Abstract UNIX Socket¶
Abstract UNIX sockets are linux specific extension and are documented alongside standard pathname sockets at unix(7).
Compared to pathname sockets they have two interesting properties:
How do I listen on abstract socket?¶
An abstract socket address is distinguished (from a pathname socket) by the fact that sun_path is a null byte (‘0’).
import socket s = socket(AF_UNIX) s.bind("\0" + "foo") # ^ ^ # | +- the actual socket name # +- the NUL byte identifying an abstract socket
How does the socket name behave with respect to
These are not special as documented in unix(7).
The following socket paths refer to different sockets:
How do I list listening abstract unix sockets?¶
iproute2 provides command
ss to investigate sockets. With options
-l filtering to listening
-x filtering to unix sockets.
Abstract sockets are not documented in ss(8) and they not seem to be filterable by
its argv but testing shows that
ss -lx shows abstract sockets as well as pathname sockets with
abstract sockets being distinguished by
In the following example output the first socket is abstract and the second one is pathname:
root@a5195a41505e:~# ss -lx Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port u_str UNCONN 0 0 @/foo 142423056 * 0 u_str UNCONN 0 0 /foo 142418390 * 0
Do identical socket names refer to identical socket in docker?¶
Identical names in different containers refer to the identical socket.
i.e. when process in one container binds to a socket name, another process can not bind the same socket name even in different container.
bridge network (default)
Identical paths in different containers refer to different sockets.
i.e. when process in one container binds to a socket path, another process in different container can bind the same socket path and their sockets are isolated to their containers.