Changes

14 bytes added ,  16:16, 19 May 2017
Line 92: Line 92:  
Unix sockets can be bound to a file. The problem is that an address and a file are not connected between each other in term of unix sockets. For example, if you move a socket file, ss shows the origin address and you can’t find a file where the socket is bound. Another example is that an address may contain a relative path (../socket_name).
 
Unix sockets can be bound to a file. The problem is that an address and a file are not connected between each other in term of unix sockets. For example, if you move a socket file, ss shows the origin address and you can’t find a file where the socket is bound. Another example is that an address may contain a relative path (../socket_name).
   −
Currently socket_diag shows a device and an inode number for a socket file, but it says nothing about a path to this file and about its mount point. We can introduce a new ioctl, which will return a file descriptor to a socket file.
+
Currently socket_diag shows a device and an inode number for a socket file, but it says nothing about a path to this file and about its mount point. We introduced the SIOCUNIXFILE ioctl, which returns a file descriptor to a socket file.
 
In this case to restore a unix socket we have to:
 
In this case to restore a unix socket we have to:
create a temporary directory and mount tmpfs into it before restoring sockets
+
* create a temporary directory and mount tmpfs into it before restoring sockets
Restore sockets
+
* Restore sockets
create a socket address directory where is the last part is a symlink to a proper directory on a required mount point
+
* create a socket address directory where is the last part is a symlink to a proper directory on a required mount point
call chroot() to the temporary directory
+
* call chroot() to the temporary directory
bind the socket to a specified address
+
* bind the socket to a specified address
 
if we restored a server socket, we can get a file descriptor for its file and use it to restore client sockets by calling connect() for /proc/self/fd/[SK_FILE_FD]
 
if we restored a server socket, we can get a file descriptor for its file and use it to restore client sockets by calling connect() for /proc/self/fd/[SK_FILE_FD]
 
umount tmpfs from the temporary directory and remove the directory after restoring all sockets
 
umount tmpfs from the temporary directory and remove the directory after restoring all sockets