What Is .sock

Content on WhatAnswers is provided "as is" for informational purposes. While we strive for accuracy, we make no guarantees. Content is AI-assisted and should not be used as professional advice.

Last updated: April 11, 2026

Quick Answer: A .sock file is a Unix domain socket, a special file used for inter-process communication (IPC) on Unix-like systems since the 4.2BSD release in 1983. These sockets enable local process-to-process communication approximately 25-50% faster than TCP sockets by eliminating network protocol overhead. They are essential infrastructure for Docker, databases like PostgreSQL and MySQL, web servers, and system services like systemd.

Key Facts

Unix domain sockets were introduced in 4.2BSD Unix in 1983 as part of the Berkeley Software Distribution
Docker has used /var/run/docker.sock as the default socket endpoint since its 2013 release, becoming the standard for container communication
Unix domain sockets perform 25-50% faster than TCP sockets for local machine communication due to reduced kernel overhead
PostgreSQL, MySQL, Nginx, and systemd all depend on .sock files for core inter-process communication functionality
Access control for .sock files uses standard Unix file permissions (owner, group, world), enabling precise privilege separation

Overview

A .sock file, formally known as a Unix domain socket, is a special type of socket used for inter-process communication (IPC) on Unix-like operating systems including Linux, macOS, and BSD systems. Unlike traditional network sockets that use TCP/IP protocols and communicate over network interfaces, Unix domain sockets operate entirely within the kernel's file system, allowing processes running on the same machine to exchange data with greater efficiency and lower latency. These socket files typically appear in system directories such as /var/run/, /tmp/, or application-specific directories, and they function as named communication endpoints that enable bidirectional data exchange between processes.

The .sock file format emerged from the 4.2BSD Unix release in 1983 as a fundamental component of Unix interprocess communication standards. Today, they are essential infrastructure for countless modern applications including containerization platforms like Docker, database servers such as MySQL and PostgreSQL, web servers like Nginx and Apache, and system services including D-Bus and systemd. The widespread adoption of Unix domain sockets reflects their superior performance characteristics compared to network-based alternatives, making them the preferred choice for local machine communication in production environments across virtually all Unix-like systems.

How It Works

Unix domain sockets operate through a straightforward mechanism that leverages the file system as a communication endpoint. When a server application creates a .sock file, it establishes a listening socket bound to that file path, effectively opening a communication channel. Client applications can then connect to this socket file by specifying its path, similar to how they would establish network connections. The kernel manages the underlying communication, handling data transfer between connected processes transparently.

Socket Creation: A server process creates a Unix domain socket and binds it to a file path (e.g., /var/run/docker.sock), registering itself as a listener that accepts incoming connections from other processes on the same machine.
Client Connection: Client processes locate the socket file by its known path and establish connections to it, enabling them to send and receive data through the established socket channel without any network involvement.
Data Transfer: Once connected, processes exchange data through the socket using standard read/write operations, with the kernel handling all underlying data buffering, delivery, and queue management automatically.
File Permissions: Access control is managed through standard Unix file permissions (owner, group, world read/write/execute), allowing administrators to restrict which processes can communicate through specific sockets with granular precision.
Connection Cleanup: When applications close their connections or terminate, the kernel automatically cleans up associated resources, and the socket file can be removed by the system to free file system space.

Key Comparisons

Understanding how Unix domain sockets compare to alternative communication methods helps explain their widespread adoption in modern systems and development practices.

Characteristic	Unix Domain Sockets	TCP/IP Sockets	Named Pipes (FIFO)
Communication Scope	Same machine only	Same machine or network	Same machine only
Performance	25-50% faster for local operations	Higher latency due to network stack overhead	Similar performance to .sock but less flexible
Port Management	No port allocation required	Requires explicit port binding and management	No port concept applies
Security Model	File system permissions and peer credentials	Network firewall rules and application-level auth	File system permissions only
Common Use Cases	Docker, databases, system services, caching	Web services, distributed systems, microservices	Legacy IPC, simple inter-process pipelines

Why It Matters

Performance Critical Systems: The 25-50% performance advantage makes Unix domain sockets essential for high-throughput local communication in database servers, caching systems, and message brokers handling millions of operations per second.
Docker and Containerization: Docker's architecture fundamentally depends on /var/run/docker.sock for container management, making understanding .sock files essential knowledge for anyone working with containers and orchestration platforms.
Security and Isolation: File system-based access control allows system administrators to precisely manage which users and processes can access specific services, reducing attack surface and improving privilege separation significantly.
System Service Communication: Modern Linux systems including systemd, D-Bus, and PulseAudio rely exclusively on Unix domain sockets for service-to-service communication, making them fundamental to operating system architecture.
Zero Network Overhead: By eliminating the entire network protocol stack, Unix domain sockets avoid network overhead, context switching, and buffer copying operations required by network-based communication methods.

Unix domain sockets represent a critical but often overlooked component of modern system architecture. Their superior performance, simpler security model, and file system integration make them the standard choice for local inter-process communication across virtually all Unix-like systems. Whether you're managing Docker containers, developing database applications, or administering system services, understanding .sock files and their operational characteristics is essential for building efficient, secure, and maintainable systems. As containerization and microservices architectures continue to dominate software development, the importance of Unix domain sockets will only continue to grow.