Working with Linux processes

Each time a program or command is run a process is created for it.  These processes are all unique and identified by the process identification (PID) which becomes allocated to it.  System processes, or daemons, are critical to keeping the system up and running or providing services to clients.  To work with processes we have two commands available to us.  The first is ps which can list information about processes helping us to manage them.  If using the ps command with no arguments it will just show the processes specific to the terminal that it is run in.  This isn’t very useful, so we can look at some of the commonly used arguments.

-e shows all processes
-u shows the user related to the process
-f shows full output
a shows all processes including other users
x shows processes without a controllering ttys

These particular arguements are important because they help you identify which processes are running, who they are ownered by, processes that normally aren’t seen (because they aren’t associated to a terminal), and other information.  The following is a partial example (because the output can be quite large):

$ps aux

Looking here you can see the header which details what the different columns mean.  You can also do ps -ef which will show the PPID column, representing the parent process.  While this output is useful there is always multiple ways to obtain information.  A second way to view process information, in more of “real time” use can use the top command.  Top is also interactive so once you launch it you can manipulate processes through different keys.

$top

As you can see here there is some extra information that you get with using top as well as being able to set the refreash rate for the program.  These are just two programs that you can use to view processes at the command line.  For those of you that like the GUI you can use the system monitor in Gnome (or launch gnome-system-monitor) or Ktop for the KDE environment.

If you would like specific information about processes there are two more commands that you should know.  The first is pidof, which takes a process name as a parameter.  It will return the PID of that particular process, however you must obviously know the name of the process in order to use this command.  Next we have pgrep that can be used to list all processes owned by a particular user using the -U argument or list all processes owned by a particular group using the -G argument.  Similar to pidof it will only list the PID of the processes.

$pidof sshd

2208 1982

$pgrep -U apache

2258
2259
2260
2261

Now that we have multiple ways to look up information about processes we shuold also know how to manage them.  everytime that a process is created it receives a priority, or nice value.  By default this value is set to 0, with -20 being the highest and +19 being the lowest.  Using our commands from above you can use ps -el to view a list of processes and also view their nice value.  If you want to create a process or launch a program with a different priority you can use the nice command.  If the program is already in execution then you can use the renice command to change it.

$nice –2 firefox #Launch the firefox program with a higher priority

$renice -5 2208 #Change priority of process 2208 from its current value to -5

The final part to processes is how to kill them.  Suppose you have a run away process that is hogging all the system resources or a process that no longer has a parent (called a zombie), you will need some way to stop them.  You can use the kill command for a single process ID or use the killall command if you want to use a program name.  This will kill the running process allowing you to recreate it or figure out what happened.

$killall apache #Kill all apache processes

Clearly process management is important for system stability and helping maintain server uptime as well.

Have fun 😀

originaly posted on: http://secnut.blogspot.com

Advertisements

3 Responses

  1. [EDIT]

    I made a mistake up there, meminfo is found in /proc and not in /etc the latter is used to store config files

    Alternatively, full information about memory and CPU can be acquired as follows

    cat /proc/cpuinfo
    cat /proc/meminfo

  2. Thanks for the comments Yasir, allways appreciated 😀

  3. Dont forget,

    typing ps axjf will return a process tree (in a hierarchical format)

    Nice guide. Regarding top, it displays real time memory usage by reading the file /etc/meminfo periodically 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: