Linux Process Management - The Easy Way

thecrystalcave

Code Drug

Posted on February 20, 2024

Linux Process Management - The Easy Way

A Linux process is an instance of a program in execution. When you open an application or run a command on your Linux system, a process is created to carry out that specific task. Each process operates independently with its own set of resources, including memory, CPU time, and open files.

Image description

  • Each process has a process id also called as PID
  • Every process has a parent process called as PPID

Child process is often started by the parent process

init process (runit,systemd,openrc,s6,dinit) have PID as 1, i.e it is the first process that boot your Linux system. If you don't know about what init in your system it's systemd

Image description

When you want a process to die you can kill it.

Image description

Process that starts at system startup and keeps on running forever are called daemon. The daemon never dies

Image description

When a process is killed but it is still showing up in the system then that process is known as zombie. You can't kill zombie coz they are already dead Zombie processes never occupy the resources like CPU or RAM, only an entry remains in the process but these process are already killed.

Syntax

ps [options]
Enter fullscreen mode Exit fullscreen mode

options we will check in a while. But what if we just type

ps
Enter fullscreen mode Exit fullscreen mode

Image description

We will can see two processes one is current shell and another one is the ps command itself that we just entered.

  • PID is the process ID (every process has unique id)
  • TTY is the terminal type of user logged into.
  • TIME is amount of CPU in min and sec that process has been running.
  • CMD is name of the command that launch the process

To check the process id of your shell

prints the PID of your shell

echo $$
Enter fullscreen mode Exit fullscreen mode

Image description


prints PID with the process name

ps -C bash
Enter fullscreen mode Exit fullscreen mode

Image description

Print the process id of the parent

echo $PPID
Enter fullscreen mode Exit fullscreen mode

Not only print the process id of current shell, but the process id of it's parent as well.

echo $$ $PPID
Enter fullscreen mode Exit fullscreen mode

Image description

first id is current and second id is parent id

Check the level of the shell

echo $SHLVL
Enter fullscreen mode Exit fullscreen mode

Image description

3 is the level of the shell

The parent will always have less number as PID, coz parent came first. (parent will start the child process, so always the PID of parent is less in number.)

pidof command

Find the process ID of a running program

pidof bash
Enter fullscreen mode Exit fullscreen mode

Image description

Remember we discussed about init process that PID is 1 as it is the first process executes when we power on the machine, in my case i am running runit as my init , in your case it will be systemd

pidof runit
Enter fullscreen mode Exit fullscreen mode

Image description


When a process starts another process in two phases First the process create a fork of itself then a identical copy, then the fork process executes and exec to replace fork process with the target child process.

Image description

IK, lol we will see what that even mean with that following example

In bash shell

echo $$
echo $$ $PPID
Enter fullscreen mode Exit fullscreen mode

Image description

Switch to zsh or any other shell

echo $$
echo $$ $PPID
exec bash
echo $$ $PPID
Enter fullscreen mode Exit fullscreen mode

Image description


To see all the processes in system

ps fx
Enter fullscreen mode Exit fullscreen mode

Image description

  • PID : Process ID
  • TTY : Terminal from where the process has started
  • STAT : State and Signals (High/Low priorities,Stop/Idle conditions)
  • TIME : Time
  • COMMAND : The command for which that process has started

To check a particular process

ps fx | grep bash
Enter fullscreen mode Exit fullscreen mode

With some options

ps -ef
Enter fullscreen mode Exit fullscreen mode

Image description

We will see output in different format

Get the process id

Directly grep the process

pgrep bash
Enter fullscreen mode Exit fullscreen mode

Image description


We can even see the processes in tree format.

Image description

To check the process in tree format

Process there child along with how many processes in tree format

pstree
Enter fullscreen mode Exit fullscreen mode

Now, let see with p option

pstree -p 
Enter fullscreen mode Exit fullscreen mode

option -p will show the PID with tree format

To check the process with respect to user

For which user,which process is running

pstree -p -u username
Enter fullscreen mode Exit fullscreen mode
  • -p option means the PID
  • -u option means the user

Check the details of particular process

sleep process will run on background

sleep 200 &
Enter fullscreen mode Exit fullscreen mode

-p option means PID, -s option means process and the number is the PID of sleep which is running on background

pstree -p -s 8379
Enter fullscreen mode Exit fullscreen mode
ps -C sleep
Enter fullscreen mode Exit fullscreen mode

To kill the process

kill 8379
Enter fullscreen mode Exit fullscreen mode

Now, if we check the state of that process

ps fx | grep 8379
Enter fullscreen mode Exit fullscreen mode

Image description


  • D : uninterruptible sleep (usually IO)
  • R : running or runnable (on run queue)
  • S : interruption sleep (warning for an event to complete
  • T : stopped, either by a job control signal or because it is being traced
  • W : paging (not valid since the 2.6.X.X kernal)
  • X : dead (should never be seen)
  • Z : defunct (zombie) process, terminated but not repead by it parent
  • I : idle state

Here are the different values that the s, stat and state output specifies (header "STAT" or "S") will display to describe the state of process

For BSD formats & when the state keyword is used,additional characters may display

  • < high priority (not nice to other user)
  • N low priority (nice to other users)
  • L has pages locked into memory (for real-time & custom IO)
  • s is a session leader
  • l is multi-threaded (using CLONE_THREAD, like NPTL thread)
  • is in the foreground process group

Kill process

Image description

sleep 80 &
Enter fullscreen mode Exit fullscreen mode
jobs
Enter fullscreen mode Exit fullscreen mode
ps -C sleep
Enter fullscreen mode Exit fullscreen mode
kill 9439
Enter fullscreen mode Exit fullscreen mode
jobs
Enter fullscreen mode Exit fullscreen mode

Image description

Signals in kill command

There are many signals in kill, to list all

kill -l
Enter fullscreen mode Exit fullscreen mode

Image description

By default kill means kill -15

Let, us see the most used signals one by one

1 SIGHUP : The process should re-read it's configuration file.

kill -1 1
Enter fullscreen mode Exit fullscreen mode

This command will re-read init (runit in my case) conf. file

Image description

15 SIGTERM : When we run kill command that means kill -15 (standard kill)

sleep 100 &
Enter fullscreen mode Exit fullscreen mode
kill -15 10386
Enter fullscreen mode Exit fullscreen mode

or kill 10386

ps -C sleep
Enter fullscreen mode Exit fullscreen mode

Image description

Image description

When we kill some process normally, few process did't got killed. So, we kill them from kernel itself.

9 SIGKILL : To kill the process from kernel (sure kill)
The kernel will shoot down the process and as a developer you have no means to intercept a kill -9 signal

sleep 120 &
Enter fullscreen mode Exit fullscreen mode
kill -9 10572
Enter fullscreen mode Exit fullscreen mode
ps -C sleep
Enter fullscreen mode Exit fullscreen mode

Image description

In TTY we can see Killed , Terminate and Killed are not same

Now, it's not so much in use but in case you have to see the system calls

It, may not installed by default in some distros

strace

sleep 120 &
Enter fullscreen mode Exit fullscreen mode
strace -p 7430
Enter fullscreen mode Exit fullscreen mode
kill -9 7430
Enter fullscreen mode Exit fullscreen mode
strace -p 7430
Enter fullscreen mode Exit fullscreen mode

18 SIGCONT : To start any process
19 SIGSTOP : To stop the process (we can resume it later)

sleep 280 &
Enter fullscreen mode Exit fullscreen mode

process stopped

kill -19 10744
Enter fullscreen mode Exit fullscreen mode

process started

kill -18 10744
Enter fullscreen mode Exit fullscreen mode
ps -C sleep
Enter fullscreen mode Exit fullscreen mode

Image description


Kill a process it's name (pkill)

sleep 160 &
Enter fullscreen mode Exit fullscreen mode
sleep 280 &
Enter fullscreen mode Exit fullscreen mode
pkill sleep
Enter fullscreen mode Exit fullscreen mode
jobs
Enter fullscreen mode Exit fullscreen mode
ps -C sleep
Enter fullscreen mode Exit fullscreen mode

Image description

No sleep processes running all sleep process are killed

Kill Multiple processes (killall)

sleep 120 &
Enter fullscreen mode Exit fullscreen mode
sleep 200 &
Enter fullscreen mode Exit fullscreen mode

In new terminal

top
Enter fullscreen mode Exit fullscreen mode
killall sleep top
Enter fullscreen mode Exit fullscreen mode

Image description


That's all you need to manage Linux processes :)

Image description

💖 💪 🙅 🚩
thecrystalcave
Code Drug

Posted on February 20, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related