toolman.org/net/peercredlistener
Advanced tools
import "toolman.org/net/peercredlistener"
go get toolman.org/net/peercredlistener
Package peercredlistener provides PeerCredListener and supporting functions.
PeerCredListener is a net.Listener implementation leveraging features of Linux based, Unix domain sockets to garner the PID, UID, and GID of the client side connection.
PeerCredListener is intended for use cases where a unix-domain server needs to reliably identify the process on the client side of each connection. By itself, peercredlistener provides support for simple socket connections. Additional support for gRPC over unix-domain sockets is available with the subordinate package toolman.org/net/peercredlistener/pclcreds.
A simple, unix-domain server can be written similar to the following:
// Create a new PeerCredListener listening on socketName
lsnr, err := peercredlistener.New(ctx, socketName)
if err != nil {
return err
}
// Wait for and accept an incoming connection
conn, err := lsnr.AcceptPeerCred()
if err != nil {
return err
}
// conn.Ucred has fields Pid, Uid and Gid
fmt.Printf("Client PID=%d UID=%d\n", conn.Ucred.Pid, conn.Ucred.Uid)
NOTE: This package does not work with IP connections or on operating systems other than Linux.
const ErrAddrInUse = unix.EADDRINUSE
ErrAddrInUse is a convenience wrapper around the Posix errno value for EADDRINUSE.
type PeerCredConn struct {
Ucred *unix.Ucred
net.Conn
}
PeerCredConn is a net.Conn containing the process credentials for the client side of a Unix domain socket connection.
type PeerCredListener struct {
net.Listener
}
PeerCredListener is an implementation of net.Listener that extracts the identity (i.e. pid, uid, gid) from the connection's client process. This information is then made available through the Ucred member of the *PeerCredConn returned by AcceptPeerCred or Accept (after a type assertion).
func New(ctx context.Context, addr string) (*PeerCredListener, error)
New returns a new PeerCredListener listening on the Unix domain socket addr.
func (pcl *PeerCredListener) Accept() (net.Conn, error)
Accept is a convenience wrapper around AcceptPeerCred allowing PeerCredListener callers that utilize net.Listener to function as expected. The returned net.Conn is a *PeerCredConn which may be accessed through a type assertion. See AcceptPeerCred for details on possible error conditions.
Accept contributes to implementing the net.Listener interface.
func (pcl *PeerCredListener) AcceptPeerCred() (*PeerCredConn, error)
AcceptPeerCred accepts a connection from the receiver's listener returning a *PeerCredConn containing the process credentials for the client. If the underlying Accept fails or if process credentials cannot be extracted, AcceptPeerCred returns nil and an error.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Security researchers report widespread abuse of OpenClaw skills to deliver info-stealing malware, exposing a new supply chain risk as agent ecosystems scale.
Security News
Claude Opus 4.6 has uncovered more than 500 open source vulnerabilities, raising new considerations for disclosure, triage, and patching at scale.
Research
/Security News
Malicious dYdX client packages were published to npm and PyPI after a maintainer compromise, enabling wallet credential theft and remote code execution.