Provided by: manpages_2.77-1_all bug


       unix,   PF_UNIX,  AF_UNIX,  PF_LOCAL,  AF_LOCAL  -  Sockets  for  local
       interprocess communication


       #include <sys/socket.h>
       #include <sys/un.h>

       unix_socket = socket(PF_UNIX, type, 0);
       error = socketpair(PF_UNIX, type, 0, int *sv);


       The  PF_UNIX  (also  known  as  PF_LOCAL)  socket  family  is  used  to
       communicate  between  processes  on the same machine efficiently.  Unix
       sockets  can  be  either  anonymous  (created  by   socketpair(2))   or
       associated with a file of type socket.  Linux also supports an abstract
       namespace which is independent of the file system.

       Valid  types  are:  SOCK_STREAM,  for  a  stream-oriented  socket   and
       SOCK_DGRAM,  for  a  datagram-oriented  socket  that  preserves message
       boundaries (as on  most  Unix  implementations,  Unix  domain  datagram
       sockets  are  always  reliable and don’t reorder datagrams); and (since
       kernel 2.6.4) SOCK_SEQPACKET, for  a  connection-oriented  socket  that
       preserves  message  boundaries  and delivers messages in the order that
       they were sent.

       Unix sockets support passing file descriptors or process credentials to
       other processes using ancillary data.

   Address Format
       A  Unix  address  is  defined  as  a filename in the filesystem or as a
       unique  string  in  the  abstract  namespace.    Sockets   created   by
       socketpair(2)  are  anonymous.   For  non-anonymous  sockets the target
       address can be set using connect(2).  The  local  address  can  be  set
       using  bind(2).  When a socket is connected and it doesn’t already have
       a local address a unique address in  the  abstract  namespace  will  be
       generated automatically.

           #define UNIX_PATH_MAX    108

           struct sockaddr_un {
               sa_family_t    sun_family;               /* AF_UNIX */
               char           sun_path[UNIX_PATH_MAX];  /* pathname */

       sun_family  always  contains  AF_UNIX.   sun_path  contains  the  zero-
       terminated pathname of the socket in  the  file  system.   If  sun_path
       starts  with  a  null  byte  (’’ ’),  then  it  refers  to the abstract
       namespace maintained by the Unix protocol module.  The socket’s address
       in  this namespace is given by the rest of the bytes in sun_path.  Note
       that names in the abstract namespace are not zero-terminated.

   Socket Options
       For historical reasons  these  socket  options  are  specified  with  a
       SOL_SOCKET type even though they are PF_UNIX specific.  They can be set
       with setsockopt(2) and read with getsockopt(2) by specifying SOL_SOCKET
       as the socket family.

              Enables  the receiving of the credentials of the sending process
              ancillary message.  When this option is set and  the  socket  is
              not  yet  connected a unique name in the abstract namespace will
              be generated automatically.  Expects an integer boolean flag.

   (Un)supported Features
       The  following  paragraphs   describe   domain-specific   details   and
       unsupported  features  of  the  sockets  API for Unix domain sockets on

       Unix domain sockets do not support the transmission of out-of-band data
       (the MSG_OOB flag for send(2) and recv(2)).

       The send(2) MSG_MORE flag is not supported by Unix domain sockets.

       The  SO_SNDBUF  socket  option  does  have  an  effect  for Unix domain
       sockets, but the SO_RCVBUF option does not.  For datagram sockets,  the
       SO_SNDBUF  value  imposes  an  upper  limit  on  the  size  of outgoing
       datagrams.  This limit is calculated as  the  doubled  (see  socket(7))
       option value less 32 bytes used for overhead.

   Ancillary Messages
       Ancillary  data  is  sent and received using sendmsg(2) and recvmsg(2).
       For historical reasons the ancillary message  types  listed  below  are
       specified with a SOL_SOCKET type even though they are PF_UNIX specific.
       To send them  set  the  cmsg_level  field  of  the  struct  cmsghdr  to
       SOL_SOCKET  and  the cmsg_type field to the type.  For more information
       see cmsg(3).

              Send or receive a set of  open  file  descriptors  from  another
              process.  The data portion contains an integer array of the file
              descriptors.  The passed file descriptors behave as though  they
              have been created with dup(2).

              Send  or  receive  Unix  credentials.   This  can  be  used  for
              authentication.  The credentials are passed as  a  struct  ucred
              ancillary message.

                  struct ucred {
                      pid_t pid;    /* process ID of the sending process */
                      uid_t uid;    /* user ID of the sending process */
                      gid_t gid;    /* group ID of the sending process */

              The  credentials  which  the sender specifies are checked by the
              kernel.  A process with  effective  user  ID  0  is  allowed  to
              specify  values  that  do  not  match  its own.  The sender must
              specify its  own  process  ID  (unless  it  has  the  capability
              CAP_SYS_ADMIN),  its  user  ID, effective user ID, or saved set-
              user-ID (unless it has CAP_SETUID), and its group ID,  effective
              group  ID, or saved set-group-ID (unless it has CAP_SETGID).  To
              receive a struct ucred message the SO_PASSCRED  option  must  be
              enabled on the socket.


              Selected  local  address  is  already taken or filesystem socket
              object already exists.

              connect(2) called with a socket  object  that  isn’t  listening.
              This  can  happen  when  the remote socket does not exist or the
              filename is not a socket.

              Remote socket was unexpectedly closed.

       EFAULT User memory address was not valid.

       EINVAL Invalid argument passed.  A common cause is the missing  setting
              of  AF_UNIX  in  the  sun_type  field of passed addresses or the
              socket being in an invalid state for the applied operation.

              connect(2) called on an already connected  socket  or  a  target
              address was specified on a connected socket.

       ENOMEM Out of memory.

              Socket  operation  needs a target address, but the socket is not

              Stream operation called on non-stream oriented socket  or  tried
              to use the out-of-band data option.

       EPERM  The sender passed invalid credentials in the struct ucred.

       EPIPE  Remote  socket  was  closed  on  a stream socket.  If enabled, a
              SIGPIPE is sent as well.  This can be  avoided  by  passing  the
              MSG_NOSIGNAL flag to sendmsg(2) or recvmsg(2).

              Passed protocol is not PF_UNIX.

              Remote  socket  does not match the local socket type (SOCK_DGRAM
              vs.  SOCK_STREAM)

              Unknown socket type.

       Other errors can be generated by the generic socket  layer  or  by  the
       filesystem  while  generating  a  filesystem  socket  object.   See the
       appropriate manual pages for more information.


       SCM_CREDENTIALS and the abstract namespace were introduced  with  Linux
       2.2  and  should  not  be used in portable programs.  (Some BSD-derived
       systems also support credential passing, but the implementation details


       In   the  Linux  implementation,  sockets  which  are  visible  in  the
       filesystem honor the permissions of the directory they are  in.   Their
       owner,  group  and their permissions can be changed.  Creation of a new
       socket will fail  if  the  process  does  not  have  write  and  search
       (execute)  permission  on  the  directory  the  socket  is  created in.
       Connecting to the socket object requires read/write  permission.   This
       behavior differs from many BSD-derived systems which ignore permissions
       for Unix sockets.  Portable programs should not rely  on  this  feature
       for security.

       Binding to a socket with a filename creates a socket in the file system
       that must be deleted by the caller when it is no longer  needed  (using
       unlink(2)).   The  usual  Unix close-behind semantics apply; the socket
       can be unlinked at any time and will be finally removed from  the  file
       system when the last reference to it is closed.

       To pass file descriptors or credentials over a SOCK_STREAM, you need to
       send or receive at least one byte of non-ancillary  data  in  the  same
       sendmsg(2) or recvmsg(2) call.

       Unix  domain  stream  sockets  do not support the notion of out-of-band


       See bind(2).


       recvmsg(2),    sendmsg(2),    socket(2),    socketpair(2),     cmsg(3),
       capabilities(7), credentials(7), socket(7)


       This  page  is  part of release 2.77 of the Linux man-pages project.  A
       description of the project, and information about reporting  bugs,  can
       be found at