A Look Inside Linux series
A series of short topics on how Linux works and how to make it work the way you want it to, which I present during the weekly sessions of the Linux User Net. The target audience is Hams who are new to Linux and want to know more about it, as well as experienced Linux users who can learn more about their chosen operating system. These are my notes for the presentations. (Russ, KC7MM)
Today we'll look at a system administration topic: Linux processes. In general the system takes care of processes quite nicely, and you don't have to think about them. However, there are a few occasions when having a little knowledge of processes can be extremely useful. So, let's dig in.
This topic involves the use of a number of Bash commands. In order to follow along, I urge you to open a terminal and type them in so you can see how they work.
When we looked at the architecture of Linux, we noted that it is a multi-user system: many users can work on the system at the same time. In order to make that happen, the system allocates a unique set of resources to each user, and prevents other users from accessing them. That way, each user can work independently, free of interference from others.
Clearly, having multiple concurrent users at work requires that the system be able to execute multiple programs simultaneously. In order to keep them independent and free of outside interference, each running program needs to have its own memory space, CPU access, and means of control.
In Linux, this is accomplished through the mechanism of a process.
Whenever a program is launched, the Linux system creates a new process in which it runs. The process has its own set of resources, as well as a unique identity for control purposes.
The process is alive as long as the program is running. Terminating the program kills the process, while terminating the process ends program execution.
Under most circumstances, you don't need to be concerned about processes. They're handled automatically by the system, and are invisible to the user.
They become of interest, though, when you need to attend to certain system conditions:
As I said earlier, the system runs processes out of sight of the users. If you need to look at which processes are running and what they are doing, Linux provides command-line utilities to facilitate that. If you want to follow along, open a terminal and type in the commands as I cover them.
ps with no arguments lists processes running by the current user in the current terminal.
ps -f gives the same list, but with more information on each process. This includes the user and the command that launched the process. This can be useful for troubleshooting.
ps -e lists all running processes – a very long list. Filter it with grep:
ps -e | grep firefox returns only processes matching “firefox”.
ps -ef | grep firefox gives the full data for each process, plus any child processes.
ps -ef | grep firefox, you can instead use:
pgrep -a firefox which returns the parent process for Firefox, with full data.
top displays a dynamic list of all running processes, with the most active at the top. It usually is installed by default, so you can expect it to be available. Exit by pressing the Q key.
htop produces a similar list, but with additional information. It shows CPU usage for each core, as well as a bar graph for memory use. You might have to install htop from your distro's repository. Again, press Q to exit.
kill 8723 terminates process 8723, along with any child processes.
pkill firefox terminates the all processes for Firefox. It's a good idea to run pgrep -a first, just to be sure it kills the process you want it to.
There's one group of processes that deserves a special look: services.
We can take a look at them in a terminal by running
ps -e | grep d$. This will return a list of all processes that end with the letter “d”. Most – but not all – of these are services. Some of them on my machine are:
If I were running server applications, they also would show up as daemons:
A quick way to check whether a service or server is running is to see whether it has a running process.