Re: unix socket connection tracking

[Lukasz Stelmach]

Jan Engelhardt wrote:
>>>>>> I feel dumb as never so please enlight me. Is ther a way to find out which
>>>>>> process is on the other end of a unix socket pointed by a specified fd in a process.
>>>>> getpeer*()
>>>> getpeername(2) (that is the only man page I've got)
[...]
> Just look at all processes and logically connect them:
> 
> 15:32 shanghai:/D/home/jengelh # l /proc/7315/fd
[...]
> 15:33 shanghai:/D/home/jengelh # l /proc/7316/fd/
[...]
> No need for ptrace. No need for getpeername() either, but it's useful to 
> get the real addresses of sockets.

Please understand my situation. I've got GNOME running, gconfd-2 is a "registry"
management process that accepts connections through a unix domain socket (named
one) from many *unrelated* (child/parent) processes. In fact from most gnome
applications. I *do* strace it to see what it does. It does some write(2)s to
some sockets. I would like to know which socket leads where. Try to strace
gconfd-2 and you'will see what I mean.

For now James Cloos gave the best option, to look for a socket with an i-node
number adjectant (+-1) to the socket I know.

-- 
ByÅo mi bardzo miÅo.                    Czwarta pospolita klÄska, [...]
>Åukasz<                      JuÅ nie katolicka lecz zÅodziejska.  (c)PP

Attachment: signature.asc
Description: OpenPGP digital signature