Who's talking to whom?

One way to understand how your system works is to look at which programs talk to other programs.
Here's a graph showing all the processes on my system and their sockets:

(click for a larger image)

The notation is:

• Cyan node - a process
• White circle - a normal (connected) socket
• Text - a named socket (waiting for new connections)
• Yellow - a connection to a named socket (the "server" end of a connection)
• Red - a non-Unix-domain socket (probably a connection to the outside world)

The main hubs seem to be:

• X (all graphical applications must connect to the X server to display windows),
• The system dbus (the one connected to the X server), and
• xfce4-session (anything that needs to save state on logout).

Actually, there's an even bigger gathering around the "/tmp/seahorse-6d4bQD" socket. This bit is very odd,
because all the processes are sharing a single socket. I suspect there's a bug here somewhere and a process
has accidentally passed the socket to all of its children.

About sockets

Sockets are similar to pipes, but are more complex. A brief summary of sockets:

• A socket is one end of a communications channel.
• There are different types of socket. Most are used for communicating with
  other computers over a physical network, but there is a special kind called
  "Unix domain sockets" which are used for communication within a computer.
• To communicate, two sockets must be connected together. Data can then be sent
  in both directions.

There are three ways to get a connected socket:

• You can create a pair of sockets that are already connected, and then give
  one of them to someone else. In the diagram, this appears as two white sockets
  connected together (e.g. "dbus-daemon" in the top-left corner).
• You can bind a socket to an address and start accepting new incoming connections.
  This is a listening socket, represented by the text of its address. In the
  diagram "syslogd" has no connections, but is ready to accept one.
  Each time someone connects, a new socket is created to handle that connection.
  gconfd-2 is handling a number of existing connections (each yellow socket), as well as accepting new ones
  (on /tmp/orbit...).
• You can connect to a listening socket. This results in having your white socket
  connected to a new yellow socket at the other process.

Generating the graph

The main problem with making the image is that I couldn't find a way of finding out which
sockets were connected to which other sockets. In the end, I edited unix_seq_show() in
net/unix/af_unix.c in the Linux source to print "unix_peer(s)" in a new column.

Then, it's just a matter of parsing /proc/net/unix and /proc/*/fd/* to build the graph,
and sending it to neato for rendering.