Skip to main content
LPIC-1 Exam 101

103.5 Create, monitor and kill processes

By June 24, 2013September 12th, 2022No Comments
Weight 4
Description Candidates should be able to perform basic process management.

Key Knowledge Areas:

  • Run jobs in the foreground and background.
  • Signal a program to continue running after logout.
  • Monitor active processes.
  • Select and sort processes for display.
  • Send signals to processes.

The following is a partial list of the used files, terms and utilities:

  • &
  • bg
  • fg
  • jobs
  • kill
  • nohup
  • ps
  • top
  • free
  • uptime
  • killall


Command Line Jobs

If we have access to just one console or terminal then a long running job may hold up our work, we could be doing something else but we have to wait for the first process to finish before we can continue. This may be compressing or decompressing large files or any process that simply takes time. If we are working in a GUI then this is less of an issue as we can simple open more pseudo terminals, the GUI x-terminals we are used to seeing. If we are limited  to the one console sending jobs to run in the background will help. To start a command in the background we can simple append the & symbol to the end of the command, a space is not required so:

  • script.sh& is the same as
  • script.sh &

If we forgot to start the application in the background be can suspend the application with control + Z and then use the command bg to send the running process to the background, there no difference to this than starting the process with the &. Should we need to return the job to the foreground then we can use the shell builtin fg. if we have many jobs we can use the builtin jobs to display the current job queue.

nouhup

Along side back-grounding of jobs we can look at the /usr/bin/nohup command. If we know a job will take some time we can choose to start it before we go home and keep the job running i=even though we have logged off. Normally if the parent process has ended, so too will child processes, if they are started with nohup they jobs will continue to run. The PPID of the running process is changed from the bash shell where if began to 1, the PID of init, so you could say that nohup hands over control to init when the user logs out. We can see in the following screenshot the running PID for sleep the command that was started with nohup has a PPID of 1 after the user geeko has logged out.

Managing processes with PS and KILL

The ps command (/bin/ps) can be used to view processes. All processes have certain properties such as the PID (Process ID) and PPID, (Parent Process ID). Using the command pstree you view the hierarchy of process by linking a PID with its PPID. The init process is always PID 1 and as such has no PPID. The init process is started by the kernel loading.

The command ps on it own will show processes within the current shell builtin bg to send the process to the background. The main point is though that the command line is returned to the user whilst the process continues in the background. The effect of running the command with & or using the bg builtin later is the same. The builtin command jobs can be used to view the jobs that you have running and the builtin fg can be used to bring a command to the foreground if required.

ps -e will list all processes

ps -l is a long listing

and ps -f a full listing. Commonly we can use the command and options ps -elf to display all processes and the main information we need for each process.

Knowing the PID of a running process will allow us to send signal to the process. This may be to ask the process to terminate or we can kill the process. We use the shell builtin kill, to send signals to processes. Using kill -l we can list possible signals; just because a signal is listed though it does not mean that the program has been written to respond to the signal, for example , you can ask bash to terminate but it will not respond. You can also ask a running service to reread it configuration with SIGHUP. Common signals are

  • kill -9 | -kill | -sigkill Really does kill the process
  • kill -15 | -term | -sigterm Terminates the process
  • kill -1 | -hup | sighup Reloads the process

If we have many processes running with the same command name, such as bash we can kill all of the processes with killall -s 9 bash, the reality is that there are a few commands that group the search and kill function together. Killall is used to grop processes together by the command they are running.

  • killall -s 9 bash : kill all bash processes
  • skill -u geeko -KILL |:will killall processes owned by the user geeko
  • pgrep bash : will list the PID of all processes for the command bash
  • pkill -KILL ksh |:similarly to killall will kill all ksh (KORN shell), in this case, processes.

Processes within /proc

Using the command /bin/ps we rea reading, as with many monitoring commands from the /proc directory. Each running process is represented by its own directory and contain files, links and sub-directories that will provide information relating to that process. PS, just formats the information for us easily:

Often the first time we enter one of these directories we leave never to return; on the pretext that the information is too complex; however if we stop for awhile and look we will soon realize that there is nothing to be fearful of. Firestly there is a symbolic link called exe ,using the readlink command we can find out the name of the command that running process represents, the symlink cwd will link to the current working directory of the process and the root symlink will show if the process runs under of different root directory or is chrooted . Look at little more and you will see a file called loginuid which will show the owner of the process, the file environ shows the variables that are set. Linux is a little like life, fear often comes from the unknown, spending alittle time in the /proc directory can make a stranger a friend.

Uptime, free and top

There are many other programs that can be used to monitor your system and these include uptime and free, the command top also summarizes both the information from free and uptime as well as showing information about running processes and fit into this LPI objective.

/usr/bin/uptime

As the name suggests this command displays how long the host has been turned on.

Displaying the current time, how long the system has been up, number of connected users, and the average processor queue of the last 1, 5 and 15 minutes; by default the information is obtained form /var/run/utmp

/usr/bin/free

This command summarizes the information from /proc/meminfo to display free virtual and physical memory (RAM) on your host. Using the command free -m the output is in MB

/usr/bin/top

The top command is really useful it can be run in batch mode ot interactive mode. In batch mode we can run top from a script to capture information and perhaps mail the results

top -b -n 2 -d2

or to collect inroamtion on running processes just for the user geeko

top -n -n2 -d2 -u geeko

In interactive mode we can use key strokes whule top is running to change the dispplay

  • l to toggle on and off the uptime
  • m to toggle on and off the free memory display
  • t to toggle on and off the cpu tasks display
  • F will allow us to change the colum we sort on from the CPU utilization
  • f will allow us to change the fields to display