This is sockets/scm_cred_recv.c, an example to accompany the book, The Linux Programming Interface.

This file is not printed in the book; it is a supplementary file for Chapter 61.

The source code file is copyright 2022, Michael Kerrisk, and is licensed under the GNU General Public License, version 3.

In the listing below, the names of Linux system calls and C library functions are hyperlinked to manual pages from the Linux man-pages project, and the names of functions implemented in the book are hyperlinked to the implementations of those functions.


Download sockets/scm_cred_recv.c

  Cover of The Linux Programming Interface

Function list (Bold in this list means a function is not static)

/* scm_cred_recv.c

   Used in conjunction with scm_cred_send.c to demonstrate passing of
   process credentials via a UNIX domain socket.

   This program receives credentials sent to a UNIX domain socket.

   Usage is as shown in the usageErr() call below.

   Credentials can be exchanged over stream or datagram sockets. This program
   uses stream sockets by default; the "-d" command-line option specifies
   that datagram sockets should be used instead.

   This program is Linux-specific.

   See also scm_multi_recv.c.
#include "scm_cred.h"
main(int argc, char *argv[])
    /* Allocate a char array of suitable size to hold the ancillary data.
       However, since this buffer is in reality a 'struct cmsghdr', use a
       union to ensure that it is aligned as required for that structure.
       Alternatively, we could allocate the buffer using malloc(), which
       returns a buffer that satisfies the strictest alignment
       requirements of any type */

    union {
        char   buf[CMSG_SPACE(sizeof(struct ucred))];
                        /* Space large enough to hold a 'ucred' structure */
        struct cmsghdr align;
    } controlMsg;

    /* Parse command-line options */

    bool useDatagramSocket = false;
    int opt;

    while ((opt = getopt(argc, argv, "d")) != -1) {
        switch (opt) {
        case 'd':
            useDatagramSocket = true;

            usageErr("%s [-d]\n"
                    "        -d    use datagram socket\n", argv[0]);

    /* Create socket bound to a well-known address. In the case where
       we are using stream sockets, also make the socket a listening
       socket and accept a connection on the socket. */

    if (remove(SOCK_PATH) == -1 && errno != ENOENT)
        errExit("remove-%s", SOCK_PATH);

    int sfd;
    if (useDatagramSocket) {
        sfd = unixBind(SOCK_PATH, SOCK_DGRAM);
        if (sfd == -1)
    } else {
        int lfd = unixBind(SOCK_PATH, SOCK_STREAM);
        if (lfd == -1)

        if (listen(lfd, 5) == -1)

        sfd = accept(lfd, NULL, NULL);
        if (sfd == -1)

    /* We must set the SO_PASSCRED socket option in order to receive
       credentials */

    int optval = 1;
    if (setsockopt(sfd, SOL_SOCKET, SO_PASSCRED, &optval, sizeof(optval)) == -1)

    /* The 'msg_name' field can be set to point to a buffer where the
       kernel will place the address of the peer socket. However, we don't
       need the address of the peer, so we set this field to NULL. */

    struct msghdr msgh;
    msgh.msg_name = NULL;
    msgh.msg_namelen = 0;

    /* Set fields of 'msgh' to point to buffer used to receive (real)
       data read by recvmsg() */

    struct iovec iov;
    int data;
    msgh.msg_iov = &iov;
    msgh.msg_iovlen = 1;
    iov.iov_base = &data;
    iov.iov_len = sizeof(data);

    /* Set 'msgh' fields to describe the ancillary data buffer */

    msgh.msg_control = controlMsg.buf;
    msgh.msg_controllen = sizeof(controlMsg.buf);

    /* Receive real plus ancillary data */

    ssize_t nr = recvmsg(sfd, &msgh, 0);
    if (nr == -1)
    printf("recvmsg() returned %zd\n", nr);

    if (nr > 0)
        printf("Received data = %d\n", data);

    /* Get the address of the first 'cmsghdr' in the received
       ancillary data */

    struct cmsghdr *cmsgp = CMSG_FIRSTHDR(&msgh);

    /* Check the validity of the 'cmsghdr' */

    if (cmsgp == NULL || cmsgp->cmsg_len != CMSG_LEN(sizeof(struct ucred)))
        fatal("bad cmsg header / message length");
    if (cmsgp->cmsg_level != SOL_SOCKET)
        fatal("cmsg_level != SOL_SOCKET");
    if (cmsgp->cmsg_type != SCM_CREDENTIALS)
        fatal("cmsg_type != SCM_CREDENTIALS");

    /* Copy the contents of the data field of the 'cmsghdr' to a
       'struct ucred'. */

    struct ucred rcred, scred;

    memcpy(&rcred, CMSG_DATA(cmsgp), sizeof(struct ucred));

    /* Display the credentials from the received data area */

    printf("Received credentials pid=%ld, uid=%ld, gid=%ld\n",
                (long), (long) rcred.uid, (long) rcred.gid);

    /* The Linux-specific, read-only SO_PEERCRED socket option returns
       credential information about the peer, as described in socket(7).
       This operation can be performed on UNIX domain stream sockets and on
       UNIX domain sockets (stream or datagram) created with socketpair(). */

    socklen_t len = sizeof(struct ucred);
    if (getsockopt(sfd, SOL_SOCKET, SO_PEERCRED, &scred, &len) == -1)

    printf("Credentials from SO_PEERCRED: pid=%ld, euid=%ld, egid=%ld\n",
            (long), (long) scred.uid, (long) scred.gid);



Download sockets/scm_cred_recv.c

Note that, in most cases, the programs rendered in these web pages are not free standing: you'll typically also need a few other source files (mostly in the lib/ subdirectory) as well. Generally, it's easier to just download the entire source tarball and build the programs with make(1). By hovering your mouse over the various hyperlinked include files and function calls above, you can see which other source files this file depends on.

Valid XHTML 1.1