On Tue, 22 Oct 2019 16:50:40 +0000
"Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)"
<jgraj...@cisco.com> wrote:
> > Why does this not use abstract unix domain socket naming?
> > That would be much less error prone, because then the socket would
> > disappear when all applications using it are closed.
>
> How would that work with containers? I'll consider that for a new patch,
> maybe it could be optional?
>
Not sure, if they interact with fs namespaces (remember there really is no such
thing as containers). From unix(7)
Abstract sockets
Socket permissions have no meaning for abstract sockets: the process
umask(2) has no effect when binding an abstract socket, and changing
the ownership and permissions of the object (via fchown(2) and fch‐
mod(2)) has no effect on the accessibility of the socket.
Abstract sockets automatically disappear when all open references to
the socket are closed.
The abstract socket namespace is a nonportable Linux extension.
Also pathname length restrictions are only because of the sizeof default
sockaddr_un struct.
Kernel will accept bigger lengths if passed a bigger sockaddr.
