Sending file descriptor over unix domain socket

This is needed very rarely, but in cases where it's a good fit, it provides a very elegant and simple solution for an otherwise hairy problem. As the engine runs, it writes logs and the UI needs to display them. So one solution is to tweak permissions on the log files to make them universally readable.

It's not hard to do, but it makes the whole thing more fragile - these permissions may get inadvertently stripped off, the UI process may be sandboxed by an antivirus, etc. That is, the program may end up in a state when the UI cannot access the logs, but the engine can.

The alternative here is for the UI process to ask the engine to open the logs and pass the handles back. Very simple to do and resistant to accidental breakage. The latter normally requires a root access, but the client was closed-source, so it had to be able to run under restricted user accounts, because asking people to run it under the root was not an option.

Unless you have really long-lived connections you cannot drop, let your load balancer layer above the machine drain old connections and then just restart after some threshold. So now you need to bolt on some more context transfer mechanisms as well TFA is about handing over server sockets, so that the new version can deal with new connections while the old version deals with old connections. I have done this for an RTMP server. It worked out pretty well. That only works when a session is a relationship with a connection e.

The world of QUIC means the kernel is a little too out of the loop for this to easily work. WJW on Nov 2, root parent next [—]. That does seem like it would have worked and been easier.

Android makes liberal use of exchanging file descriptors between processes in it's ipc mechanisms. Slightly different use case then what the article discusses but it's an interesting pattern available to multiprocess same host ipc. DesiLurker on Nov 2, parent next [—]. I don't follow.

How can file descriptors be passed through a shared memory to another process and remain valid in its context? Assuming it's not Windows, where it is possible to explicitly clone a handle for a specific process. The linked code example doesn't seem to do fd passing, but I guess the use case of fd passing in shared memory context would be the other way around: passing fd's that point to shared memory.

The shared memory could then be mmap'ed using the passed fd as the handle. But think about it for a second, what if we need to share an fd after a child is forked. Or is that a case we need to solve? You will come to know that in Unix world over time this has been a requirement and now I am going to explain how do we solve this problem citing two different sample programs. Make sure that you are more or less comfortable with the terms and concepts we have discussed so far to follow things much easier.

Consider the client-server program given above even though its named client and server they reside on the same host.. Here server initially opens a unix domain stream socket fd with the default IP protocol. As usual we bind the socket fd with the specified socket file and listens for incoming connections.

As soon as client comes up and connect to this very same socket file, server accepts this connection and is ready for communication. Afterwards it opens two already existing non-empty regular text files provided via command-line arguments during the execution of the program and connects to server via its own fd.

But they can just merely used for exchanging messages and not open fds. Generally we make use of msghdr structure for packing up the message payload in format expected by sendmsg system call.

For details refer sendmsg 2. In order to send extra data we use the cmsghdr and its derivative macros integrated into standard msghdr structure. See below:. Active 2 years, 2 months ago. Viewed times. Read about the difference between "file descriptor" and "open file description", e. Add a comment. Active Oldest Votes. Sign up or log in Sign up using Google. Sign up using Facebook.

Sign up using Email and Password. I added the code that populates the structures to the question. There's some differences between this code and other typical sendfd 's I've seen - do any of these make a difference: code. Show 3 more comments. Active Oldest Votes. Community Bot 1 1 1 silver badge. Never use select anymore.

I gave reasons in my comment on the OP. Use the poll system call which is portable to BSD or the epoll system. Add a comment. Sign up or log in Sign up using Google. Sign up using Facebook.