What are processes in Unix / Linux?
One of the defining features of Unix / Linux is the ability to run multiple programs simultaneously. The Operating System considers each unit of code it controls as a process . A program can consist of many processes combined. For the Operating System, the processes of the same activity share the CPU speed, sharing memory and other system resources. Processes are routinely coordinated by the Operating System.
And as a system programmer, a system admin or a DevOps … most of the time you will have to work on a Unix / Linux system. To work on Unix / Linux, we interact with the operating system through commands (commands). Each command on Unix / Linux when executed will run a process or a group of processes. In this article, I will introduce you to the basic knowledge and skills to manage processes on a Unix / Linux system.
Terminology
- PID
Each process has a unique PID (Process Identify) in the entire system at the time the process is running.
- PPID
Each process has a parent process with an identifier PPID (Parent process identify). Child processes are usually started by a parent process. A parents process can have many child processes but a child process has only one parents process.
- init
The Init process is the first process that is started after you have selected the operating system in the boot loader. In the process tree, init process is the parent of other processes. Init process has the following characteristics: + PID = 1 + Cannot kill init process
- kill
When a process stops running, that process dies. When you want a process to die, you have to kill it.
- daemon
A daemon process is a background process. These processes are started at system boot and will continue to be run forever.
- zombie
Zombie is actually a remnant of a process that has stopped working but has not been cleaned up. And, yes, zombie means zombie means that process is dead and you cannot “kill” it again. Programs after exiting leave the Zombie process, it means that the program is not well programmed.
Process management in basic linux
- $$ and $ PPID
Some shell environment variables contain information about processes. The variable $$ will hold your current process ID and the $ PPID contains the primary PID. Actually $$ is a shell parameter and not a variable, you cannot assign a value to it. Below, I use the echo command to display the values of $$ and $ PPID .
1 2 3 | thanhthu ~ $ echo $$ $PPID 15029 15014 |
- pidof
With the pidopf command, you can search all process ids by name.
1 2 3 | thanhthu ~ $ pidof caddy 17490 8361 |
- parent and child
Parent-child relationship processes. All processes have a parent process. When starting a new bash, you can use echo to verify that the previous pid is the ppid of the new shell. The child process from above is now the parent process.
1 2 3 4 | thanhthu ~ $ bash thanhthu ~ $ echo $$ $PPID 16150 15029 |
Enter exit to terminate the current process and view the values of $$ and $PPID
1 2 3 4 5 6 7 | thanhthu ~ $ bash thanhthu ~ $ echo $$ $PPID 16150 15029 thanhthu ~ $ exit thanhthu ~ $ echo $$ $PPID 15029 15014 |
- fork and exec
One process starts another in two phases. The process first creates a fork of itself, exactly the same. The branched process then executes an exec to replace the branched process with the child process.
1 2 3 4 5 6 7 | thanhthu ~ $ echo $$ 15029 thanhthu ~ $ bash thanhthu ~ $ echo $$ $PPID 7437 15029 thanhthu ~ $ |
- exec With the exec command, you can execute a process without creating a new process. In the example below, the Korn shell (ksh) is started and is being replaced by a bash shell using the exec command. The pid of the bash shell is the same as that of the Korn shell. Exiting the child bash shell will take me back to the parent bash shell, not back to the Korn shell (does not exist anymore).
1 2 3 4 5 6 7 8 9 10 11 12 13 | thanhthu ~ $ echo $$ 15029 # PID of bash thanhthu ~ $ ksh $ echo $$ $PPID 5343 15029 # PID of ksh and bash $ exec bash thanhthu ~ $ echo $$ $PPID 5343 15029 # PID of bash and bash thanhthu ~ $ exit exit thanhthu ~ $ echo $$ 15029 |
- ps
One of the most popular tools on Linux for viewing processes is ps. The following example shows the paternity between three bash processes.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | thanhthu ~ $ echo $$ $PPID 4224 4223 thanhthu ~ $ bash thanhthu ~ $ echo $$ $PPID 4866 4224 thanhthu ~ $ bash thanhthu ~ $ echo $$ $PPID 4884 4866 thanhthu ~ $ ps fx PID TTY STAT TIME COMMAND 4223 ? S 0:01 sshd: <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> /0 4224 pts/0 Ss 0:00 _ -bash 4866 pts/0 S 0:00 _ bash 4884 pts/0 S 0:00 _ bash 4902 pts/0 R+ 0:00 _ ps fx thanhthu ~ $ exit exit thanhthu ~ $ ps fx PID TTY STAT TIME COMMAND 4223 ? S 0:01 sshd: <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> /0 4224 pts/0 Ss 0:00 _ -bash 4866 pts/0 S 0:00 _ bash 4903 pts/0 R+ 0:00 _ ps fx thanhthu ~ $ exit exit thanhthu ~ $ ps fx PID TTY STAT TIME COMMAND 4223 ? S 0:01 sshd: <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> /0 4224 pts/0 Ss 0:00 _ -bash 4904 pts/0 R+ 0:00 _ ps fx thanhthu ~ $ |
On Linux, ps fax is the most commonly used command. On Solaris ps -ef (which also works on Linux) is the most common command. This is an output from the ps fax command
1 2 3 4 5 6 7 8 9 10 | thanhthu ~ $ ps fax PID TTY STAT TIME COMMAND 1 ? S 0:00 init [5] ... 3713 ? Ss 0:00 /usr/sbin/sshd 5042 ? Ss 0:00 _ sshd: paul [priv] 5044 ? S 0:00 _ sshd: <a class="__cf_email__" href="/cdn-cgi/l/email-protection">[email protected]</a> /1 5045 pts/1 Ss 0:00 _ -bash 5077 pts/1 R+ 0:00 _ ps fax |
- pgrep
Similar to ps -C , you can also use pgrep to search for a process by its command name
1 2 3 4 5 6 7 8 | thanhthu ~ $ sleep 1000 & [1] 32558 thanhthu ~ $ pgrep sleep 32558 thanhthu ~ $ ps -C sleep PID TTY TIME CMD 32558 pts/3 00:00:00 sleep |
You can also list the process command name with pgrep
1 2 3 | thanhthu ~ $ pgrep -l sleep 9661 sleep |
- top
Another popular tool on Linux is the top . top can sort processes by cpu, usage, or other attributes. You can also kill top processes.
Main parameters for command top + -h – Show current version + -c – This parameter converts the command column state from command display to show program name and vice versa + -d – Specify time screen refresh delay + -o – Sort by field named + -p – Show only processes with specified ID + -u – Show only processes of specified user + – i – Do not display idle tasks
In addition, while the top command is running, you can turn many features on and off, changing their appearance by pressing the relevant keys. There are many more parameters for the top command. You can read more about them using the command man top command man top .
Conclusion
Above, I just shared the basic skills, the commands commonly used to manage processes on Unix / Linux operating systems. In the next section, I will work with you to continue to find out about process communication on Linux.
Hope you guys will continue to follow, comment and support me!