unix(7)



UNIX(7)                    Linux Programmer's Manual                   UNIX(7)

NAME
       unix,  PF_UNIX,  AF_UNIX, PF_LOCAL, AF_LOCAL - Sockets for local inter-
       process communication

SYNOPSIS
       #include <sys/socket.h>
       #include <sys/un.h>

       unix_socket = socket(PF_UNIX, type, 0);
       error = socketpair(PF_UNIX, type, 0, int *sv);

DESCRIPTION
       The PF_UNIX (also known as PF_LOCAL) socket family is used to  communi-
       cate  between  processes  on the same machine efficiently. Unix sockets
       can be either anonymous (created by socketpair(2)) or associated with a
       file  of  type socket.  Linux also supports an abstract namespace which
       is independent of the file system.

       Valid  types  are:  SOCK_STREAM,  for  a  stream-oriented  socket   and
       SOCK_DGRAM,  for  a  datagram-oriented  socket  that  preserves message
       boundaries (as on most Unix implementations, Unix domain datagram sock-
       ets are always reliable and don't reorder datagrams); and (since kernel
       2.6.4) SOCK_SEQPACKET, for a connection-oriented socket that  preserves
       message  boundaries  and  delivers messages in the order that they were
       sent.

       Unix sockets support passing file descriptors or process credentials to
       other processes using ancillary data.

ADDRESS FORMAT
       A  Unix  address  is  defined  as  a filename in the filesystem or as a
       unique string in the abstract namespace.  Sockets  created  by  socket-
       pair(2) are anonymous. For non-anonymous sockets the target address can
       be set using connect(2).  The local address can be set  using  bind(2).
       When  a socket is connected and it doesn't already have a local address
       a unique address in the abstract namespace will be generated  automati-
       cally.

         #define UNIX_PATH_MAX    108

         struct sockaddr_un {
             sa_family_t    sun_family;               /* AF_UNIX */
             char           sun_path[UNIX_PATH_MAX];  /* pathname */
         };

       sun_family  always contains AF_UNIX.  sun_path contains the zero-termi-
       nated pathname of the socket in the file system.   If  sun_path  starts
       with a null byte ('' '), then it refers to the abstract namespace main-
       tained by the Unix protocol  module.   The  socket's  address  in  this
       namespace  is  given  by  the rest of the bytes in sun_path.  Note that
       names in the abstract namespace are not zero-terminated.

SOCKET OPTIONS
       For historical reasons  these  socket  options  are  specified  with  a
       SOL_SOCKET type even though they are PF_UNIX specific.  They can be set
       with setsockopt(2) and read with getsockopt(2) by specifying SOL_SOCKET
       as the socket family.

       SO_PASSCRED
              Enables  the receiving of the credentials of the sending process
              ancillary message.  When this option is set and  the  socket  is
              not  yet  connected a unique name in the abstract namespace will
              be generated automatically.  Expects an integer boolean flag.

(UN)SUPPORTED FEATURES
       The following paragraphs describe domain-specific  details  and  unsup-
       ported features of the sockets API for Unix domain sockets on Linux.

       Unix domain sockets do not support the transmission of out-of-band data
       (the MSG_OOB flag for send(2) and recv(2)).

       The send(2) MSG_MORE flag is not supported by Unix domain sockets.

       The SO_SNDBUF socket option does have an effect for Unix  domain  sock-
       ets,  but  the  SO_RCVBUF  option  does not.  For datagram sockets, the
       SO_SNDBUF value imposes an upper limit on the size  of  outgoing  data-
       grams.   This limit is calculated as the doubled (see socket(7)) option
       value less 32 bytes used for overhead.

ANCILLARY MESSAGES
       Ancillary data is sent and received using  sendmsg(2)  and  recvmsg(2).
       For  historical  reasons  the  ancillary message types listed below are
       specified with a SOL_SOCKET type even though they are PF_UNIX specific.
       To  send  them  set  the  cmsg_level  field  of  the  struct cmsghdr to
       SOL_SOCKET and the cmsg_type field to the type.  For  more  information
       see cmsg(3).

       SCM_RIGHTS
              Send or receive a set of open file descriptors from another pro-
              cess.  The data portion contains an integer array  of  the  file
              descriptors.   The passed file descriptors behave as though they
              have been created with dup(2).

       SCM_CREDENTIALS
              Send or receive Unix credentials.  This can be used for  authen-
              tication.   The  credentials are passed as a struct ucred ancil-
              lary message.

                struct ucred {
                    pid_t pid;    /* process ID of the sending process */
                    uid_t uid;    /* user ID of the sending process */
                    gid_t gid;    /* group ID of the sending process */
                };

              The credentials which the sender specifies are  checked  by  the
              kernel.   A process with effective user ID 0 is allowed to spec-
              ify values that do not match its own.  The sender  must  specify
              its own process ID (unless it has the capability CAP_SYS_ADMIN),
              its user ID, effective user ID, or saved set-user-ID (unless  it
              has  CAP_SETUID), and its group ID, effective group ID, or saved
              set-group-ID (unless it has CAP_SETGID).  To  receive  a  struct
              ucred  message  the  SO_PASSCRED  option  must be enabled on the
              socket.

VERSIONS
       SCM_CREDENTIALS and the abstract namespace were introduced  with  Linux
       2.2  and  should  not  be used in portable programs.  (Some BSD-derived
       systems also support credential passing, but the implementation details
       differ.)


NOTES
       In  the Linux implementation, sockets which are visible in the filesys-
       tem honour the permissions of the directory they are in.  Their  owner,
       group  and  their permissions can be changed.  Creation of a new socket
       will fail if the process does not have write and search (execute)  per-
       mission  on  the directory the socket is created in.  Connecting to the
       socket object requires read/write permission.   This  behavior  differs
       from  many  BSD-derived systems which ignore permissions for Unix sock-
       ets. Portable programs should not rely on this feature for security.

       Binding to a socket with a filename creates a socket in the file system
       that  must  be deleted by the caller when it is no longer needed (using
       unlink(2)).  The usual Unix close-behind semantics  apply;  the  socket
       can  be  unlinked at any time and will be finally removed from the file
       system when the last reference to it is closed.

       To pass file descriptors or credentials over a SOCK_STREAM, you need to
       send  or  receive  at  least one byte of non-ancillary data in the same
       sendmsg() or recvmsg() call.

       Unix domain stream sockets do not support  the  notion  of  out-of-band
       data.

ERRORS
       ENOMEM Out of memory.

       ECONNREFUSED
              connect(2)  called  with  a  socket object that isn't listening.
              This can happen when the remote socket does  not  exist  or  the
              filename is not a socket.

       EINVAL Invalid  argument  passed. A common cause is the missing setting
              of AF_UNIX in the sun_type field  of  passed  addresses  or  the
              socket being in an invalid state for the applied operation.

       EOPNOTSUPP
              Stream  operation  called on non-stream oriented socket or tried
              to use the out-of-band data option.

       EPROTONOSUPPORT
              Passed protocol is not PF_UNIX.

       ESOCKTNOSUPPORT
              Unknown socket type.

       EPROTOTYPE
              Remote socket does not match the local socket  type  (SOCK_DGRAM
              vs.  SOCK_STREAM)

       EADDRINUSE
              Selected  local  address  is  already taken or filesystem socket
              object already exists.

       EISCONN
              connect(2) called on an already connected  socket  or  a  target
              address was specified on a connected socket.

       ENOTCONN
              Socket  operation  needs a target address, but the socket is not
              connected.

       ECONNRESET
              Remote socket was unexpectedly closed.

       EPIPE  Remote socket was closed on a stream socket. If enabled, a  SIG-
              PIPE  is  sent  as  well.  This  can  be  avoided by passing the
              MSG_NOSIGNAL flag to sendmsg(2) or recvmsg(2).

       EFAULT User memory address was not valid.

       EPERM  The sender passed invalid credentials in the struct ucred.

       Other errors can be generated by the generic socket  layer  or  by  the
       filesystem  while generating a filesystem socket object. See the appro-
       priate manual pages for more information.

SEE ALSO
       recvmsg(2), sendmsg(2), socket(2),  socketpair(2),  cmsg(3),  capabili-
       ties(7), socket(7)

Linux Man Page                    2004-05-27                           UNIX(7)

Man(1) output converted with man2html
list of all man pages