Finding the other side of a unix socket

2023-08-29

lsof shows unix sockets:

COMMAND    PID USER   FD   TYPE             DEVICE SIZE/OFF     NODE NAME
...
xterm   241063  hjp    3u  unix 0x0000000000000000      0t0 77134366 type=STREAM
xterm   241063  hjp    4u  unix 0x0000000000000000      0t0 77134367 type=STREAM

But the NODE is unique and the other side has a completely different number. So how do you find out what those sockets connect to?

ss to the rescue:

% ss | grep 77134366
u_str ESTAB  0      0                                            * 77134366               * 77133419
u_str ESTAB  0      0                           @/tmp/.X11-unix/X0 77133419               * 77134366
% ss | grep 77134367
u_str ESTAB  0      0                                            * 77134367               * 77131674
u_str ESTAB  0      0                         @/tmp/.ICE-unix/7434 77131674               * 77134367

This gives us the path to the socket and also the node number of the opposite side. Either can then be used with lsof if necessary.

hp