In
Unix
Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
and
Unix-like
A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
computer operating systems, a file descriptor (FD, less frequently fildes) is a process-unique identifier (
handle
A handle is a part of, or attachment to, an object that allows it to be grasped and manipulated by hand. The design of each type of handle involves substantial ergonomic issues, even where these are dealt with intuitively or by following tra ...
) for a
file
File or filing may refer to:
Mechanical tools and processes
* File (tool), a tool used to ''remove'' fine amounts of material from a workpiece
**Filing (metalworking), a material removal process in manufacturing
** Nail file, a tool used to gent ...
or other
input/output
In computing, input/output (I/O, or informally io or IO) is the communication between an information processing system, such as a computer, and the outside world, possibly a human or another information processing system. Inputs are the signals ...
resource
Resource refers to all the materials available in our environment which are technologically accessible, economically feasible and culturally sustainable and help us to satisfy our needs and wants. Resources can broadly be classified upon their ...
, such as a
pipe
Pipe(s), PIPE(S) or piping may refer to:
Objects
* Pipe (fluid conveyance), a hollow cylinder following certain dimension rules
** Piping, the use of pipes in industry
* Smoking pipe
** Tobacco pipe
* Half-pipe and quarter pipe, semi-circula ...
or
network socket
A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming ...
.
File descriptors typically have non-negative
integer
An integer is the number zero (), a positive natural number (, , , etc.) or a negative integer with a minus sign (−1, −2, −3, etc.). The negative numbers are the additive inverses of the corresponding positive numbers. In the language ...
values, with negative values being reserved to indicate "no value" or error conditions.
File descriptors are a part of the
POSIX
The Portable Operating System Interface (POSIX) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system- and user-level application programming interf ...
API
An application programming interface (API) is a way for two or more computer programs to communicate with each other. It is a type of software Interface (computing), interface, offering a service to other pieces of software. A document or standa ...
. Each Unix
process
A process is a series or set of activities that interact to produce a result; it may occur once-only or be recurrent or periodic.
Things called a process include:
Business and management
*Business process, activities that produce a specific se ...
(except perhaps
daemons) should have three standard POSIX file descriptors, corresponding to the three
standard streams
In computer programming, standard streams are interconnected input and output communication channels between a computer program and its environment when it begins execution. The three input/output (I/O) connections are called standard input (stdin ...
:
Overview
In the traditional implementation of Unix, file descriptors index into a per-process maintained by the kernel, that in turn indexes into a system-wide table of files opened by all processes, called the . This table records the ''mode'' with which the file (or other resource) has been opened: for reading, writing, appending, and possibly other modes. It also indexes into a third table called the
inode table that describes the actual underlying files.
To perform input or output, the process passes the file descriptor to the kernel through a
system call
In computing, a system call (commonly abbreviated to syscall) is the programmatic way in which a computer program requests a service from the operating system on which it is executed. This may include hardware-related services (for example, acc ...
, and the kernel will access the file on behalf of the process. The process does not have direct access to the file or inode tables.
On
Linux
Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
, the set of file descriptors open in a process can be accessed under the path
/proc/PID/fd/
, where PID is the
process identifier
In computing, the process identifier (a.k.a. process ID or PID) is a number used by most operating system kernels—such as those of Unix, macOS and Windows—to uniquely identify an active process. This number may be used as a parameter in various ...
. File descriptor
/proc/PID/fd/0
is
stdin
,
/proc/PID/fd/1
is
stdout
, and
/proc/PID/fd/2
is
stderr
. As a shortcut to these, any running process can also access ''its own'' file descriptors through the folders
/proc/self/fd
and
/dev/fd
.
In
Unix-like
A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
systems, file descriptors can refer to any
Unix file type The seven standard Unix file types are ''regular'', ''directory'', ''symbolic link'', ''FIFO special'', ''block special'', ''character special'', and ''socket'' as defined by POSIX. Different OS-specific implementations allow more types than what PO ...
named in a file system. As well as regular files, this includes
directories
Directory may refer to:
* Directory (computing), or folder, a file system structure in which to store computer files
* Directory (OpenVMS command)
* Directory service, a software application for organizing information about a computer network's u ...
,
block
Block or blocked may refer to:
Arts, entertainment and media Broadcasting
* Block programming, the result of a programming strategy in broadcasting
* W242BX, a radio station licensed to Greenville, South Carolina, United States known as ''96.3 ...
and
character device
In Unix-like operating systems, a device file or special file is an interface to a device driver that appears in a file system as if it were an ordinary file. There are also special files in DOS, OS/2, and Windows. These special files allow an ...
s (also called "special files"),
Unix domain socket
A Unix domain socket aka UDS or IPC socket ( inter-process communication socket) is a data communications endpoint for exchanging data between processes executing on the same host operating system. It is also referred to by its address family AF_U ...
s, and
named pipe
In computing, a named pipe (also known as a FIFO for its behavior) is an extension to the traditional pipe concept on Unix and Unix-like systems, and is one of the methods of inter-process communication (IPC). The concept is also found in OS/2 and ...
s. File descriptors can also refer to other objects that do not normally exist in the file system, such as
anonymous pipe
In computer science, an anonymous pipe is a simplex FIFO communication channel that may be used for one-way interprocess communication (IPC). An implementation is often integrated into the operating system's file IO subsystem. Typically a parent ...
s and
network socket
A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming ...
s.
The FILE data structure in the
C standard I/O library usually includes a low level file descriptor for the object in question on Unix-like systems. The overall data structure provides additional abstraction and is instead known as a ''file
handle
A handle is a part of, or attachment to, an object that allows it to be grasped and manipulated by hand. The design of each type of handle involves substantial ergonomic issues, even where these are dealt with intuitively or by following tra ...
.''
Operations on file descriptors
The following lists typical operations on file descriptors on modern
Unix-like
A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
systems. Most of these functions are declared in the
header, but some are in the
header instead.
Creating file descriptors
*
*
*
*
*
*
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (with flag CLONE_PIDFD, Linux)
* (Linux)
* (Linux)
Deriving file descriptors
*
*
Operations on a single file descriptor
*
*,
*,
*,
*,
*, (also used for sending FDs to other processes over a Unix domain socket)
*,
*,
*
*
*
*
*
*
*
*
*, (Linux)
*, (Linux)
* (Linux)
* (Linux)
* (Linux)
* (Linux)
* (with P_PIDFD ID type, Linux)
* (stdio function:converts file descriptor to FILE*)
* (stdio function: prints to file descriptor)
Operations on multiple file descriptors
*
,
*
,
*, , (Linux, takes a single epoll filedescriptor to wait on many other file descriptors)
*
(for Linux)
*
(for BSD-based systems).
*
*
, (for Linux)
* (for Linux)
* (for Linux)
Operations on the file descriptor table
The function is used to perform various operations on a file descriptor, depending on the command argument passed to it. There are commands to get and set attributes associated with a file descriptor, including and .
*
* (BSD and Solaris only; deletes all file descriptors greater than or equal to specified number)
* (duplicates an existing file descriptor guaranteeing to be the lowest number available file descriptor)
*, (Close fd1 if necessary, and make file descriptor fd1 point to the open file of fd2)
*
Operations that modify process state
* (sets the process's current working directory based on a directory file descriptor)
* (maps ranges of a file into the process's address space)
File locking
*
* and
*
Sockets
*
*
*
* (creates a new file descriptor for an incoming connection)
*
*
*
*
* (shuts down one or both halves of a full duplex connection)
Miscellaneous
*
(a large collection of miscellaneous operations on a single file descriptor, often associated with a device)
Upcoming operations
A series of new operations on file descriptors has been added to many modern Unix-like systems, as well as numerous C libraries, to be standardized in a future version of
POSIX
The Portable Operating System Interface (POSIX) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system- and user-level application programming interf ...
. The
at
suffix signifies that the function takes an additional first argument supplying a file descriptor from which
relative path
A path is a string of characters used to uniquely identify a location in a directory structure. It is composed by following the directory tree hierarchy in which components, separated by a delimiting character, represent each directory. The del ...
s are resolved, the forms lacking the
at
suffix thus becoming equivalent to passing a file descriptor corresponding to the current
working directory
In computing, the working directory of a process is a directory of a hierarchical file system, if any, dynamically associated with each process. It is sometimes called the current working directory (CWD), e.g. the BSD getcwd function, or just cur ...
. The purpose of these new operations is to defend against a certain class of
TOCTOU attacks.
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
File descriptors as capabilities
Unix file descriptors behave in many ways as
capabilities. They can be passed between processes across
Unix domain socket
A Unix domain socket aka UDS or IPC socket ( inter-process communication socket) is a data communications endpoint for exchanging data between processes executing on the same host operating system. It is also referred to by its address family AF_U ...
s using the
sendmsg()
system call. Note, however, that what is actually passed is a reference to an "open file description" that has mutable state (the file offset, and the file status and access flags). This complicates the secure use of file descriptors as capabilities, since when programs share access to the same open file description, they can interfere with each other's use of it by changing its offset or whether it is blocking or non-blocking, for example.
In operating systems that are specifically designed as capability systems, there is very rarely any mutable state associated with a capability itself.
A Unix process' file descriptor table is an example of a
C-list.
See also
*
fuser (Unix)
The Unix command fuser is used to show which processes are using a specified computer file, file system, or Unix socket.
Example
For example, to check process IDs and users accessing a USB drive:
$ fuser -m -u /mnt/usb1
/mnt/usb1: 1347c(root ...
*
lsof
lsof is a command meaning "list open files", which is used in many Unix-like systems to report a list of all open files and the processes that opened them. This open source utility was developed and supported by Victor A. Abell, the retired Asso ...
*
File Control Block
A File Control Block (FCB) is a file system structure in which the state of an open file is maintained. A FCB is managed by the operating system, but it resides in the memory of the program that uses the file, not in operating system memory. This ...
(FCB) - an alternative scheme in CP/M and early versions of DOS
References
{{Object-capability security
POSIX
Unix file system technology
de:Handle#Datei-Handle