#include <sys/socket.h>
       #include <sys/un.h>

       unix_socket = socket(AF_UNIX, type, 0);
       error = socketpair(AF_UNIX, type, 0, int *sv);

       The  AF_UNIX (also known as AF_LOCAL) socket family is used to communi-
       cate between processes on the same machine efficiently.  Traditionally,
       UNIX  domain  sockets  can  be either unnamed, or bound to a filesystem
       pathname (marked as being of type  socket).   Linux  also  supports  an
       abstract namespace which is independent of the filesystem.

       Valid   types  are:  SOCK_STREAM,  for  a  stream-oriented  socket  and
       SOCK_DGRAM, for  a  datagram-oriented  socket  that  preserves  message
       boundaries (as on most UNIX implementations, UNIX domain datagram sock-
       ets are always reliable and don't reorder datagrams); and (since  Linux
       2.6.4)  SOCK_SEQPACKET, for a connection-oriented socket that preserves
       message boundaries and delivers messages in the order  that  they  were

       UNIX domain sockets support passing file descriptors or process creden-
       tials to other processes using ancillary data.

   Address format
       A UNIX domain socket address is represented in the following structure:

           #define UNIX_PATH_MAX    108

           struct sockaddr_un {
               sa_family_t sun_family;               /* AF_UNIX */
               char        sun_path[UNIX_PATH_MAX];  /* pathname */

       sun_family always contains AF_UNIX.

       Three types of address are distinguished in this structure:

       *  pathname: a UNIX domain socket can be  bound  to  a  null-terminated
          file  system pathname using bind(2).  When the address of the socket
          is returned by getsockname(2), getpeername(2),  and  accept(2),  its
          length is

              offsetof(struct sockaddr_un, sun_path) + strlen(sun_path) + 1

          and sun_path contains the null-terminated pathname.

       *  unnamed: A stream socket that has not been bound to a pathname using
          bind(2) has no name.  Likewise, the two sockets created  by  socket-
          pair(2)  are  unnamed.   When  the  address  of an unnamed socket is
          returned  by  getsockname(2),  getpeername(2),  and  accept(2),  its
          length is sizeof(sa_family_t), and sun_path should not be inspected.

   Socket options
       For  historical  reasons  these  socket  options  are  specified with a
       SOL_SOCKET type even though they are AF_UNIX specific.  They can be set
       with setsockopt(2) and read with getsockopt(2) by specifying SOL_SOCKET
       as the socket family.

              Enables the receiving of the credentials of the sending  process
              in an ancillary message.  When this option is set and the socket
              is not yet connected a unique name  in  the  abstract  namespace
              will  be  generated  automatically.   Expects an integer boolean

   Autobind feature
       If a bind(2) call specifies  addrlen  as  sizeof(sa_family_t),  or  the
       SO_PASSCRED  socket  option  was  specified  for  a socket that was not
       explicitly bound to an address, then the  socket  is  autobound  to  an
       abstract  address.   The  address consists of a null byte followed by 5
       bytes in the character set [0-9a-f].  Thus, there is a  limit  of  2^20
       autobind  addresses.  (From Linux 2.1.15, when the autobind feature was
       added, 8 bytes  were  used,  and  the  limit  was  thus  2^32  autobind
       addresses.  The change to 5 bytes came in Linux 2.3.15.)

   Sockets API
       The  following  paragraphs  describe domain-specific details and unsup-
       ported features of the sockets API for UNIX domain sockets on Linux.

       UNIX domain sockets do not support the transmission of out-of-band data
       (the MSG_OOB flag for send(2) and recv(2)).

       The send(2) MSG_MORE flag is not supported by UNIX domain sockets.

       The  use of MSG_TRUNC in the flags argument of recv(2) is not supported
       by UNIX domain sockets.

       The SO_SNDBUF socket option does have an effect for UNIX  domain  sock-
       ets,  but  the  SO_RCVBUF  option  does not.  For datagram sockets, the
       SO_SNDBUF value imposes an upper limit on the size  of  outgoing  data-
       grams.   This limit is calculated as the doubled (see socket(7)) option
       value less 32 bytes used for overhead.

   Ancillary messages
       Ancillary data is sent and received using  sendmsg(2)  and  recvmsg(2).
       For  historical  reasons  the  ancillary message types listed below are
       specified with a SOL_SOCKET type even though they are AF_UNIX specific.
       To  send  them  set  the  cmsg_level  field  of  the  struct cmsghdr to
       SOL_SOCKET and the cmsg_type field to the type.  For  more  information
       see cmsg(3).

              Send  or  receive  a  set  of open file descriptors from another
              process.  The data portion contains an integer array of the file
              descriptors.   The passed file descriptors behave as though they

              Since  glibc  2.8,  the  _GNU_SOURCE  feature test macro must be
              defined (before including any header files) in order  to  obtain
              the definition of this structure.

              The  credentials  which  the sender specifies are checked by the
              kernel.  A process with effective user ID 0 is allowed to  spec-
              ify  values  that do not match its own.  The sender must specify
              its own process ID (unless it has the capability CAP_SYS_ADMIN),
              its  user ID, effective user ID, or saved set-user-ID (unless it
              has CAP_SETUID), and its group ID, effective group ID, or  saved
              set-group-ID  (unless  it  has CAP_SETGID).  To receive a struct
              ucred message the SO_PASSCRED option  must  be  enabled  on  the

       The  following ioctl(2) calls return information in value.  The correct
       syntax is:

              int value;
              error = ioctl(unix_socket, ioctl_type, &value);

       ioctl_type can be:

              Returns the amount of queued unread data in the receive  buffer.
              The socket must not be in LISTEN state, otherwise an error (EIN-
              VAL) is returned.   SIOCINQ  is  defined  in  <linux/sockios.h>.
              Alternatively,  you  can use the synonymous FIONREAD, defined in

              The specified local address is already in use or the  filesystem
              socket object already exists.

              The  remote  address specified by connect(2) was not a listening
              socket.  This error can also occur if the target filename is not
              a socket.

              Remote socket was unexpectedly closed.

       EFAULT User memory address was not valid.

       EINVAL Invalid  argument  passed.   A  common  cause  is that the value
              AF_UNIX was not  specified  in  the  sun_type  field  of  passed
              addresses, or the socket was in an invalid state for the applied

              connect(2) called on an already connected  socket  or  a  target
              Stream  operation  called on non-stream oriented socket or tried
              to use the out-of-band data option.

       EPERM  The sender passed invalid credentials in the struct ucred.

       EPIPE  Remote socket was closed on a stream socket.  If enabled, a SIG-
              PIPE  is  sent  as  well.   This  can  be avoided by passing the
              MSG_NOSIGNAL flag to sendmsg(2) or recvmsg(2).

              Passed protocol is not AF_UNIX.

              Remote socket does not match the local socket  type  (SOCK_DGRAM
              versus SOCK_STREAM)

              Unknown socket type.

       Other  errors  can  be  generated by the generic socket layer or by the
       filesystem while generating a filesystem socket object.  See the appro-
       priate manual pages for more information.

       SCM_CREDENTIALS  and  the abstract namespace were introduced with Linux
       2.2 and should not be used in  portable  programs.   (Some  BSD-derived
       systems also support credential passing, but the implementation details

       In the Linux implementation, sockets which are visible in the  filesys-
       tem  honor  the permissions of the directory they are in.  Their owner,
       group and their permissions can be changed.  Creation of a  new  socket
       will  fail if the process does not have write and search (execute) per-
       mission on the directory the socket is created in.  Connecting  to  the
       socket  object  requires  read/write permission.  This behavior differs
       from many BSD-derived systems which ignore permissions for UNIX  domain
       sockets.   Portable  programs should not rely on this feature for secu-

       Binding to a socket with a filename creates a socket in the  filesystem
       that  must  be deleted by the caller when it is no longer needed (using
       unlink(2)).  The usual UNIX close-behind semantics  apply;  the  socket
       can  be  unlinked  at  any  time  and  will be finally removed from the
       filesystem when the last reference to it is closed.

       To pass file descriptors or credentials over a SOCK_STREAM, you need to
       send  or  receive  at  least  one byte of nonancillary data in the same
       sendmsg(2) or recvmsg(2) call.

       UNIX domain stream sockets do not support  the  notion  of  out-of-band


Linux                             2012-05-10                           UNIX(7)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2019 Hurricane Electric. All Rights Reserved.