ps is the abbreviation of Process Status, which lists snapshots of processes running in the current system. The use of ps can determine which processes are running, the state of the process running, whether the process is over, whether the process is dead, which processes occupy too much resources, and so on.
ps provides a one-time process view, the results are not dynamic continuous, if you want to monitor the process time, you can use top. Kill can be used to kill processes.
Five states of linux processes:
Running (running or waiting in the running queue)
Interruption (Hibernation, obstruction, waiting for a condition to form or receive a signal)
Non-interruptible (signals received do not wake up and cannot run, processes must wait until interruptions occur)
Zombie (process terminated, but process descriptor exists until the parent calls wait4() system call and releases)
Stop (process stops running after receiving SIGSTOP, SIGSTP, SIGTIN, SIGTOU signals)
ps identifies five status codes of a process:
D, uninterruptible sleep (usually IO), uninterruptible
R, runnable (on run queue), run
S, sleeping, interruption
T, traced or stopped, stop
Z, a defunct ("zombie") process, dead
1. Command format
ps [parameter]
2. Command Function
Used to display the status of the current process
3. Command parameters
- a, showing all programs under the same terminal
- A, showing all processes
- c, showing the real name of the process
- N, Reverse Selection
- e, equal to "-A"
- f. Display the relationship between programs
- H, showing tree structure
- r, showing the process of the current terminal
- T, showing all programs of the current terminal
- u, all processes for the specified user
- au, showing more detailed information
- aux, showing all the itineraries that contain other users
- C < Command >, listing the status of the specified command
Lines < Number of Lines >, Number of Lines Displayed per Page
Width < number of characters >, number of characters displayed per page
- help, display help information
version, Display version Display
4. Use examples
Example 1: Display all process information
Command: ps-A
# ps -A
PID TTY TIME CMD
1 ? 00:00:00 init
2 ? 00:00:01 migration/0
3 ? 00:00:00 ksoftirqd/0
4 ? 00:00:01 migration/1
5 ? 00:00:00 ksoftirqd/1
6 ? 00:29:57 events/0
7 ? 00:00:00 events/1
8 ? 00:00:00 khelper
49 ? 00:00:00 kthread
54 ? 00:00:00 kblockd/0
55 ? 00:00:00 kblockd/1
56 ? 00:00:00 kacpid
217 ? 00:00:00 cqueue/0Example 2: Display specified user information
Command: ps-u root
# ps -u root
PID TTY TIME CMD
1 ? 00:00:00 init
2 ? 00:00:01 migration/0
3 ? 00:00:00 ksoftirqd/0
4 ? 00:00:01 migration/1
5 ? 00:00:00 ksoftirqd/1
6 ? 00:29:57 events/0
7 ? 00:00:00 events/1
8 ? 00:00:00 khelper
49 ? 00:00:00 kthread
54 ? 00:00:00 kblockd/0
55 ? 00:00:00 kblockd/1
56 ? 00:00:00 kacpidExample 3: Display all process information, along with the command line
Command: ps-ef
# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Nov02 ? 00:00:00 init [3]
root 2 1 0 Nov02 ? 00:00:01 [migration/0]
root 3 1 0 Nov02 ? 00:00:00 [ksoftirqd/0]
root 4 1 0 Nov02 ? 00:00:01 [migration/1]
root 5 1 0 Nov02 ? 00:00:00 [ksoftirqd/1]
root 6 1 0 Nov02 ? 00:29:57 [events/0]
root 7 1 0 Nov02 ? 00:00:00 [events/1]
root 8 1 0 Nov02 ? 00:00:00 [khelper]
root 49 1 0 Nov02 ? 00:00:00 [kthread]
root 54 49 0 Nov02 ? 00:00:00 [kblockd/0]
root 55 49 0 Nov02 ? 00:00:00 [kblockd/1]
root 56 49 0 Nov02 ? 00:00:00 [kacpid]Example 4: Combination of ps and grep to find specific processes
Command: ps-ef | grep SSH
# ps -ef|grep ssh
root 2720 1 0 Nov02 ? 00:00:00 /usr/sbin/sshd
root 17394 2720 0 14:58 ? 00:00:00 sshd: root@pts/0
root 17465 17398 0 15:57 pts/0 00:00:00 grep sshExample 5: List the current login PID and related information that belongs to you
Command: ps-l
# ps -l
F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
4 S 0 17398 17394 0 75 0 - 16543 wait pts/0 00:00:00 bash
4 R 0 17469 17398 0 77 0 - 15877 - pts/0 00:00:00 psExplain:
F, flag for the program, 4 for super user, root
S, representing the state of the program (STAT), for the meaning of each STAT, see below
UID, the program is owned by the UID
PID, Program ID
PPID, parent ID
C. Percentage of CPU resources used
PRI, which is the abbreviation of Priority
NI, this is the Nice value.
ADDR, which is the kernel function, indicates the part of the program in memory. If it's a running program, it's usually“-“
SZ, the memory size used by the process
WCHAN, is the process currently running? If "-" means it is running
TTY, the terminal location of the logger
TIME, CPU time used by processes
CMD, instructions
By default, PS lists only the PIDs associated with the current bash shell. So when I use `ps-l', there are only three PIDs.
Example 6: List all programs currently in memory
Command: ps aux
# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10368 676 ? Ss Nov02 0:00 init [3]
root 2 0.0 0.0 0 0 ? S< Nov02 0:01 [migration/0]
root 3 0.0 0.0 0 0 ? SN Nov02 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S< Nov02 0:01 [migration/1]
root 5 0.0 0.0 0 0 ? SN Nov02 0:00 [ksoftirqd/1]
root 6 0.0 0.0 0 0 ? S< Nov02 29:57 [events/0]
root 7 0.0 0.0 0 0 ? S< Nov02 0:00 [events/1]
root 8 0.0 0.0 0 0 ? S< Nov02 0:00 [khelper]
root 49 0.0 0.0 0 0 ? S< Nov02 0:00 [kthread]
root 54 0.0 0.0 0 0 ? S< Nov02 0:00 [kblockd/0]
root 55 0.0 0.0 0 0 ? S< Nov02 0:00 [kblockd/1]
root 56 0.0 0.0 0 0 ? S< Nov02 0:00 [kacpid]Explain:
USER, which user account does the process belong to
PID, the number of the process
% CPU, the percentage of CPU occupied by the process
% MEM, the percentage of physical memory occupied by the process
VSZ, the amount of virtual memory used by the process (Kbytes)
RSS, the fixed amount of memory (Kbytes) used by the process
TTY, which terminal does the process run on? If it has nothing to do with the terminal, it will be displayed. In addition, tty1-tty6 is the login program on the machine. If it is pts/0, it is the program connected to the host by the network.
STAT, the current state of the process, mainly includes:
- R. The program is currently in operation, or can be run.
- S, the program is currently sleeping (idle state), but can be awakened by certain signals.
- T. The program is currently being detected or stopped.
- Z, the program should have been terminated, but its parent program can not terminate him normally, resulting in the state of zombie (Xinjiang corpse) program.
START, the time when the process was triggered to start
TIME, the actual CPU run time of the process
COMMAND, the actual instructions of the program
Example 7: List the display of similar program trees
Command: ps-axjf
# ps -axjf
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
PPID PID PGID SID TTY TPGID STAT UID TIME COMMAND
0 1 1 1 ? -1 Ss 0 0:00 init [3]
1 2 1 1 ? -1 S< 0 0:01 [migration/0]
1 3 1 1 ? -1 SN 0 0:00 [ksoftirqd/0]
1 4 1 1 ? -1 S< 0 0:01 [migration/1]
1 5 1 1 ? -1 SN 0 0:00 [ksoftirqd/1]
1 6 1 1 ? -1 S< 0 29:58 [events/0]
1 7 1 1 ? -1 S< 0 0:00 [events/1]
1 8 1 1 ? -1 S< 0 0:00 [khelper]
1 49 1 1 ? -1 S< 0 0:00 [kthread]
49 54 1 1 ? -1 S< 0 0:00 \_ [kblockd/0]
49 55 1 1 ? -1 S< 0 0:00 \_ [kblockd/1]
49 56 1 1 ? -1 S< 0 0:00 \_ [kacpid]Example 8: Find out the PID related to cron and syslog (commonly used)
# ps aux | egrep '(cron|syslog)'
root 2682 0.0 0.0 83384 2000 ? Sl Nov02 0:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
root 2735 0.0 0.0 74812 1140 ? Ss Nov02 0:00 crond
root 17475 0.0 0.0 61180 832 pts/0 S+ 16:27 0:00 egrep (cron|syslog)Other examples:
- Paging can be done by connecting | pipe to more
Command: ps-aux | more
- Display all processes and output them to the ps001.txt file
Command: ps-aux > ps001.txt
- Output specified fields
# ps -o pid,ppid,pgrp,session,tpgid,comm
PID PPID PGRP SESS TPGID COMMAND
17398 17394 17398 17398 17478 bash
17478 17398 17478 17398 17478 ps