Sockets

Implemented

• edged can expose Prometheus metrics over TCP with --prometheus-addr.

• edged exposes local control RPC over Unix socket (--control-socket, default /run/edged/ctl.sock).

• edgectl uses --socket (default /run/edged/ctl.sock) to call the control API.

• Relay transport interfaces are TCP-oriented in transport.Transport API (Listen, Accept, Connect).

Control Socket Lifecycle + Permissions

• Socket directory is created with 0700 if needed.

• Existing path is removed only if it is a socket; non-socket path is rejected.

• Socket node is created and chmod’ed to 0600 by default.

• On daemon shutdown, listener is closed and socket path is removed.

This model enforces local-only control access and avoids accidental takeover via stale filesystem objects.

Evidence

• edge/rpcv1/socket.go (ListenUnixSocket, SocketMode)

• edge/rpcv1/rpcv1_test.go (TestListenUnixSocketPermissions, TestListenUnixSocketRefusesRegularFile)

• edge/cmd/edged/main.go (control server setup + cleanup)

• edge/cmd/edgectl/main.go (--socket client usage)

• edge/transport/transport.go

See Also

• Transport Messages

• Configuration → Reference