18

I am writing a daemon process for a Debian system in C that uses a Unix Domain Socket.

If the daemon process's working directory is the root directory, is there an idiomatic directory to place the socket on the file system?

Jeff Schaller
  • 66,199
  • 35
  • 114
  • 250
recursion.ninja
  • 285
  • 1
  • 3
  • 7
  • Why don't you just let that be configurable ? – BatchyX Aug 24 '13 at 19:52
  • 4
    @BatchyX Well, some kind of default value (rather than forcing every administrator to make a decision completely on their own) can certainly be nice. :) – user Aug 24 '13 at 23:12

1 Answers1

22

They are commonly found in /tmp or a subdirectory thereof. Note that everything in /tmp is subject to erasure at shutdown -- not that it necessarily is erased, just beware that it can be, so if you use that, check if you have to create your subdirectory each time. You will want to use a subdirectory if you want to restrict access via permissions, since /tmp is world readable.

/run and /var/run (which may be symlinked together) are used in a similar way, but they are generally mounted as tmpfs filesystems -- meaning they are created at boot and reside in memory, not on disk (so do not use that as a place to dump copious amounts of data). For a runtime socket, it is probably a good choice.

Note that /run, and all of the other directories mentioned here except /tmp, are only writable by root. For a system process, this is fine, but if the application may be run by a non-privileged user, you either want to use /tmp or create a permanent directory somewhere and set permissions on that, or use a location in the user's $HOME.

It is possible to create a directory in /usr/share (or /usr/local/share) during installation. Directories and contents there are not potentially reaped across boots as they would be in /tmp or /run. However, as jordanm points out in the comments, /usr may be mounted read-only and the linux filesystem hierarchy guidelines reflect this. Of course, it can't be read-only when your application is installed, so if you are comfortable creating a socket there then, you can leave it and use it later (you will still be able to write to the socket even though the file is read-only).

If you want somewhere persistent across boots that won't get mounted read-only, /etc is a fairly safe bet, since this is often used for system-wide configurations and re-configurations. OTOH, it is possible to have systems where the device underlying the entire root filesystem is read-only (e.g., embedded systems), with /tmp and /run on another device (probably: tmpfs in memory). So the two most robust strategies would seem to be:

  • Install the socket to a permanent location when the application is installed.

  • Create a directory in /run or /var/run at runtime and put the socket there.

  • Do the same thing only in /tmp.

The advantage of the first one is that no matter what, once the app is installed, you'll have a socket to use. The advantage of the second one is that it may be more conducive to sane programming. The advantage of the third is it does not require superuser privileges. It should be easy to switch from one implementation to another if you change your mind later.

Finally, as BatchyX brought up, you should at least offer a configuration option for this, falling back on your choice of default.

goldilocks
  • 86,451
  • 30
  • 200
  • 258
  • 2
    `/run` or `/var/run` is also often used for root processes. – BatchyX Aug 24 '13 at 19:52
  • Right. Those are even more tmp than `/tmp`. I'll edit that in. – goldilocks Aug 24 '13 at 19:56
  • `/usr` can be mounted as read only. Files should never be created there at runtime. The other suggestions are good. – jordanm Aug 24 '13 at 21:03
  • @jordanm : Good call, although a unix socket created during installation (when /usr must be writable) will be usable later on even if the file is read-only. I notice the things I associate with runtime modifiable directories in /usr have moved them to /etc -- anyway, have edited the post in this light. – goldilocks Aug 24 '13 at 21:43
  • 1
    Thank you all for your input, the discussion was very informative. I decided to make the default location `/tmp/.APPNAME/.APPSOCK` because the daemon has no need for persistent data. – recursion.ninja Aug 25 '13 at 02:28
  • 2
    Another key difference between `/tmp` and `/run`, is that only root has write permissions on `/run`. – BatchyX Aug 25 '13 at 07:46
  • It should be added that since a while /tmp/ is by default PRIVATE per systemctl process. This means your sock file is not visible to other services (like apache) anymore. – John Apr 17 '21 at 18:46