Understanding Processes

Resources: www.tecmint.com, access.redhat.com

What is Process?

  • Linux calls each running program a process.
  • Process is made up of the program instruction, and data read from files, other programs or input from a system user.
  • Each process gets its own Process ID (PID). Based on PID, Linux manages how process uses memory and CPU.
  • When Linux system boots, it starts first process called the init process. The init process is the core of the Linux system. This process runs scripts that start all other processes running on the system.

Types of processes?

There are two types of processes in Linux:

  1. Foreground processes – started and controlled by user through a terminal session. They do not start automatically as part of the system services.
  2. Background processes – processes not started in terminal session. They do not expect user input to be running. Also, they run in terminal session background.

Furthermore, since Linux is multi-user system, the kernel needs to uniquely identify each running process. The process is identified by its process ID (PID), but also with it’s parent process ID (PPID). Based on this information, foreground and background processes are identified and created as follows:

  1. Parent processes – processes that create other processes.
  2. Child processes – processes that are created by other processes.

What is Daemon?

Daemon – type of background process that start on system startup. Also, they keep running forever as a service. Daemons start as system tasks (services). Daemons can be controlled by init process (systemd for example)

Creating a process

New process is usually created when an existing process makes an copy of itself in memory. The child process will have same environment variables as its parent. However, it will have different PID number.

Processes are created with fork() and exec() functions.

Finding process ID

To find PID of a given process, use pidof command, like so:

$ pidof systemd
1
$ pidof firefox
25151

To find the PID and PPID of current shell, we run:

$ echo $$
2152
$ echo $PPID
2149

Understanding background and foreground

To start a process in foreground, just call any program and it will run, or wait for user input. As such, this process will bind to current shell and you will only be able to use that process.

Starting the process in background

To start a process in background, call any program and add & symbol at the end, like so

# dd if=/dev/zero of=/dev/null &

Sending background process to foreground

Also, we can send foreground process to background by sending a SIGSTOP signal by pressing CTRL + Z keys. To see background processes, we use jobs command. The jobs command will show background processes with their job ID (not to be mistaken with PID). To call process to foreground, use fg %[JOB_ID]

# jobs
[1] firefox
[2] tar -cf backup.tar /backups/
# fg %1

What are Process States?

A process changes from one state to another depending on its environment. A process can have these states:

  • Running – when in running state, process has all its needs to run. The running processes are marked with ‘R’ in ps output. Running process is either running or being ready to be run (waiting to be assigned to CPUs)
  • Uninterruptable sleep (D)- process is in uninterruptable sleep state when it needs resources that are not currently available, in other words it waits for any I/O (storage device, network, whatever). At that point, it either goes to sleep state by itself, or the kernel knock him out and makes him sleep. When the resource process needs becomes available, a signal is sent to the CPU. Signal with D state cannot be killed, even with kill -9 command because they are, well, interruptable. The only way to kill that process is to reboot system or waiting for I/O to respond. To see list of all processes in D state use echo w > /proc/sysrq-trigger
  • Stopped – process can stop by themselves or by receiving a signal.
  • Zombie process – If a process is ended but its parent process is not, meaning it did not acknowledged the termination signal because it’s sleeping, then it is called zombie process.

Sending signals to processes

Most important way of controlling processes is by sending signals to them. To list all signals use #kill -l

[aldin@ghost ~]$ kill -l
 1) SIGHUP	 2) SIGINT	 3) SIGQUIT	 4) SIGILL	 5) SIGTRAP
 6) SIGABRT	 7) SIGBUS	 8) SIGFPE	 9) SIGKILL	10) SIGUSR1
11) SIGSEGV	12) SIGUSR2	13) SIGPIPE	14) SIGALRM	15) SIGTERM
16) SIGSTKFLT	17) SIGCHLD	18) SIGCONT	19) SIGSTOP	20) SIGTSTP
21) SIGTTIN	22) SIGTTOU	23) SIGURG	24) SIGXCPU	25) SIGXFSZ
26) SIGVTALRM	27) SIGPROF	28) SIGWINCH	29) SIGIO	30) SIGPWR
31) SIGSYS	34) SIGRTMIN	35) SIGRTMIN+1	36) SIGRTMIN+2	37) SIGRTMIN+3
38) SIGRTMIN+4	39) SIGRTMIN+5	40) SIGRTMIN+6	41) SIGRTMIN+7	42) SIGRTMIN+8
43) SIGRTMIN+9	44) SIGRTMIN+10	45) SIGRTMIN+11	46) SIGRTMIN+12	47) SIGRTMIN+13
48) SIGRTMIN+14	49) SIGRTMIN+15	50) SIGRTMAX-14	51) SIGRTMAX-13	52) SIGRTMAX-12
53) SIGRTMAX-11	54) SIGRTMAX-10	55) SIGRTMAX-9	56) SIGRTMAX-8	57) SIGRTMAX-7
58) SIGRTMAX-6	59) SIGRTMAX-5	60) SIGRTMAX-4	61) SIGRTMAX-3	62) SIGRTMAX-2
63) SIGRTMAX-1	64) SIGRTMAX
  • SIGHUP 1 – sent to a process when its controlling terminal is closed
  • SIGINT 2 – sent to a process by its controlling terminal when a user interrupts the process by pressing CTRL + C
  • SIGQUIT 3 – sent to a process if the user sends a quit signal with CTRL + D
  • SIGKILL 9 – immediately terminates a process and the process will not perform any clean-up operations
  • SIGTERM 15 – process termination signal (kill uses SIGTERM by default)
  • SIGTSTP 20 – sent to a process by its controlling terminal to request it to stop (terminal stop). Initiated by the user pressing CTRL + Z
  • SIGCONT – puts process in foreground
  • SIGSTOP – puts process in background

Controling processes

A user can only kill his own processes, not others’ processes. Also, a user cannot kill processes system is using. Most importantly, root user can kill all system and user processes.

kill

Kill sends a specified signal to a process. The kill command sends SIGTERM signal by default. SIGTERM is safest way to kill a process. SIGHUP is less secure way of killing a process. SIGKILL is the most unsafe way.

# kill -9 19212
# kill SIGKILL 19212
# kill -SIGTERM 19212
# kill 19212 19213 19214

pkill

Kills a process by entering process name, not PID

# pkill mysqld

pgrep

pgrep greps process ID by given name. It simply shows PID of a given process name, nothing else:

# pgrep mysql
3139

killall

killall is used to kill all child processes of a given command.

# killall mysqld

nice and renice

All active processes have priority and certain nice value. Processes with higher nice value are getting more CPU time (higher priority). Processes with lower nice value are getting lower CPU time (lower priority). However, the higher nice value is not 19, but -20, and the lower priority value is not -20, but 19. Default niceness value is 0. The root can change these nice values with nice and renice commands.

The following command would set nice value for process gnome-terminal

# nice -n 15 gnome-terminal
  • nice – used to set a nice value for a process. Normal users can set 0-20 values, while root user can set from -20 to 19 values.
  • renice – used to change nice value for a process.

The following command would change nice value to 15 to process with ID 1851

# renice -n 15 -p 1851

The following command will change nice value for all processes that belong to ‘wheel’ group

# renice -n 15 -g wheel

The following command will change nice value for all processes that belong to ‘aldin’ user

# renice -n 15 -u aldin

Leave a Reply