About
An Unix domain socket is a socket implementation used for internal inter-process communication where 2 processes executing on the same host operating system can exchange data.
Because it's used for IPC, it's also known as IPC socket
Management
Set
For a UNIX domain socket, you must:
- pick a location within your filesystem that the process will be able to access in which the socket will be created where another internal process would be able to connect,
- set file permissions accordingly.
List
With netstat and the -x option of the socket argument
netstat -all -p -x
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ] DGRAM 11270 1/systemd /run/systemd/shutdownd
unix 2 [ ] DGRAM 13344 505/chronyd /var/run/chrony/chronyd.sock
unix 2 [ ACC ] STREAM LISTENING 10585962 30548/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 12884387 22550/netdata /tmp/netdata-ipc
unix 2 [ ACC ] STREAM LISTENING 10585948 21578/pickup public/pickup
unix 2 [ ACC ] STREAM LISTENING 9057 1/systemd /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 14946 534/NetworkManager /var/run/NetworkManager/private-dhcp
unix 2 [ ACC ] STREAM LISTENING 10585952 30548/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 10585965 30548/master private/bounce
........................
Share / Proxy
A UNIX domain socket can be secured using the filesystem (i.e., with user or group permissions), but cannot be reached from other machines that might want to share the service.
You need to use a proxy:
- TCP to Unix Socket: https://github.com/rnorth/tcp-unix-socket-proxy
- HTTP to Socket: https://kohlschutter.github.io/junixsocket/http.html
Language
Java
The most known library is junixsocket
File socketFile = new File("/path/to/your/socket");
// For docker: File socketFile = new File("/var/run/docker.sock");
AFUNIXSocket sock = AFUNIXSocket.newInstance();
sock.connect(AFUNIXSocketAddress.of(socketFile));