KC7MM Wiki

Amateur Radio with KC7MM

User Tools

Site Tools


A Look Inside Linux series

A series of short topics on how Linux works and how to make it work the way you want it to, which I present during the weekly sessions of the Linux User Net. The target audience is Hams who are new to Linux and want to know more about it, as well as experienced Linux users who can learn more about their chosen operating system. These are my notes for the presentations. (Russ, KC7MM)

19. Working with Processes in Linux

Today we'll look at a system administration topic: Linux processes. In general the system takes care of processes quite nicely, and you don't have to think about them. However, there are a few occasions when having a little knowledge of processes can be extremely useful. So, let's dig in.

This topic involves the use of a number of Bash commands. In order to follow along, I urge you to open a terminal and type them in so you can see how they work.

What is a Linux process?

When we looked at the architecture of Linux, we noted that it is a multi-user system: many users can work on the system at the same time. In order to make that happen, the system allocates a unique set of resources to each user, and prevents other users from accessing them. That way, each user can work independently, free of interference from others.

Clearly, having multiple concurrent users at work requires that the system be able to execute multiple programs simultaneously. In order to keep them independent and free of outside interference, each running program needs to have its own memory space, CPU access, and means of control.

In Linux, this is accomplished through the mechanism of a process.

Whenever a program is launched, the Linux system creates a new process in which it runs. The process has its own set of resources, as well as a unique identity for control purposes.

The process is alive as long as the program is running. Terminating the program kills the process, while terminating the process ends program execution.

Why should I care?

Under most circumstances, you don't need to be concerned about processes. They're handled automatically by the system, and are invisible to the user.

They become of interest, though, when you need to attend to certain system conditions:

  • A program that has locked up
  • System performance tuning
  • Running programs in a terminal

How to view processes

As I said earlier, the system runs processes out of sight of the users. If you need to look at which processes are running and what they are doing, Linux provides command-line utilities to facilitate that. If you want to follow along, open a terminal and type in the commands as I cover them.

  1. ps returns a list of processes:
    • ps with no arguments lists processes running by the current user in the current terminal.
    • ps -f gives the same list, but with more information on each process. This includes the user and the command that launched the process. This can be useful for troubleshooting.
    • ps -e lists all running processes – a very long list. Filter it with grep: ps -e | grep firefox returns only processes matching “firefox”.
    • ps -ef | grep firefox gives the full data for each process, plus any child processes.
  2. pgrep is a shortcut for finding any running process. Instead of typing ps -ef | grep firefox, you can instead use:
    • pgrep -a firefox which returns the parent process for Firefox, with full data.
  3. top and htop give a dynamic view of processes as they are running. You can see how much memory and CPU time they're consuming, among other things.
    • top displays a dynamic list of all running processes, with the most active at the top. It usually is installed by default, so you can expect it to be available. Exit by pressing the Q key.
    • htop produces a similar list, but with additional information. It shows CPU usage for each core, as well as a bar graph for memory use. You might have to install htop from your distro's repository. Again, press Q to exit.

What can I do with processes?

  1. Troubleshoot system problems. Linux running on a computer is a large and complex system. Things can malfunction in various ways. Looking at processes can be useful in finding out what is going wrong.
    • Frozen applications. You know that a program has locked up. You can remedy that by identifying its main process, then terminating it.
    • Slow system response. An application can be a resource hog, monopolizing CPU or memory usage. This can happen by design or malfunction. top or htop can let you see what's going on so you can take appropriate measures to deal with it.
  2. Terminate troublesome processes.
    • kill terminates a process, by issuing it with the process id as the argument:
      • kill 8723 terminates process 8723, along with any child processes.
    • pkill id the companion to pgrep, and has the same syntax:
      • pkill firefox terminates the all processes for Firefox. It's a good idea to run pgrep -a first, just to be sure it kills the process you want it to.
  3. Control how programs run in a terminal session
    • They can be run with relative priorities and visibility.
    • Useful for programming and writing shell scripts.

What are all those processes with names that end with the letter “d”?

There's one group of processes that deserves a special look: services.

  • These are programs that are initiated at startup and run continuously as long as the computer runs.
  • They run in the background and perform many of the functions that make the operating system useful, such a bluetooth, printing, login.
  • The alternate name for service processes in the Unix/Linux world is daemon. By convention, the name of daemon processes end with the letter “d”.

We can take a look at them in a terminal by running ps -e | grep d$. This will return a list of all processes that end with the letter “d”. Most – but not all – of these are services. Some of them on my machine are:

  • cupsd for printing
  • bluetoothd for Bluetooth
  • systemd for…systemd
  • systemd-udevd for device management

If I were running server applications, they also would show up as daemons:

  • sshd for Secure Shell
  • dockerd for Docker
  • nfsd for Network File System
  • httpd for Apache Web server

A quick way to check whether a service or server is running is to see whether it has a running process.

Summing up

  1. In order to function as a multi-user system, every program in Linux is run in a process.
  2. Each process is allocated the computer resources needed to run the program, and to isolate it from other programs.
  3. There are multiple ways of viewing processes, each producing different information about them.
  4. A misbehaving process can be terminated with the kill command.
  5. The process name for service and server programs usually ends with the letter “d”, for “daemon”.

Return to series index

linuxusernet/inside_linux/processes.txt · Last modified: 2022/05/17 20:12 by KC7MM