The UNIX-domain protocol family comprises simple transport protocols that support the
SOCK_STREAM and
SOCK_DGRAM abstractions.
SOCK_STREAM sockets also support the communication of
UNIX file descriptors through the use of the
msg_control field in the
msg argument to
sendmsg(2) and
recvmsg(2).
Any valid descriptor may be sent in a message. The file descriptor(s) to be passed are described using a
struct cmsghdr that is defined in the include file
<sys/socket.h>. The type of the message is
SCM_RIGHTS, and the data portion of the messages is an array of integers representing the file descriptors to be passed. The number of descriptors being passed is defined by the length field of the message; the length field is the sum of the size of the header plus the size of the array of file descriptors.
The received descriptor is a
duplicate of the sender's descriptor, as if it were created with a call to
dup(2). Per-process descriptor flags, set with
fcntl(2), are
not passed to a receiver. Descriptors that are awaiting delivery, or that are purposely not received, are automatically closed by the system when the destination socket is closed.
A UNIX-domain socket supports two socket-level options for use with
setsockopt(2) and
getsockopt(2):
The
LOCAL_CREDS option may be enabled on a
SOCK_DGRAM or a
SOCK_STREAM socket. This option provides a mechanism for the receiver to receive the credentials of the process as a
recvmsg(2) control message. The msg_control field in the msghdr structure points to a buffer that contains a cmsghdr structure followed by a variable length sockcred structure, defined in
<sys/socket.h> as follows:
struct sockcred {
uid_t sc_uid; /* real user id */
uid_t sc_euid; /* effective user id */
gid_t sc_gid; /* real group id */
gid_t sc_egid; /* effective group id */
int sc_ngroups; /* number of supplemental groups */
gid_t sc_groups[1]; /* variable length */
};
The
LOCAL_PEEREID option may be used with
getsockopt(2) to get the PID and effective user and group IDs of a
SOCK_STREAM peer when it did
connect(2) or
bind(2). The returned structure is
struct unpcbid {
pid_t unp_pid; /* process id */
uid_t unp_euid; /* effective user id */
gid_t unp_egid; /* effective group id */
};
as defined in
<sys/un.h>.
The
SOCKCREDSIZE() macro computes the size of the sockcred structure for a specified number of groups. The cmsghdr fields have the following values:
cmsg_len = sizeof(struct cmsghdr) + SOCKCREDSIZE(ngroups)
cmsg_level = SOL_SOCKET
cmsg_type = SCM_CREDS