s6
Software
skarnet.org

The s6-ipcserverd program

s6-ipcserverd is the serving part of the s6-ipcserver super-server. It assumes that its stdin is a bound and listening Unix domain socket, and it accepts connections from clients connecting to it, forking a program to handle each connection.

Interface

     s6-ipcserverd [ -1 ] [ -v verbosity ] [ -P | -p ] [ -c maxconn ] [ -C localmaxconn ] prog...

• s6-ipcserverd accepts connections from clients to an already bound and listening SOCK_STREAM Unix domain socket which is its standard input.
• For every client connection to this socket, it forks. The child sets some environment variables, then executes prog... with stdin reading from the socket and stdout writing to it.
• Depending on the verbosity level, it logs what it does to stderr.
• It runs until killed by a signal. Depending on the received signal, it may kill its children before exiting.

Environment variables

For each connection, an instance of prog... is spawned with the following variables set:

• PROTO: always set to IPC
• IPCREMOTEEUID: set to the effective UID of the client, unless credentials lookups have been disabled
• IPCREMOTEEGID: set to the effective GID of the client, unless credentials lookups have been disabled
• IPCREMOTEPATH: set to the path associated with the remote socket, if any. Be aware that it may contain arbitrary characters.
• IPCCONNNUM: set to the number of connections originating from the same user (i.e. same uid)

If client credentials lookup has been disabled, IPCREMOTEEUID and IPCREMOTEEUID will be set, but empty.

Options

• -1 : write a newline to stdout, and close stdout, right before entering the client-accepting loop. If stdout is suitably redirected, this can be used by monitoring programs to check when the server is accepting connections. See this page for more information on readiness notification.
• -v verbosity : be more or less verbose. verbosity can be 0 (quiet), 1 (normal), or 2 (verbose).
• -P : disable client credentials lookups. The IPCREMOTEEUID and IPCREMOTEEGID environment variables will be unset in every instance of prog.... This is the portable option, because not every system supports credential lookup across Unix domain sockets; but it is not as secure.
• -p : enable client credentials lookups. This is the default; it works at least on Linux, Solaris, and *BSD systems. On systems that do not support it, every connection attempt will fail with a warning message.
• -c maxconn : accept at most maxconn concurrent connections. Default is 40. It is impossible to set it higher than 1000.
• -C localmaxconn : accept at most localmaxconn connections from the same user ID. Default is 40. It is impossible to set it higher than maxconn.

Signals

• SIGTERM: exit.
• SIGHUP: send a SIGTERM and a SIGCONT to all children.
• SIGQUIT: send a SIGTERM and a SIGCONT to all children, then exit.
• SIGABRT: send a SIGKILL to all children, then exit.

Notes

• Unlike his close cousin ipcserver, s6-ipcserverd does not perform operations such as access control. Those are delegated to the s6-ipcserver-access program.
• s6-ipcserverd can be used to set up local services.
• s6-ipcserverd is meant to be execve'd into by a program that gets the listening socket. That program is normally s6-ipcserver-socketbinder, which creates the socket itself; but it can be a different one if the socket is to be retrieved by another means, for instance by fd-passing from a fd-holding daemon (some people call this "socket activation").