Linux is a multitasking, multi-user system which allows all the processes to run simultaneously without conflicting with each other. What a process represents is an instance of a script that carries out various jobs within the OS itself. Unix systems have a native utility called “ps” (process status) for analyzing information regarding the currently executing processes. Linux gets this data from the virtual files mounted at the /proc filesystem. System administrators are highly utilizing this command as it helps them understand what is occurring on the system presently. It has an immense amount of options for forming its output, and we cannot possibly go over them all in this guide, however, we will try to look at the most practically useful ones that you can use on a daily basis.
To execute this command, simply type:
ps
When used individually without any flags, it will display the processes which are running within the current shell:
[root@server ~]# ps PID TTY TIME CMD 455079 pts/0 00:00:00 bash 626012 pts/0 00:00:00 ps
To display all of the running processes within an SSH session, please type in the following:
ps -A
or
ps -e
Here is the output:
[root@server ~]# ps -A PID TTY TIME CMD 1 ? 00:01:47 systemd 2 ? 00:00:00 kthreadd 3 ? 00:00:15 ksoftirqd/0 5 ? 00:00:00 kworker/0:0H 7 ? 00:00:00 migration/0 8 ? 00:00:00 rcu_bh 9 ? 00:04:02 rcu_sched 10 ? 00:00:00 lru-add-drain 11 ? 00:00:01 watchdog/0 12 ? 00:00:01 watchdog/1 13 ? 00:00:01 migration/1 14 ? 00:00:13 ksoftirqd/1
To get the most detailed amount of information possible using this command, please use the following options with “ps”:
ps aux
Here is the output:
[root@server ~]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 43908 3312 ? Ss Mar22 1:47 /usr/lib/systemd/systemd --switched-root --system --deserialize 22 root 2 0.0 0.0 0 0 ? S Mar22 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S Mar22 0:15 \_ [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S< Mar22 0:00 \_ [kworker/0:0H] root 7 0.0 0.0 0 0 ? S Mar22 0:00 \_ [migration/0] root 8 0.0 0.0 0 0 ? S Mar22 0:00 \_ [rcu_bh] root 9 0.1 0.0 0 0 ? S Mar22 4:03 \_ [rcu_sched] root 10 0.0 0.0 0 0 ? S< Mar22 0:00 \_ [lru-add-drain] root 11 0.0 0.0 0 0 ? S Mar22 0:01 \_ [watchdog/0] root 12 0.0 0.0 0 0 ? S Mar22 0:01 \_ [watchdog/1] root 13 0.0 0.0 0 0 ? S Mar22 0:01 \_ [migration/1] root 14 0.0 0.0 0 0 ? S Mar22 0:13 \_ [ksoftirqd/1] root 16 0.0 0.0 0 0 ? S< Mar22 0:00 \_ [kworker/1:0H]
As you can see, you are shown details regarding the CPU and RAM usage of a given process, the time in which it has been running, the PID, and the user who started it. You may use this information to located memory leaks, CPU intensive applications, or abusive users on your system. A useful tool which you can combine with the “ps” utility is the "kill" command. It allows you to send a signal to the given process and either terminate it immediately or gracefully, depending on the situation. Here is how you can use it:
kill <signal> <pid>
The most commonly used signals you will use are:
- 2 - Interrupts the process, simulates a "CTRL + C" command-line interface sequence.
- 9 - Terminates the process immediately. Know as a hard kill.
- 15 - terminates the process whenever it is done with its current task. Also referred to as a graceful kill.
Let's say you log on to your server, and you use the ps command example listed above that gives you detailed information about all the running processes. You can't help but notice a very resource-consuming process with PID 2356 running for a long time, which is causing troubles on your server. You can see that it has already been running for a few hours, and you cannot afford to compromise your server's performance, thus you decide to act! The best case of action would be the following command:
kill -9 2356
Executing the ps command will show that this process is no longer running because the kill signal you chose for the “kill” command terminated it immediately. Your system should now operate at full efficiency without the troublesome process that was just terminated!