How to manage processes in Linux

A process is an abstraction used by the Linux operating system to represent a running program. Every Linux process consists of an address space and a set of data structures in the server kernel. The address space contains code and libraries when a process is running, process variables, its stacks, and other additional information needed by the kernel while the process is running.

  1. PID is a unique, named identification number assigned by the kernel to each process. PID are assigned in the order in which processes are created.
  2. UID is the identification number of the user who created it.
  3. EUID is an “effective” user identifier used to determine which resources and process files have permission to access at any given moment. In general, the UID and EUID are the same, except for programs, which are setuid.
  4. GID it is a group of process identification numbers. The EGID is linked to the GID in the same way that the EUID is linked to the UID. In short, a process can be a member of many groups at the same time.

Some basic commands for managing Linux processes are listed below:

1. ps Is one of the main Linux sysadmin commands used to monitor processes. While the various PS versions differ in their arguments and display, they all provide the same information. The ps command output can show the PID, UID, priority, and control terminal of processes. It also gives information about how much CPU time it is consuming, how much memory the process is using, and its current state (state).

Process approves codes:

  • R – run – the process is running / can be executed.
  • D – a source of uninterrupted sleep
  • S – sleep interruption – the process is waiting for some event to complete
  • T – traced or stopped
  • Z – Zombie is a non-existent process, an interrupted process, but still hangs in the kernel table process, because the parent of this process has not yet set the exit status of this process.

Here is a sample output ps aux on CentOS 7 VPS:

[[email protected] ~]# ps aux                                                                                                                                     
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND                                                                                      
root         1  0.0  0.2 190656  2116 ?        Ss   Mar16   1:01 /usr/lib/systemd/systemd --switched-root --system --deserialize 21                           
root         2  0.0  0.0      0     0 ?        S    Mar16   0:00 [kthreadd]                                                                                   
root         3  0.0  0.0      0     0 ?        S    Mar16   0:38 [ksoftirqd/0]                                                                                
root         5  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kworker/0:0H]                                                                               
root         7  0.0  0.0      0     0 ?        S    Mar16   0:00 [migration/0]                                                                                
root         8  0.0  0.0      0     0 ?        S    Mar16   0:00 [rcu_bh]                                                                                     
root         9  0.0  0.0      0     0 ?        S    Mar16   4:57 [rcu_sched]                                                                                  
root        10  0.0  0.0      0     0 ?        S    Mar16   0:03 [watchdog/0]                                                                                 
root        11  0.0  0.0      0     0 ?        S    Mar16   0:02 [watchdog/1]                                                                                 
root        12  0.0  0.0      0     0 ?        S    Mar16   0:01 [migration/1]                                                                                
root        13  0.0  0.0      0     0 ?        S    Mar16   0:52 [ksoftirqd/1]                                                                                
root        17  0.0  0.0      0     0 ?        S<   Mar16   0:00 [khelper]                                                                                    
root        18  0.0  0.0      0     0 ?        S    Mar16   0:00 [kdevtmpfs]                                                                                  
root        19  0.0  0.0      0     0 ?        S<   Mar16   0:00 [netns]                                                                                      
root        20  0.0  0.0      0     0 ?        S    Mar16   0:00 [khungtaskd]                                                                                 
root        21  0.0  0.0      0     0 ?        S<   Mar16   0:00 [writeback]                                                                                  
root        22  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kintegrityd]                                                                                
root        23  0.0  0.0      0     0 ?        S<   Mar16   0:00 [bioset]                                                                                     
root        24  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kblockd]                                                                                    
root        25  0.0  0.0      0     0 ?        S<   Mar16   0:00 [md]                                                                                         
root        31  0.0  0.0      0     0 ?        S    Mar16   4:51 [kswapd0]                                                                                    
root        32  0.0  0.0      0     0 ?        SN   Mar16   0:00 [ksmd]                                                                                       
root        33  0.0  0.0      0     0 ?        SN   Mar16   0:02 [khugepaged]                                                                                 
root        34  0.0  0.0      0     0 ?        S    Mar16   0:00 [fsnotify_mark]                                                                              
root        35  0.0  0.0      0     0 ?        S<   Mar16   0:00 [crypto]                                                                                     
root        43  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kthrotld]                                                                                   
root        44  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kmpath_rdacd]                                                                               
root        46  0.0  0.0      0     0 ?        S<   Mar16   0:00 [kpsmoused]                                                                                  
root        47  0.0  0.0      0     0 ?        S<   Mar16   0:00 [ipv6_addrconf]                                                                              
root        66  0.0  0.0      0     0 ?        S<   Mar16   0:00 [deferwq]                                                                                    
root        99  0.0  0.0      0     0 ?        S    Mar16   0:00 [kauditd]                                                                                    
root       222  0.0  0.0      0     0 ?        S<   Mar16   0:00 [ata_sff] 
...

Brief explanation of the output ‘ps aux‘:

  • USER – username of the current process
  • PID – Process ID.
  • % CPU – The percentage of CPU utilization for a particular process.
  • % MEM – The percentage of real memory used by a particular process.
  • VSZ – virtual process size
  • RSS – Resident Size (Number of pages in memory)
  • TTY – control terminal ID
  • STAT – Current state of the process
  • START – command start time
  • TIME is the time the process consumes the CPU.
  • COMMAND – name and command line arguments

2. pstree – the command displays processes in the form of a tree:

[[email protected] ~]# pstree                                                                                                                                     
systemd─┬─NetworkManager───2*[{NetworkManager}]                                                                                                               
        ├─agetty                                                                                                                                              
        ├─atd                                                                                                                                                 
        ├─auditd───{auditd}                                                                                                                                   
        ├─core───6*[{core}]                                                                                                                                   
        ├─core───3*[{core}]                                                                                                                                   
        ├─crond───freshclam-sleep───sleep                                                                                                                     
        ├─crond                                                                                                                                               
        ├─dbus-daemon                                                                                                                                         
        ├─fail2ban-server───8*[{fail2ban-server}]                                                                                                             
        ├─firewalld───{firewalld}                                                                                                                             
        ├─httpd─┬─10*[httpd]                                                                                                                                  
        │       └─httpd───httpd───php                                                                                                                         
        ├─ihttpd───shellinaboxd───shellinaboxd─┬─ispmgr.6fc55a51───bash───top                                                                                 
        │                                      └─ispmgr.6fc55a51───bash───pstree                                                                              
        ├─irqbalance                                                                                                                                          
        ├─mysqld_safe───mysqld───28*[{mysqld}]                                                                                                                
        ├─named───4*[{named}]                                                                                                                                 
        ├─nginx───2*[nginx]                                                                                                                                   
        ├─ntpd                                                                                                                                                
        ├─polkitd───5*[{polkitd}]                                                                                                                             
        ├─rsyslogd───2*[{rsyslogd}]                                                                                                                           
        ├─sshd───sshd───sshd───sftp-server                                                                                                                    
        ├─systemd-journal                                                                                                                                     
        ├─systemd-logind                                                                                                                                      
        ├─systemd-udevd                                                                                                                                       
        └─tuned───4*[{tuned}]

3. top – Another way to find out what processes are running on the server:

top - 12:07:24 up 6 days,  7:30,  1 user,  load average: 0.61, 0.32, 0.22                                                                                     
Tasks: 112 total,   1 running, 111 sleeping,   0 stopped,   0 zombie                                                                                          
%Cpu(s): 28.1 us,  4.5 sy,  0.0 ni, 65.5 id,  1.5 wa,  0.0 hi,  0.3 si,  0.0 st                                                                               
KiB Mem :  1016388 total,   308200 free,   369696 used,   338492 buff/cache                                                                                   
KiB Swap:  2097148 total,  1704100 free,   393048 used.   439256 avail Mem                                                                                    

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND                                                                                  
25476 mysql     20   0 1512488 117216   3604 S   2.3 11.5  64:27.15 mysqld                                                                                    
  870 apache    20   0   67120   8272   1772 S   1.0  0.8  21:28.85 nginx                                                                                     
 4083 andreyex  20   0  338368  91508  10040 S   0.7  9.0   0:00.95 php                                                                                       
    9 root      20   0       0      0      0 S   0.3  0.0   4:57.99 rcu_sched                                                                                 
   13 root      20   0       0      0      0 S   0.3  0.0   0:52.78 ksoftirqd/1                                                                               
  806 root      20   0  140440   5176   2264 S   0.3  0.5   0:50.94 ihttpd                                                                                    
    1 root      20   0  190656   2040   1168 S   0.0  0.2   1:01.73 systemd                                                                                   
    2 root      20   0       0      0      0 S   0.0  0.0   0:00.11 kthreadd                                                                                  
    3 root      20   0       0      0      0 S   0.0  0.0   0:38.29 ksoftirqd/0                                                                               
    5 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 kworker/0:0H                                                                              
    7 root      rt   0       0      0      0 S   0.0  0.0   0:00.93 migration/0                                                                               
    8 root      20   0       0      0      0 S   0.0  0.0   0:00.00 rcu_bh                                                                                    
   10 root      rt   0       0      0      0 S   0.0  0.0   0:03.03 watchdog/0                                                                                
   11 root      rt   0       0      0      0 S   0.0  0.0   0:02.60 watchdog/1                                                                                
   12 root      rt   0       0      0      0 S   0.0  0.0   0:01.96 migration/1                                                                               
   17 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 khelper                                                                                   
   18 root      20   0       0      0      0 S   0.0  0.0   0:00.00 kdevtmpfs                                                                                 
   19 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 netns                                                                                     
   20 root      20   0       0      0      0 S   0.0  0.0   0:00.19 khungtaskd                                                                                
   21 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 writeback                                                                                 
   22 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 kintegrityd                                                                               
   23 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 bioset                                                                                    
   24 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 kblockd                                                                                   
   25 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 md                                                                                        
   31 root      20   0       0      0      0 S   0.0  0.0   4:51.66 kswapd0                                                                                   
   32 root      25   5       0      0      0 S   0.0  0.0   0:00.00 ksmd   
...

4. kill – the command is most often used to complete the process. Kill can send any signal, but by default, it sends TERM. Kill can be used by regular users in their own processes or by root any processes.

The kill command syntax is:

kill [-signal] pid

where signal is the number or symbolic name of the signal to be sent and PID is the process ID of the target process.

Kill without a signal number does not guarantee that this process will be closed, because the TERM signal can be caught, blocked, or ignored.

Command ‘kill -9 pid” guarantees’ the process will be killed because signal 9, kill, cannot be intercepted. Team killall kill processes by name. For example, the following command kills all Dovecot processes:

$ sudo killall dovecot

five. Ctrl + Z – this command is used to suspend the current foreground process and move it to the background:

# service spamd restart
Redirecting to /bin/systemctl restart  spamd.service
^Z
[1]+  Stopped                 service spamd restart

6. jobs – Displaying a list of current jobs running in the background:

# jobs
[1]+  Stopped                 service spamd restart

7. fg – this command is used to bring a background process to the fore:

# fg 1
service spamd restart

PS. If you liked this post, you can share it with your friends on social networks using social networks or just leave a comment below.

Sidebar