Understanding Linux Processes from the Scratch Part-1

Overview :

A process is created in memory when a program or command is initiated. A unique identification number, known as the process identification (PID), is assigned to it and is used by the kernel to manage the process until the program or command it is associated with terminates. For example,when a user logs on to the system, the shell (which is a process) is started. Similarly, when a user executes a command or opens up an application, a process is created. Thus, a process is any program, application, or command that runs on the system.

Several processes are spawned at system boot up, many of which sit in the memory and wait for an event to trigger a request to use their service. These background system processes are called daemons and are critical to system functionality.

Viewing Processes

There are two commands commonly used to view currently running processes. These are ps (process status) and top.The ps command without any options or arguments, lists processes specific to the terminal where this command is run:

nextstep4it@localhost:~$ ps
  PID TTY          TIME CMD
17655 pts/0    00:00:00 bash
17703 pts/0    00:00:00 ps

The output has four columns that show the PID of the process in the first column, the terminal the process belongs to in the second column, the cumulative time the process is given by the system CPU in the third column, and the name of the actual command or program being executed in the last column.

Two options -e (every) and -f (full) are popularly used to generate detailed information on every process running on the system. There are a number of additional options available with the ps command. Check the man pages for details.

nextstep4it@localhost:~$ ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 Feb04 ?        00:00:03 /sbin/init
root         2     0  0 Feb04 ?        00:00:00 [kthreadd]
root         3     2  0 Feb04 ?        00:00:01 [ksoftirqd/0]
root         5     2  0 Feb04 ?        00:00:00 [kworker/0:0H]
root         7     2  0 Feb04 ?        00:00:21 [rcu_sched]
root         8     2  0 Feb04 ?        00:00:16 [rcuos/0]
.....................

The output shows more details about the running processes. Below Table describes the content type of each column.

Notice that in the ps output above there are scores of daemon processes running in the background that have no association with any terminals. Also notice the PID and PPID numbers. The smaller the number, the earlier it is started. The process with PID 0 is started first at system boot, followed by the process with PID 1, and so on. Each PID has an associated PPID in the 3 rd column. The owner of each process is also shown along with the name of the command or program.

Information about each running process is kept and maintained in a process table, which the ps and other commands read to display information.

The second method for viewing the process information is the “top command”, which also displays the CPU, memory, and swap utilization. A sample output from a running top session is shown below :

nextstep4it@localhost:~$ top

Press q or Ctrl+c to quit top.

Apart from the top command there are other command line utilities like htop & atop which can also be used to see process info , Memory & CPU utilization.

Sample Output both htop and atop are shown below :

nextstep4it@localhost:~$ htop

nextstep4it@localhost:~$ atop

Listing a Specific Process

The pidof command can be used to list the PID of a specific process if you know the name of the process. For example, to list the PID of the crond daemon, run the command as follows:

nextstep4it@localhost:~$ pidof cron
1209