Preforking Servers

General Information

What Is ucspi-ipc?

The ipcserver and ipcclient programs are command-line tools for building local-domain client-server applications. They conform to the UNIX Client-Server Program Interface, UCSPI.

The ipcserver program listens for connections on a local-domain stream socket, and runs a program for each connection it accepts. The program environment includes variables that hold the local and remote socket addresses, and the effective user and group IDs of the process that called connect. ipcserver offers a concurrency limit on acceptance of new connections, and selective handling of connections based on client identity.

The ipcclient program requests a connection to a local-domain socket, and runs a program. The program environment includes a variable that holds the local socket address.

The ipcperl program is an example of an ipchandle server. It invokes a perl subroutine for each request.


A service running as a privileged user under ipcserver can perform tasks on behalf of nonprivileged users without setuid programs. Clients user and group IDs are known to the server can be logged. Access to any service is configurable through a standard, simple mechanism, based on the client user and group ID.

Operating System Support

The ucspi-ipc package requires an implementation of getpeereid. Recent Linux kernels offer sufficient basis for getpeereid. Various operating systems implement a getpeereid system call, including OpenBS 3.0, FreeBS 4.6, and AI 5L.

Patches to add a getpeereid system call are available for several operating systems.

D. J. Bernstein created the UCSPI framework and wrote ucspi-tcp.

Bruce Guenter has a protocol and package similar to ucspi-ipc called ucspi-unix