Subject: Re: getpeereid() or equivalent
To: Jason Thorpe <>
From: Arne H. Juul <>
List: tech-net
Date: 08/01/2007 11:27:17
> On Jul 31, 2007, at 4:59 PM, Daniel Carosone wrote:
>> You want getsockopt and the SO_PEERCRED option.  AFAICT, this is the
>> 'conventional' way of getting this functionality across (at least)
>> Linux and *BSD - the FreeBSD syscall seems to be an extra.  (Is it
>> really a syscall, or a convenient library wrapper around getsockopt?)

On Tue, 31 Jul 2007, Jason Thorpe wrote:
> The latter, I believe.  If we have the sockopt, might as well have the API 
> call as well.

you're both right in that - the FreeBSD getpeereid() is just a wrapper
around getsockopt with their LOCAL_PEERCRED option.  But my NetBSD
-current machine has neither SO_PEERCRED nor LOCAL_PEERCRED defined

blackbox:~:$ uname -s -r
NetBSD 4.99.25
blackbox:~:$ grep -r SO_PEERCRED /usr/include/
blackbox:~:$ grep -r LOCAL_PEERCRED /usr/include/
blackbox:~:$ grep -r LOCAL_CREDS /usr/include/
/usr/include/sys/un.h:#define   LOCAL_CREDS     0x0001          /* pass
credentials to receiver */

only the LOCAL_CREDS that I mentioned in my first mail is defined.

>> For usage examples, see postgresql or ssh code.

the ssh code looks really bad to me when SO_PEERCRED is undefined.

   -  Arne H. J.