1UNIX(7)                    Linux Programmer's Manual                   UNIX(7)
2
3
4

NAME

6       unix,  PF_UNIX,  AF_UNIX, PF_LOCAL, AF_LOCAL - Sockets for local inter‐
7       process communication
8

SYNOPSIS

10       #include <sys/socket.h>
11       #include <sys/un.h>
12
13       unix_socket = socket(PF_UNIX, type, 0);
14       error = socketpair(PF_UNIX, type, 0, int *sv);
15
16

DESCRIPTION

18       The PF_UNIX (also known as PF_LOCAL) socket family is used to  communi‐
19       cate  between  processes  on the same machine efficiently. Unix sockets
20       can be either anonymous (created by socketpair(2)) or associated with a
21       file  of  type socket.  Linux also supports an abstract namespace which
22       is independent of the file system.
23
24       Valid  types  are:  SOCK_STREAM,  for  a  stream-oriented  socket   and
25       SOCK_DGRAM,  for  a  datagram-oriented  socket  that  preserves message
26       boundaries (as on most Unix implementations, Unix domain datagram sock‐
27       ets are always reliable and don't reorder datagrams); and (since kernel
28       2.6.4) SOCK_SEQPACKET, for a connection-oriented socket that  preserves
29       message  boundaries  and  delivers messages in the order that they were
30       sent.
31
32       Unix sockets support passing file descriptors or process credentials to
33       other processes using ancillary data.
34
35

ADDRESS FORMAT

37       A  Unix  address  is  defined  as  a filename in the filesystem or as a
38       unique string in the abstract namespace.  Sockets  created  by  socket‐
39       pair(2) are anonymous. For non-anonymous sockets the target address can
40       be set using connect(2).  The local address can be set  using  bind(2).
41       When  a socket is connected and it doesn't already have a local address
42       a unique address in the abstract namespace will be generated  automati‐
43       cally.
44
45         #define UNIX_PATH_MAX    108
46
47         struct sockaddr_un {
48             sa_family_t    sun_family;               /* AF_UNIX */
49             char           sun_path[UNIX_PATH_MAX];  /* pathname */
50         };
51
52       sun_family  always contains AF_UNIX.  sun_path contains the zero-termi‐
53       nated pathname of the socket in the file system.   If  sun_path  starts
54       with a null byte ('' '), then it refers to the abstract namespace main‐
55       tained by the Unix protocol  module.   The  socket's  address  in  this
56       namespace  is  given  by  the rest of the bytes in sun_path.  Note that
57       names in the abstract namespace are not zero-terminated.
58
59

SOCKET OPTIONS

61       For historical reasons  these  socket  options  are  specified  with  a
62       SOL_SOCKET type even though they are PF_UNIX specific.  They can be set
63       with setsockopt(2) and read with getsockopt(2) by specifying SOL_SOCKET
64       as the socket family.
65
66       SO_PASSCRED
67              Enables  the receiving of the credentials of the sending process
68              ancillary message.  When this option is set and  the  socket  is
69              not  yet  connected a unique name in the abstract namespace will
70              be generated automatically.  Expects an integer boolean flag.
71
72

(UN)SUPPORTED FEATURES

74       The following paragraphs describe domain-specific  details  and  unsup‐
75       ported features of the sockets API for Unix domain sockets on Linux.
76
77       Unix domain sockets do not support the transmission of out-of-band data
78       (the MSG_OOB flag for send(2) and recv(2)).
79
80       The send(2) MSG_MORE flag is not supported by Unix domain sockets.
81
82       The SO_SNDBUF socket option does have an effect for Unix  domain  sock‐
83       ets,  but  the  SO_RCVBUF  option  does not.  For datagram sockets, the
84       SO_SNDBUF value imposes an upper limit on the size  of  outgoing  data‐
85       grams.   This limit is calculated as the doubled (see socket(7)) option
86       value less 32 bytes used for overhead.
87
88

ANCILLARY MESSAGES

90       Ancillary data is sent and received using  sendmsg(2)  and  recvmsg(2).
91       For  historical  reasons  the  ancillary message types listed below are
92       specified with a SOL_SOCKET type even though they are PF_UNIX specific.
93       To  send  them  set  the  cmsg_level  field  of  the  struct cmsghdr to
94       SOL_SOCKET and the cmsg_type field to the type.  For  more  information
95       see cmsg(3).
96
97
98       SCM_RIGHTS
99              Send  or  receive  a  set  of open file descriptors from another
100              process.  The data portion contains an integer array of the file
101              descriptors.   The passed file descriptors behave as though they
102              have been created with dup(2).
103
104
105       SCM_CREDENTIALS
106              Send or receive Unix credentials.  This can be used for  authen‐
107              tication.   The  credentials are passed as a struct ucred ancil‐
108              lary message.
109
110                struct ucred {
111                    pid_t pid;    /* process ID of the sending process */
112                    uid_t uid;    /* user ID of the sending process */
113                    gid_t gid;    /* group ID of the sending process */
114                };
115
116              The credentials which the sender specifies are  checked  by  the
117              kernel.   A process with effective user ID 0 is allowed to spec‐
118              ify values that do not match its own.  The sender  must  specify
119              its own process ID (unless it has the capability CAP_SYS_ADMIN),
120              its user ID, effective user ID, or saved set-user-ID (unless  it
121              has  CAP_SETUID), and its group ID, effective group ID, or saved
122              set-group-ID (unless it has CAP_SETGID).  To  receive  a  struct
123              ucred  message  the  SO_PASSCRED  option  must be enabled on the
124              socket.
125
126

VERSIONS

128       SCM_CREDENTIALS and the abstract namespace were introduced  with  Linux
129       2.2  and  should  not  be used in portable programs.  (Some BSD-derived
130       systems also support credential passing, but the implementation details
131       differ.)
132
133

NOTES

135       In  the Linux implementation, sockets which are visible in the filesys‐
136       tem honour the permissions of the directory they are in.  Their  owner,
137       group  and  their permissions can be changed.  Creation of a new socket
138       will fail if the process does not have write and search (execute)  per‐
139       mission  on  the directory the socket is created in.  Connecting to the
140       socket object requires read/write permission.   This  behavior  differs
141       from  many  BSD-derived systems which ignore permissions for Unix sock‐
142       ets. Portable programs should not rely on this feature for security.
143
144       Binding to a socket with a filename creates a socket in the file system
145       that  must  be deleted by the caller when it is no longer needed (using
146       unlink(2)).  The usual Unix close-behind semantics  apply;  the  socket
147       can  be  unlinked at any time and will be finally removed from the file
148       system when the last reference to it is closed.
149
150       To pass file descriptors or credentials over a SOCK_STREAM, you need to
151       send  or  receive  at  least one byte of non-ancillary data in the same
152       sendmsg() or recvmsg() call.
153
154       Unix domain stream sockets do not support  the  notion  of  out-of-band
155       data.
156

ERRORS

158       ENOMEM Out of memory.
159
160       ECONNREFUSED
161              connect(2)  called  with  a  socket object that isn't listening.
162              This can happen when the remote socket does  not  exist  or  the
163              filename is not a socket.
164
165       EINVAL Invalid  argument  passed. A common cause is the missing setting
166              of AF_UNIX in the sun_type field  of  passed  addresses  or  the
167              socket being in an invalid state for the applied operation.
168
169       EOPNOTSUPP
170              Stream  operation  called on non-stream oriented socket or tried
171              to use the out-of-band data option.
172
173       EPROTONOSUPPORT
174              Passed protocol is not PF_UNIX.
175
176       ESOCKTNOSUPPORT
177              Unknown socket type.
178
179       EPROTOTYPE
180              Remote socket does not match the local socket  type  (SOCK_DGRAM
181              vs.  SOCK_STREAM)
182
183       EADDRINUSE
184              Selected  local  address  is  already taken or filesystem socket
185              object already exists.
186
187       EISCONN
188              connect(2) called on an already connected  socket  or  a  target
189              address was specified on a connected socket.
190
191       ENOTCONN
192              Socket  operation  needs a target address, but the socket is not
193              connected.
194
195       ECONNRESET
196              Remote socket was unexpectedly closed.
197
198       EPIPE  Remote socket was closed on a stream socket. If enabled, a  SIG‐
199              PIPE  is  sent  as  well.  This  can  be  avoided by passing the
200              MSG_NOSIGNAL flag to sendmsg(2) or recvmsg(2).
201
202       EFAULT User memory address was not valid.
203
204       EPERM  The sender passed invalid credentials in the struct ucred.
205
206       Other errors can be generated by the generic socket  layer  or  by  the
207       filesystem  while generating a filesystem socket object. See the appro‐
208       priate manual pages for more information.
209

SEE ALSO

211       recvmsg(2), sendmsg(2), socket(2),  socketpair(2),  cmsg(3),  capabili‐
212       ties(7), socket(7)
213
214
215
216Linux Man Page                    2004-05-27                           UNIX(7)
Impressum