptors.
115 The passed file descriptors behave as though they have been created with
120 Send or receive unix credentials. This can be used for authentication.
121 The credentials are passed as a
129 pid_t pid; /* process id of the sending process */
130 uid_t uid; /* user id of the sending process */
131 gid_t gid; /* group id of the sending process */
136 The credentials which the sender specifies are checked by the kernel.
137 A process with effective user ID 0 is allowed to specify values that do
139 The sender must specify its own process ID (unless it has the capability
141 its user ID, effective user ID or set user ID (unless it has
143 and its group id, effective group ID or set group ID (unless it has
149 option must be enabled on the socket.
153 and the abstract namespace were introduced with Linux 2.2 and should not
154 be used in portable programs.
155 (Some BSD-derived systems also support credential passing,
156 but the implementation details differ.)
159 In the Linux implementation, sockets which are visible in the
160 filesystem honour the permissions of the directory they are in. Their
161 owner, group and their permissions can be changed.
162 Creation of a new socket will fail if the process does not have write and
163 search (execute) permission on the directory the socket is created in.
164 Connecting to the socket object requires read/write permission.
165 This behavior differs from many BSD-derived systems which
166 ignore permissions for Unix sockets. Portable programs should not rely on
167 this feature for security.
169 Binding to a socket with a filename creates a socket
170 in the file system that must be deleted by the caller when it is no
173 The usual Unix close-behind semantics apply; the socket can be unlinked
174 at any time and will be finally removed from the file system when the last
175 reference to it is closed.
177 To pass file descriptors or credentials you need to send/read at least
180 Unix domain stream sockets do not support the notion of out-of-band data.
188 called with a socket object that isn't listening. This can happen when
189 the remote socket does not exist or the filename is not a socket.
192 Invalid argument passed. A common cause is the missing setting of AF_UNIX
193 in the sun_type field of passed addresses or the socket being in an invalid
194 state for the applied operation.
197 Stream operation called on non-stream oriented socket or tried to
198 use the out-of-band data option.
201 Passed protocol is not PF_UNIX.
207 Remote socket does not match the local socket type (SOCK_DGRAM vs.
211 Selected local address is already taken or filesystem socket object already
216 called on an already connected socket or a target address was
217 specified on a connected socket.
220 Socket operation needs a target address, but the socket is not connected.
223 Remote socket was unexpectedly closed.
226 Remote socket was closed on a stream socket. If enabled, a
228 is sent as well. This can be avoided by passing the
236 User memory address was not valid.
239 The sender passed invalid credentials in the
242 Other errors can be generated by the generic socket layer or
243 by the filesystem while generating a filesystem socket object. See
244 the appropriate manual pages for more information.
251 .BR capabilities (7),
254 .\" This man page was written by Andi Kleen.