Relearn computer (IX. process related commands and pid)

Posted by mgurain on Sat, 01 Jan 2022 02:34:23 +0100

The last section focuses on the part of creating a process. This article looks at the process related commands and PIDs.

9.1 process related commands

Before talking about status, let's take a look at the process related commands and how to view the basic information of a process.

9.1.1 ps

process status. Command is used to display the status of the current process, similar to the task manager of windows.

root@ubuntu:~/c_test/09# ps --help all

 ps [options]

Basic options:
 -A, -e               All processes
 -a                   Display all processes of the same terminal
  a                   All terminal processes, including other users
 -d                   all except session leaders
 -N, --deselect       Reverse selection
  r                   Running program
  T                   All processes of the terminal
  x                   Process without control terminal

Selection by list:
 -C <command>         command name
 -G, --Group <GID>    Real group id Or name
 -g, --group <group>  Session or valid group name
 -p, p, --pid <PID>   process pid
        --ppid <PID>  Parent process ID
 -q, q, --quick-pid <PID>
                      process id (quick mode)
 -s, --sid <session>  session id
 -t, t, --tty <tty>   terminal
 -u, U, --user <UID>  Valid user id Or name
 -U, --User <UID>     Real users id Or name

  The selection options take as their argument either:
    a comma-separated list e.g. '-u root,nobody' or
    a blank-separated list e.g. '-p 123 4567'

Output formats:
 -F                   extra full
 -f                   full-format, including command lines
  f, --forest         ascii art process tree
 -H                   Show the hierarchy of processes
 -j                   jobs format
  j                   BSD job control format
 -l                   long format
  l                   BSD long format
 -M, Z                add security data (for SELinux)
 -O <format>          preloaded with default columns
  O <format>          as -O, with BSD personality
 -o, o, --format <format>
                      user-defined format
  s                   signal format
  u                   user-oriented format
  v                   virtual memory format
  X                   register format
 -y                   do not show flags, show rss vs. addr (used with -l)
     --context        display security context (for SELinux)
     --headers        repeat header lines, one per page
     --no-headers     do not print header at all
     --cols, --columns, --width <num>
                      set screen width
     --rows, --lines <num>
                      set screen height

Show threads:
  H                   as if they were processes
 -L                   possibly with LWP and NLWP columns
 -m, m                after processes
 -T                   possibly with SPID column

Other items:
 -c                   show scheduling class with -l option
  c                   show true command name
  e                   Show environment after command
  k,    --sort        specify sort order as: [+|-]key[,[+|-]key[,...]]
  L                   show format specifiers
  n                   display numeric uid and wchan
  S,    --cumulative  include some dead child process data
 -y                   do not show flags, show rss (only with -l)
 -V, V, --version     display version information and exit
 -w, w                unlimited output width

        --help <simple|list|output|threads|misc|all>
                      display help and exit

For more details see ps(1).

There are many parameters above. Let's list some common commands:

1. ps x		// Process without control terminal (I don't know what is a process without control terminal at present)
2. ps ax 	// Display all processes without control terminal
3. ps aux	// Displays comprehensive information about the process
4. ps aux --sort -pcpu		// Sort in ascending order based on CPU usage
5. ps aux --sort -pmem		// Sort in ascending order based on memory usage
6. ps -f -C test_file			// View process information by process name -f show more details
7. ps -ef 	// Show more details of all processes

There are indeed many parameters of ps, which can be divided into several categories, and the possible meanings of parameters with - and without - are also different. For example, ps -ef is equivalent to ps -e -f.

If you don't know in the future, you can check the help information above, and list some commands you often use. In fact, these commands are enough.

There is also a link below, which is very good.

10 important Linux ps commands

Both ps aux and ps -ef display process information. What's the difference between the two

ps -ef is a standard format for displaying processes:

ps aux is displayed in BSD format:

In fact, it feels the same.

9.1.2 top

Look at the help document first

Interactive command help - procps-ng version 3.3.10
Window 1:Def: Cumulative mode Off.  System: Delay 3.0 secs; Secure mode Off.

  Z,B,E,e   Global: 'Z' colors; 'B' bold; 'E'/'e' Modify the unit of memory
  l,t,m     Toggle Summary: 'l' average value; 't' task/cpu stats; 'm' memory info
  0,1,2,3,I Toggle: '0' Hide 0; '1/2/3' cpus or numa node views; 'I' Irix mode
  f,F,X     Fields: 'f'/'F' add/remove/order/sort; 'X' increase fixed-width

  L,&,<,> . Locate: 'L'/'&' find/again; Move sort column: '<'/'>' left/right
  R,H,V,J . Toggle: 'R' Press pid sort; 'H' View Thread; 'V' View process tree by; 'J' Aligned
  c,i,S,j . Toggle: 'c' Cmd name/line; 'i' The feeling is not to show idle; 'S' Time; 'j' Str justify
  x,y     . Toggle highlights: 'x' sort field; 'y' Currently running tasks
  z,b     . Toggle: 'z' color/mono; 'b' bold/reverse (only if 'x' or 'y')
  u,U,o,O . Filter by: 'u'/'U' effective/any user; 'o'/'O' other criteria
  n,#,^O  . Set: 'n'/'#' max tasks displayed; Show: Ctrl+'O' other filter(s)
  C,...   . Toggle scroll coordinates msg for: up,down,left,right,home,end

  k,r       Manipulate tasks: 'k' kill; 'r' renice
  d or s    Set update interval
  W,Y       Write configuration file 'W'; Inspect other output 'Y'
  q         Quit
          ( commands shown with '.' require a visible task display window ) 
Press 'h' or '?' for help with Windows,
Type 'q' or <Esc> to continue

Important commands:

1.  t m  // More friendly display process CPU occupancy, as well as memory occupancy
2.  1   // Display multiple CPUs
3.  M   // Sort by memory usage
4.  P   // Sort by CPU usage
5.  T   // Sort according to the running time of the process
6.  U   // You can filter processes based on the user name you enter later
7.  H   // View Thread
8.  '<'/'>'   Turn the page
9.  K	// The process can be killed according to the PID entered later

9.1.3 kill

The kill command is simpler.

Use format:

kill [-signal]

The signal value will be discussed later. There are many signals. This kill is equal to sending a signal message to the pid process.

Example: Kill: This is to kill the process gracefully. The variables applied in the process will not be killed until they are released.

kill -9: This is forced killing, but the process will be killed directly if the resources are not released.

kill -9 -1: if pid=-1, it is equivalent to killing all processes. This should be used with caution.

9.2 process number

9.2.1 pid

Through the above command analysis, a very important point is pid. In fact, under linux, each process has a unique process ID represented by non negative shaping, which is pid.

pid actually represents this process. The process control block in the kernel is also searched through this pid.

9.2. 2 process number correlation function

linux system provides functions for obtaining process numbers. Let's take a look.

#include <sys/types.h>
#include <unistd.h>

pid_t getpid(void);		// Returns the process ID of the calling process
pid_t getppid(void);	// Returns the parent process ID of the calling process
uid_t getuid(void);		// The actual user ID of the calling process
uid_t geteuid(void);	// Valid user ID of the calling process
gid_t getgid(void);		// The actual group ID of the calling process
gid_t getegid(void);	// Valid group ID of the calling process

Let's look at these functions by writing an example:

#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>

int main(int argc, char **argv)
    pid_t pid = -1;
    pid = getpid();
    printf("pid = %d\n", pid);

    pid = getppid();
    printf("ppid = %d\n", pid);

    uid_t uid = -1;
    uid = getuid();
    printf("uid = %d\n", uid);		// The process executed by which user is the user id

    uid = geteuid();				// It is the same as uid without modification
    printf("euid = %d\n", uid);

    gid_t gid = -1;
    gid = getgid();
    printf("gid = %d\n", gid);

    git = getegid();
    printf("egid = %d\n", gid);

    return 0;

Results of execution:

chen@ubuntu:~$ ./test_pid 
pid = 1608
ppid = 1563
uid = 1000
euid = 1000
gid = 1000
egid = 1000
chen@ubuntu:~$ getent passwd 1000		# Get user name through uid

Since there is acquisition, there is modification:

#include <unistd.h>

int setuid(uid_t uid);
int setgid(gid_t gid);

This setting has permissions:

You can also set a valid user ID:

#include <unistd.h>

int seteuid(uid_t uid);
int setegid(gid_t gid);

A non privileged user can set its valid user ID to its actual user ID or its saved user ID.

A privileged user can set a valid user ID to uid.

Permission is always a big problem, but it is also because of permission that data can not be read by other users.

9.2. 3 how to allocate pid

Since a pid corresponds to a process, do you want to know how pid is allocated?

The pid allocation algorithm of linux adopts the delayed reuse algorithm, that is, the ID allocated to the newly created process shall not be repeated with the recently terminated process ID as far as possible, because many programs will judge according to the pid to prevent misjudging the newly created process as an exited process with the same process ID.

What method does the kernel use:

  1. It also uses bitmap to record the allocation of process ID (0 is available and 1 is the process in use)
  2. Record the last allocated process ID to last_pid, when allocating process ID, from last_pid+1 starts to find the available ID from the bitmap.
  3. If the last bit found in the bitmap collection is still unavailable, roll back to the starting position of the bitmap collection and find it from the beginning.

The loopback generally starts from 300, because the pid below 300 will be occupied by the system and cannot be assigned to the user process. (just like a network port)

We can view the maximum pid value of this process:

chen@ubuntu:~$ cat /proc/sys/kernel/pid_max 
chen@ubuntu:~$ sysctl kernel.pid_max 
kernel.pid_max = 131072

In fact, this value can be modified. The modification command is as follows:

root@ubuntu:/home/chen# sysctl -w kernel.pid_max=4194304
kernel.pid_max = 4194304

But the kernel also has a hard upper limit. Let's try:

root@ubuntu:/home/chen# sysctl -w kernel.pid_max=4194305
sysctl: setting key "kernel.pid_max": Invalid argument
kernel.pid_max = 4194305

For a 32-bit system, the hard upper limit of the number of system processes is 32768 (32k)

For a 64 bit system, the hard upper limit of the number of system processes is 4194304 (4M)

9.2. 4 special pid

pid=0: scheduling process, often referred to as exchange process. This process is part of the kernel and does not execute any programs on disk.

pid=1: it is usually an init process, which is called by the kernel at the end of the bootstrap process. The program file for this process is / sbin/init.

pid=2: [kthreadd], whose name is not very clear, is the ancestor of kernel threads.

After knowing the others, add 1, and now you know these.

9.3 process hierarchy

In order to manage processes, processes have other levels, process groups and sessions.

9.3. 1 Process Group

A process group is a collection of one or more processes. In a process group, various signals from the same terminal can be received. Each process group has a unique process group ID.

The process group ID can be returned through the following function:

#include <unistd.h>

pid_t getpgrp(void);
pid_t getpgid(pid_t pid);

Each process group can have a process leader. The identification of the leader process is that its process group ID is equal to its process ID.

Processes can also join an existing group or create a new process group through functions:

#include <unistd.h>

int setpgid(pid_t pid, pid_t pgid);

If the pid value is 0: it indicates that the process group ID of the calling process is to be modified.

If pgid is 0, the process ID specified by pid will be used as the process group ID.

This function has many limitations:

  • The pid parameter must be specified as the process or its child process calling the setpid function. The process group ID of unrelated processes cannot be modified at will.
  • The pid parameter can specify the child process of the calling process, but if the child process has executed the exec function, the process group ID of the child process cannot be modified.
  • When moving between process groups, the calling process, the process specified by pid and the target process group must be in the same session.
  • The process specified by pid cannot be the first process of the session.

9.3. 2 sessions

A session is a collection of one or more process groups.

Session functions provided by linux system:

#include <unistd.h>

pid_t setsid(void);
pid_t getsid(pid_t pid);

Let's analyze a setsid:

If the calling process of this function is not the process group leader, the following things will happen when calling this function:

  1. Create a new session. The session ID is equal to the process ID. the calling process is called the first process of the session.
  2. Create a process group, the process group ID is equal to the process ID, and the calling process becomes the leader of the process group.
  3. The process has no control terminal. If the process has a control terminal before calling setsid, this connection will be broken.

The process calling setsid function cannot be the process group leader, otherwise the call fails. This is because if it occurs, the processes of the same process group belong to incompatible sessions, so it can't.

To tell you the truth, I'm confused about these concepts, but let's look at specific examples to make it clear. Use the command ps axjf

    987    2305    2305    2305 ?             -1 Ss       0   0:00  \_ sshd: root@pts/0
   2305    2340    2340    2340 pts/0       2494 Ss       0   0:00  |   \_ -bash
   2340    2358    2358    2340 pts/0       2494 S        0   0:00  |       \_ su chen
   2358    2359    2359    2340 pts/0       2494 S     1000   0:00  |           \_ bash
   2359    2483    2483    2340 pts/0       2494 S        0   0:00  |               \_ su
   2483    2484    2484    2340 pts/0       2494 S        0   0:00  |                   \_ bash
   2484    2494    2494    2340 pts/0       2494 R+       0   0:00  |                       \_ ps axjf
    987    2431    2431    2431 ?             -1 Ss       0   0:00  \_ sshd: root@pts/1
   2431    2460    2460    2460 pts/1       2481 Ss       0   0:00      \_ -bash
   2460    2481    2481    2460 pts/1       2481 R+       0   0:10          \_ ./test_file
   2481    2482    2481    2460 pts/1       2481 R+       0   0:10              \_ ./test_file

The first column is ppid, the parent process id

The second column is pid

The third column is pgid and two tests_ File belongs to a process group

The fourth column is sid, session, so all processes at a terminal belong to one session.

It is learned from here that bash executes a program, which should be the pgid of the modified child process.

This article feels like writing some concepts, but there is no way. There are many concepts of process.

Topics: ps pid