103.5. Create, monitor and kill processes

Weight: 4
Description: Candidates should be able to perform basic process management.
Key Knowledge Areas:
Run jobs in the foreground and background
Signal a program to continue running after logout
Monitor active processes
Select and sort processes for display
Send signals to processes
Terms and Utilities:
&
bg
fg
jobs
kill
nohup
ps
top
free
uptime
pgrep
pkill
killall
screen
In this section we are talking about jobs and processes. What you should know is that, what exactly is a job?
If you run a command from the shell, that is job. 
1
[email protected]:~# ls
2
client.conf  files-backup            openvpn.key  unzip_6.0-20ubuntu1_amd64.deb
3
dead.letter  jcal_0.4.1-2_amd64.deb  test-space   zip_3.0-11_amd64.deb
Copied!
A job might be executed and exit immediately and runs for a short time only but some jobs run for a long time.
1
[email protected]:~# sleep 3600
2
​
Copied!
that goes to sleep for 3600 seconds, that is an hour! So you can wait for an hour (considering that you can not use your terminal) or you can run a job in background.
Foreground and Background jobs (&)
 A job is a process that the shell manages. Each job is assigned a sequential job ID. Because a job is a process, each job has an associated PID. There are two types of job statuses:
1. Foreground: When we enter a command in a terminal window, the command occupies that terminal window until it completes. This is a foreground job.
 2. Background: When we enter an ampersand (&) symbol at the end of a command line, the command runs without occupying the terminal window. The shell prompt is displayed immediately after you press Return. This is an example of a background job.
1
[email protected]:~$ sleep 5 &
2
[1] 68481
3
[email protected]:~$ 
4
[1]+  Done                    sleep 5
5
[email protected]:~$
Copied!
By default you get notified about terminated jobs when you hit enter ,Try set -b to get notified immediately.
Job Control Commands
Job control commands enable us to place jobs in the foreground or background, and to start or stop jobs. The table describes the job control commands.
Command
Description
jobs
Lists all jobs
bg %n
Places the current or specified job in the background, where n is the job ID
fg %n
Brings the current or specified job into the foreground, where n is the job ID
Control-Z
Stops the foreground job and places it in the background as a stopped job
Control-C
Ctrl+C kills the process
if no job id is mentioned bg and fg consider the most recent job
jobs
1
[email protected]:~# jobs
2
[1]+  Running                 sleep 1000 &
3
[email protected]:~# sleep 2000 &
4
[2] 54832
5
[email protected]:~# jobs
6
[1]-  Running                 sleep 1000 &
7
[2]+  Running                 sleep 2000 &
8
[email protected]:~# sleep 3000
9
^Z
10
[3]+  Stopped                 sleep 3000
11
[email protected]:~# jobs
12
[1]   Running                 sleep 1000 &
13
[2]-  Running                 sleep 2000 &
14
[3]+  Stopped                 sleep 3000
Copied!
bg
1
[email protected]:~# bg
2
[3]+ sleep 3000 &
3
[email protected]:~# jobs
4
[1]   Running                 sleep 1000 &
5
[2]-  Running                 sleep 2000 &
6
[3]+  Running                 sleep 3000 &
Copied!
we cloud use fg %3 command and it would have the same result. 
fg
1
[email protected]:~# jobs
2
[1]   Running                 sleep 1000 &
3
[2]-  Running                 sleep 2000 &
4
[3]+  Running                 sleep 3000 &
5
[email protected]:~# fg %2
6
sleep 2000
7
^C
8
[email protected]:~# jobs
9
[1]-  Running                 sleep 1000 &
10
[3]+  Running                 sleep 3000 &
11
[email protected]:~# 
Copied!
We brought a job to foreground and use Ctrl + C to kill that job. 
we can disable and enable shell job control feature  withset +m and set -m commands.
jobs normally stick to the shell running it, so they are killed when we close the terminal or log out. Some times we need to make sure that the running job is not attached to the running shell.This is where nohup and disown come to play.
huponexit
jobs are killed only if the huponexit option is set! 
runshopt huponexit to see if this is true.
If huponexit is false, which is the default on at least some linuxes these days, then backgrounded jobs will not be killed on normal logout!
If huponexit is true, then we can use nohup or disown to dissociate the process from the shell so it does not get killed when you exit. Or, run things with screen.
use shopt -s huponexit and shopt -u huponexit in order to set and unset it.
Signal a program to continue running after logout
nohup
Nohup stands for no hangup, and that means even if the parent shell is diconnected the job just will continue,  The output of the nohup command will write in nohup.out the file if any redirecting filename is not mentioned in nohup command.
1
nohup command [command-argument ...]
Copied!
Using nohup with commands:
1
[email protected]:~/test-space# nohup ping  8.8.8.8 &
2
[2] 55210
3
[email protected]:~/test-space# nohup: ignoring input and appending output to 'nohup.out'
4
​
5
[email protected]:~/test-space# ls 
6
nohup.out
7
[email protected]:~/test-space# head -3 nohup.out 
8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
9
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=97.2 ms
10
64 bytes from 8.8.8.8: icmp_seq=2 ttl=128 time=74.4 ms
Copied!
Now even if we close the terminal and open it again ping is still running.
1
[email protected]:~/test-space# jobs
2
[email protected]:~/test-space# ps aux | grep ping | grep -v grep
3
root      55210  0.0  0.0   6536   756 ?        S    02:32   0:00 ping 8.8.8.8
4
[email protected]:~/test-space# 
Copied!
Please notice that we can not use fg, bg commands on that particular job anymore.
 When we run nohup command without ‘&’ then it returns to shell command prompt immediately after running that particular command in the background.
We useually use nohup with output redirection nohup bash script.sh > myresult.txt 2>&1
disown
We can also use disown command, it is used after the a process has been launched and put in the background, it’s work is to remove a shell job from the shell’s active list jobs, therefore we can not use fg, bg commands on that particular job anymore but that process keeps running even after closing current shell.
1
[email protected]:~# jobs
2
[email protected]:~# sleep 111 &
3
[1] 6394
4
[email protected]:~# jobs -l
5
[1]+   Running                 sleep 111 &
6
[email protected]:~# disown %1
7
[email protected]:~# jobs 
8
[email protected]:~# pgrep sleep
9
6394
Copied!
 disown -h %1 lets us to have  normal job control mechanisms to continue controlling the process until closing the terminal.
Option
Description
-a
Delete all jobs if jobID is not supplied.
-r
Delete only running jobs.
There is a problem with nohup and disown commands. There is no way to bring back that job to forground and work interactivly with that. So we need a different solution, screen.
screen
 screen command in Linux provides the ability to launch and use multiple shell sessions from a single ssh session. 
When a process is started with ‘screen’, the process can be detached from session and then can reattach the session at a later time. When the session is detached, the process that was originally started from the screen is still running and managed by the screen itself. The process can then re-attach the session at a later time, and the terminals are still there, the way it was left. (you might need to install it)
Start screen for the first time
simple use screen command  :
1
[email protected]:~# screen
Copied!
1
Screen version 4.03.01 (GNU) 28-Jun-15
2
​
3
Copyright (c) 2010 Juergen Weigert, Sadrul Habib Chowdhury
4
Copyright (c) 2008, 2009 Juergen Weigert, Michael Schroeder, Micah Cowan,
5
Sadrul Habib Chowdhury
6
Copyright (c) 1993-2002, 2003, 2005, 2006, 2007 Juergen Weigert, Michael
7
Schroeder
8
Copyright (c) 1987 Oliver Laumann
9
​
10
This program is free software; you can redistribute it and/or modify it under
11
the terms of the GNU General Public License as published by the Free Software
12
Foundation; either version 3, or (at your option) any later version.
13
​
14
This program is distributed in the hope that it will be useful, but WITHOUT
15
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
17
​
18
You should have received a copy of the GNU General Public License along with
19
this program (see the file COPYING); if not, see http://www.gnu.org/licenses/,
20
or contact Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
21
​
22
                  [Press Space for next page; Return to end.]
Copied!
use screen -s Session_Name to start a named session.now lets run a command inside screen:
1
[email protected]:~# sleep 1111
2
​
Copied!
Inorder to create a new screen inside the current screen (nested screen) use  just press Ctrl-a +c
Detach the screen
One of the advantages of screen that is you can detach it. Then, you can restore it without losing anything you have done on the screen. use  Ctrl-a + d to detach:
1
[email protected]:~# sleep 1111
2
​
Copied!
1
[email protected]:~# screen
2
[detached from 56798.pts-4.ubuntu16-1]
3
[email protected]:~# 
Copied!
 -d is also used to detach a screen session so that it can be reattached in future.
List screens
 screen  -ls is used to display the currently opened screens including those running in the background:
1
[email protected]:~# screen -list
2
There is a screen on:
3
	56798.pts-4.ubuntu16-1	(10/14/2019 04:15:00 AM)	(Detached)
4
1 Socket in /var/run/screen/S-root.
Copied!
Reattach to a screen
 -r  It is used to reattach a screen session which was detached in past:
1
[email protected]:~# screen -r 56798
Copied!
1
[email protected]:~# sleep 1111
2
[email protected]:~# 
3
​
Copied!
We usually use screen -dr <Screen-ID> command.This means detach the specified screen first and then reattach it. 
Switching between screens
When we do nested screen, you can switch between screen using command Ctrl-a +n. It will be move to the next screen. When  need to go to the previous screen, just press Ctrl-a +p.
Terminate screen session
Use  “Ctrl-A” and “K” to kill the screen.
​
Monitor active processes
What is process?
A program is a series of instructions that tell the computer what to do. When we run a program, those instructions are copied into memory and space is allocated for variables and other stuff required to manage its execution. This running instance of a program is called a process and it's processes which we manage
Each process got a PID. PID stands for  process identifier and it is is a unique number that identifies each of the running processes in an operating system
processes can further be categorized into:
Parent processes – these are processes that create other processes during run-time.
Child processes – these processes are created by other processes during run-time.
therefore PPID stands for Parent Process ID. notes:
note1:Used up pid’s can be used in again for a newer process since all the possible combinations are used.
note2:At any point of time, no two processes with the same pid exist in the system because it is the pid that Unix uses to track each process.
If we use the jobs command with the -l option, it will also show process ID.  
ps
ps (Process status) can be used to see/list all the running processes and their PIDs along with some other information depends on different options.
1
ps [options]
Copied!
 ps reads the process information from the virtual files in /proc file-system.  In it's simplest form, when used without any option, ps will print four columns of information for minimum two processes running in the current shell, the shell itself, and the processes that run in the shell when the command was invoked.
1
[email protected]:~# ps
2
   PID TTY          TIME CMD
3
 57301 pts/18   00:00:00 bash
4
 59076 pts/18   00:00:00 ps
Copied!
 Where,
 PID – the unique process ID
 TTY – terminal type that the user is logged into
 TIME – amount of CPU in minutes and seconds that the process has been running
 CMD – name of the command that launched the process.
 Note – Sometimes when we execute ps command, it shows TIME as 00:00:00. It is nothing but the total accumulated CPU utilization time for any process and 00:00:00 indicates no CPU time has been given by the kernel till now. In above example we found that, for bash no CPU time has been given. This is because bash is just a parent process for different processes which needs bash for their execution and bash itself is not utilizing any CPU time till now.
Usually when we use the command ps we add parameters like -a, -u and -x. While 
a = show processes for all users
u = display the process’s user/owner
x = also show processes not attached to a terminal
1
[email protected]:~# ps -aux | head -10
2
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
3
root          1  0.0  0.3 185244  3856 ?        Ss   Oct11   0:07 /sbin/init auto noprompt
4
root          2  0.0  0.0      0     0 ?        S    Oct11   0:00 [kthreadd]
5
root          4  0.0  0.0      0     0 ?        I<   Oct11   0:00 [kworker/0:0H]
6
root          6  0.0  0.0      0     0 ?        I<   Oct11   0:00 [mm_percpu_wq]
7
root          7  0.0  0.0      0     0 ?        S    Oct11   0:12 [ksoftirqd/0]
8
root          8  0.0  0.0      0     0 ?        I    Oct11   0:19 [rcu_sched]
9
root          9  0.0  0.0      0     0 ?        I    Oct11   0:00 [rcu_bh]
10
root         10  0.0  0.0      0     0 ?        S    Oct11   0:00 [migration/0]
11
root         11  0.0  0.0      0     0 ?        S    Oct11   0:01 [watchdog/0]
Copied!
where column are :
USER – Specifies the user who executed the program.
 PID: Process ID, shows the process identification number.
CPU%: The processor % used by the process.
MEME%: The memory % used by the process.
VSZ: The virtual size in kbytes.
RSS: In contrast with the  virtual size, this shows the real memory used by the process.
TTY: Identifies the terminal from which the process was executed.
STATE: Shows information on the process’ state just as it’s priority, by running “man ps” you can see codes meaning.
START: Show when the process has started.
TIME: Shows the processor’s time occupied by the program.
C0MMAND: Shows the command used to launch the process.
We can also use ps -ef instead of ps aux . There are no differences in the output because the meanings are the same. The difference between ps -ef and ps aux is due to historical divergences between POSIX and BSD systems. At the beginning, POSIX accepted the -ef while the BSD accepted only the aux form. Both list all processes of all users. In that aspect -e and ax are completely equivalent.
Options for ps command
Description
ps -T
View Processes  associated with a terminal
ps -x
View all processes owned by you
ps -o  column_name
view process according to user-defined format
It is also possible to use --sort option to sort output based on different fields (+ for ascending & - for descending). ps -eo  pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -10 . With-o or –format options, ps allows us to build user-defined output formats.
 Process selection commands
Description
ps -C command_name
Select the process by the command name.
ps p process_id
View process by process ID.
ps -u user_name/ID
Select by user name or ID
ps -g group_name , ps -G group_id
Select by group name or ID
ps -t pst/0
Display Processes by TTY
We already know about the grep command in Linux, which searches for a pattern, and then prints the matching text in the output. What if the requirement is to apply this kind of processing to fetch select information about processes currently running in the system?
pgrep
the pgrep command searches for processes currently running on the system, based on a complete or partial process name, or other specified attributes.
1
pgrep [options] pattern
Copied!
1
[email protected]:~# sleep 1000 &
2
[1] 60647
3
[email protected]:~# sleep 2000 &
4
[2] 60648
5
[email protected]:~# pgrep sleep
6
60647
7
60648
Copied!
Always use ps -ef command to make sure about process_name. There is different between process_name and the running program(like bash). compare pgrep -a and pgrep -af.
pgrep options:
1
-d, --delimiter <string>  specify output delimiter
2
 -l, --list-name           list PID and process name
3
 -a, --list-full           list PID and full command line
4
 -v, --inverse             negates the matching
5
 -w, --lightweight         list all TID
6
 -c, --count               count of matching processes
7
 -f, --full                use full process name to match
8
 -g, --pgroup <PGID,...>   match listed process group IDs
9
 -G, --group <GID,...>     match real group IDs
10
 -n, --newest              select most recently started
11
 -o, --oldest              select least recently started
12
 -P, --parent <PPID,...>   match only child processes of the given parent
13
 -s, --session <SID,...>   match session IDs
14
 -t, --terminal <tty,...>  match by controlling terminal
15
 -u, --euid <ID,...>       match by effective IDs
16
 -U, --uid <ID,...>        match by real IDs
17
 -x, --exact               match exactly with the command name
18
 -F, --pidfile <file>      read PIDs from file
19
 -L, --logpidfile          fail if PID file is not locked
20
 --ns <PID>                match the processes that belong to the same
21
                           namespace as <pid>
22
 --nslist <ns,...>         list which namespaces will be considered for
23
                           the --ns option.
24
                           Available namespaces: ipc, mnt, net, pid, user, uts
25
​
26
 -h, --help     display this help and exit
27
 -V, --version  output version information and exit
Copied!
Real Time process monitoring ?
Be creative and use combination of  other commands like 'watch'. We can use 'watch' in conjunction with ps  command to perform Real-time Process Monitoring :
watch -n 1 'ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head'
But there is another tool for that, top.
 top
 top command is used to show the Linux processes. It provides a dynamic real-time view of the running system. Usually, this command shows the summary information of the system and the list of processes or threads which are currently managed by the Linux Kernel.
1
[email protected]:~# top
Copied!
1
Tasks: 237 total,   1 running, 174 sleeping,   0 stopped,   0 zombie
2
%Cpu(s):  0.8 us,  0.4 sy,  0.0 ni, 98.7 id,  0.1 wa,  0.0 hi,  0.0 si,  0.0 st
3
KiB Mem :   985080 total,   167700 free,   501856 used,   315524 buff/cache
4
KiB Swap:  1045500 total,   448216 free,   597284 used.   256968 avail Mem 
5
​
6
   PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+ COMMAND    
7
 59562 root      20   0   41952   3604   2920 R 12.5  0.4   0:00.02 top        
8
     1 root      20   0  185244   3856   2244 S  0.0  0.4   0:07.76 systemd    
9
     2 root      20   0       0      0      0 S  0.0  0.0   0:00.01 kthreadd   
10
     4 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 kworker/0:+
11
     6 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 mm_percpu_+
12
     7 root      20   0       0      0      0 S  0.0  0.0   0:12.88 ksoftirqd/0
13
     8 root      20   0       0      0      0 I  0.0  0.0   0:19.92 rcu_sched  
14
     9 root      20   0       0      0      0 I  0.0  0.0   0:00.00 rcu_bh     
15
    10 root      rt   0       0      0      0 S  0.0  0.0   0:00.00 migration/0
Copied!
Top output keep refreshing until you press ‘q‘.
Where,
PID: Shows task’s unique process id
USER: User name of owner of task.
PR: Stands for priority of the task.
NI: Represents a Nice Value of task. A Negative nice value implies higher priority, and positive Nice value means lower priority.
VIRT: Total virtual memory used by the task.
RES:It is the Resident size, the non-swapped physical memory a task has used.
SHR: Represents the amount of shared memory used by a task.
%CPU: Represents the CPU usage.
%MEM: Shows the Memory usage of task.
TIME+: CPU Time, the same as ‘TIME’, but reflecting more granularity through hundredths of a second.
COMMAND:Shows the command used to launch the process.
top command option
description
top -n 10
Exit Top Command After Specific repetition
top -u user1
 Display Specific User Process
Top -d seconds.tenths
It tells delay time between screen updates
top -h
 Shows top command syntax
Running top command hot keys
Description
 pressing ‘d‘
change screen refresh interval (default 3.0 sec)
Pressing ‘z‘ 
display running process in color
Pressing ‘c‘
display absolute path of running program
pressing ‘k‘
kill a process after finding PID of process(without exiting)
Pressing 'M'
sort based on memory usage
Shift+P
 Sort by CPU Utilisation
 Press ‘h‘
Getting top command help
Manage processes
To manage processes in a linux machine  we can send signals signals to the process.Many Signals are defined in the linux kernels. (try man 7 signal)
Signal Name
Signal Number
Description
SIGHUP
1
Hang up detected on controlling terminal or death of controlling process
SIGINT
2
Issued if the user sends an interrupt signal (Ctrl + C)
SIGQUIT
3
Issued if the user sends a quit signal (Ctrl + D)
SIGKILL
9
If a process gets this signal it must quit immediately and will not perform any clean-up operations
SIGTERM
15
Software termination signal (sent by kill by default)
SIGCOUNT
18
Continue the process stopped with STOP
STOP
19
Stop process
to send signals to processes there are some commands:
kill
 kill command in Linux (located in /bin/kill), is a built-in command which is used to terminate processes manually . kill command sends a signal to a process which terminates the process.
1
kill {-signal | -s signal} pid 
Copied!
please notice that:
A user can kill all his process.
A user can not kill another user’s process.
A user can not kill processes System is using.
A root user can kill System-level-process and the process of any user.
note: If the user doesn’t specify any signal which is to be sent along with kill command then default TERM signal is sent that terminates the process.
1
[email protected]:~# sleep 1000 &
2
[1] 61080
3
[email protected]:~# sleep 2000 &
4
[2] 61081
5
[email protected]:~# jobs -l
6
[1]- 61080 Running                 sleep 1000 &
7
[2]+ 61081 Running                 sleep 2000 &
8
[email protected]:~# ps -ef | grep sleep
9
root      61080  57301  0 02:55 pts/18   00:00:00 sleep 1000
10
root      61081  57301  0 02:55 pts/18   00:00:00 sleep 2000
11
root      61085  57301  0 02:56 pts/18   00:00:00 grep --color=auto sleep
12
[email protected]:~# kill 61080
13
[email protected]:~# ps -ef | grep sleep
14
root      61081  57301  0 02:55 pts/18   00:00:00 sleep 2000
15
root      61089  57301  0 02:56 pts/18   00:00:00 grep --color=auto sleep
16
[1]-  Terminated              sleep 1000
17
[email protected]:~# ps -ef | grep sleep
18
root      61081   1722  0 02:55 ?        00:00:00 sleep 2000
19
root      61096  55644  0 02:58 pts/17   00:00:00 grep --color=auto sleep
20
[email protected]:~# kill -9 61081
21
[email protected]:~# ps -ef | grep sleep
22
root      61100  55644  0 02:58 pts/17   00:00:00 grep --color=auto sleep
Copied!
  use kill -l to see all signals you can send using kill.
There are two commands used to kill a process:
kill – Kill a process by ID
killall,pkill – Kill a process by name
killing a proccess by name could be realy dangerous, Before sending signal,  verify which process is matching the criteria using “pgrep -l”.
killall
 killall is a tool for terminating running processes on your system based on name. In contrast, kill terminates processes based on Process ID number (PID). Like kill , killall can also send specific system signals to processes.
1
kill {-signal | -s signal} process_name 
Copied!
note1:the whole process_name should be defined ( ex : sleep not sle or slee).
note2: If no signal name is specified, SIGTERM is sent.
1
[email protected]:~# sleep 1000 &
2
[1] 61836
3
[email protected]:~# sleep 2000 &
4
[2] 61837
5
[email protected]:~# ps -ef | grep sleep | grep -v grep
6
root      61836  55644  0 03:46 pts/17   00:00:00 sleep 1000
7
root      61837  55644  0 03:46 pts/17   00:00:00 sleep 2000
8
[email protected]:~# pkill sleep
9
[1]-  Terminated              sleep 1000
10
[2]+  Terminated              sleep 2000
11
[email protected]:~# ps -ef | grep sleep | grep -v grep
Copied!
killall command example
Description
killall -l
all signals the killall command can send
killall -q process_name
prevent killall from complaining if specified process doesn't exist
killall -u [user-name]
kill all processes owned by a user
killall -o 5h
kill all processes that have now been running for more than 5 hour
killall -y 4h
kill all precesses  that less than 4 hours old
killall -w [process-name]
 causes killall to wait until the process terminates before exiting.
pkill
The PKill command allows you to kill a program simply by specifying the name.
1
pkill [options] pattern
Copied!
note: We don't have to define whole process_name. So it could be really dangerous!
example:
1
[email protected]:~# pgrep firefox
2
62256
3
[email protected]:~# pkill firefox
Copied!
pkill command example
Description
pkill -c [process_name]
return a count of the number of processes killed
pkill -U [real_user_ID]
kill all the processes for a particular user
pkill -G [real_group_ID]
kill all the programs in a particular group
free
 free command  displays the total amount of free space available along with the amount of memory used and swap memory in the system, and also the buffers used by the kernel.
1
free [options]
Copied!
As free displays the details of the memory related to the system , its syntax doesn’t need any arguments to be passed but it has some options!
1
[email protected]:~# free
2
              total        used        free      shared  buff/cache   available
3
Mem:         985080      432716      135464       16724      416900      339484
4
Swap:       1045500      671864      373636
Copied!
free command with no options produces the columnar output as shown above where column:
1.
total : displays the total installed memory (MemTotal and SwapTotal i.e present in /proc/meminfo).
2.
used : displays the used memory.
3.
free : displays the unused memory.
4.
shared : displays the memory used by tmpfs(Shmen i.epresent in /proc/meminfo and displays zero in case not available).
5.
buffers : displays the memory used by kernel buffers.
6.
cached : displays the memory used by the page cache and slabs(Cached and Slab available in /proc/meminfo).
7.
buffers/cache : displays the sum of buffers and cache.
 By default the display is in kilobytes, but you can override this using -b for bytes, -k for kilobytes, -m for megabytes, or -g for gigabytes.
1
[email protected]:~# free -h
2
              total        used        free      shared  buff/cache   available
3
Mem:           961M        423M        128M         16M        410M        330M
4
Swap:          1.0G        655M        365M
Copied!
 -t   displays an additional line containing the total of the total, used and free columns:
1
[email protected]:~# free -t -h
2
              total        used        free      shared  buff/cache   available
3
Mem:           961M        424M        127M         16M        410M        329M
4
Swap:          1.0G        655M        365M
5
Total:         1.9G        1.1G        492M
Copied!
Other free command options:
1
-h, --human         show human-readable output
2
     --si            use powers of 1000 not 1024
3
 -l, --lohi          show detailed low and high memory statistics
4
 -t, --total         show total for RAM + swap
5
 -s N, --seconds N   repeat printing every N seconds
6
 -c N, --count N     repeat printing N times, then exit
7
 -w, --wide          wide output
8
​
9
     --help     display this help and exit
10
 -V, --version  output version information and exit
Copied!
uptime
 The uptime command shows you a one-line display that includes the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
1
uptime [-options]
Copied!
1
[email protected]:~# uptime 
2
 03:37:00 up 3 days, 19:07,  1 user,  load average: 0.00, 0.00, 0.00
Copied!
Lets try uptime -h to see all of uptime availbale options:
1
Usage:
2
 uptime [options]
3
​
4
Options:
5
 -p, --pretty   show uptime in pretty format
6
 -h, --help     display this help and exit
7
 -s, --since    system up since
8
 -V, --version  output version information and exit
9
​
10
For more details see uptime(1).
Copied!
examples:
1
[email protected]:~# uptime -p
2
up 3 days, 19 hours, 16 minutes
3
[email protected]:~# uptime -s
4
2019-10-17 08:29:08
5
[email protected]:~# uptime -V
6
uptime from procps-ng 3.3.10
Copied!
.
.
.
Processes deep dive ( Beyond the scope of LPIC1)
 Types of Processes
1.
Parent and Child process : The 2nd and 3rd column of the ps –f command shows process id and parent’s process id number. For each user process there’s a parent process in the system, with most of the commands having shell as their parent.
2.
Zombie and Orphan process : After completing its execution a child process is terminated or killed and SIGCHLD updates the parent process about the termination and thus can continue the task assigned to it. But at times when the parent process is killed before the termination of the child process, the child processes becomes orphan processes, with the parent of all processes “init” process, becomes their new ppid.
 A process which is killed but still shows its entry in the process status or the process table is called a zombie process, they are dead and are not used.
3.
Daemon process : They are system-related background processes that often run with the permissions of root and services requests from other processes, they most of the time run in the background and wait for processes it can work along with for ex print daemon.
 When ps –ef is executed, the process with ? in the tty field are daemon processes
States of a Process in Linux
Running – here it’s either running (it is the current process in the system) or it’s ready to run (it’s waiting to be assigned to one of the CPUs). use ps -r command.
Waiting – in this state, a process is waiting for an event to occur or for a system resource. Additionally, the kernel also differentiates between two types of waiting processes; interruptible waiting processes – can be interrupted by signals and uninterruptible waiting processes – are waiting directly on hardware conditions and cannot be interrupted by any event/signal.
Stopped – in this state, a process has been stopped, usually by receiving a signal. For instance, a process that is being debugged.
Zombie – here, a process is dead, it has been halted but it’s still has an entry in the process table.
Processes state codes in ps aux or ps -ef  command:
R running or runnable (on run queue)
D uninterruptible sleep (usually IO)
S interruptible sleep (waiting for an event to complete)
Z defunct/zombie, terminated but not reaped by its parent
T stopped, either by a job control signal or because it is being traced
Some extra modifiers:
< high-priority (not nice to other users)
N low-priority (nice to other users)
L has pages locked into memory (for real-time and custom IO)
s is a session leader
l is multi-threaded (using CLONE_THREAD, like NPTL pthreads do)
+ is in the foreground process group
.
​https://www.thegeekdiary.com/understanding-the-job-control-commands-in-linux-bg-fg-and-ctrlz/​
​https://superuser.com/questions/662431/what-exactly-determines-if-a-backgrounded-job-is-killed-when-the-shell-is-exited​
​https://linuxhint.com/nohup_command_linux/​
​https://www.tecmint.com/run-linux-command-process-in-background-detach-process/​
​https://www.geeksforgeeks.org/screen-command-in-linux-with-examples/​
​https://www.tecmint.com/screen-command-examples-to-manage-linux-terminals/​
​https://linoxide.com/linux-command/15-examples-screen-command-linux-terminal/​
​https://ryanstutorials.net/linuxtutorial/processes.php​
​https://www.cyberciti.biz/faq/unix-linux-disown-command-examples-usage-syntax/​
​https://linuxize.com/post/ps-command-in-linux/​
​https://www.computerhope.com/jargon/p/pid.htm​
​https://www.tecmint.com/linux-process-management/​
​https://www.geeksforgeeks.org/processes-in-linuxunix/​
​https://www.geeksforgeeks.org/ps-command-in-linux-with-examples/​
​https://linuxhint.com/ps_command_linux-2/​
​https://www.quora.com/What-is-the-difference-between-ps-elf-and-ps-aux-in-Linux​
​https://www.geeksforgeeks.org/top-command-in-linux-with-examples/​
​https://www.tecmint.com/12-top-command-examples-in-linux/​
​https://www.tutorialspoint.com/unix/unix-signals-traps.htm​
​https://www.geeksforgeeks.org/kill-command-in-linux-with-examples/​
​https://www.linux.com/tutorials/how-kill-process-command-line/​
​https://www.linode.com/docs/tools-reference/tools/use-killall-and-kill-to-stop-processes-on-linux/​
​https://www.geeksforgeeks.org/free-command-linux-examples/​
​https://www.geeksforgeeks.org/linux-uptime-command-with-examples/​
​https://linuxhint.com/load_average_linux/​
.
103.4. Use streams, pipes and redirects
103.6. Modify process execution priorities
Last modified 1yr ago
Copy link
Contents
Foreground and Background jobs (&)
jobs
Signal a program to continue running after logout
nohup
screen
Monitor active processes