Keep Linux processes under control

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

ANALYSIS
In Linux, instances of currently running programs are referred to as processes. When you start Apache for example, it is assigned a process ID. This ID is then used to monitor and control the program. Monitoring and controlling processes is a core responsibility of any Linux system administrator. An admin can stop ("kill") a process, restart it, or even assign it a different priority. The standard Linux commands ps and top are commonly used to look at the current process table. I'm going to show you how to use these and other commands to manage processes on a Linux system. Monitoring processes with ps
One of the standard tools for monitoring Linux processes is ps, which is short for process status. This command returns information on running programs. The information can include the username a program is running under, the amount of CPU it is using, and the length of time it has been running. This data can be valuable when you need to manually stop a program or if you just need to determine what program is slowing down the system. If you issue the ps command alone, it will list only processes that are running on the current terminal. Here is an example output of ps run from a remote shell: $ ps
PID TTY         TIME CMD
4684 pts/14   00:00:00 bash
27107 pts/14   00:00:00 ps
Currently, the only processes assigned to this user/terminal are the Bash shell and the ps command itself. You can see the PID (Process ID) listed for each one as well as the TTY, TIME, and CMD. TTY denotes which terminal the process is running on, TIME shows how much CPU time the process has used, and CMD is the name of the command that started the process. As you can see, a standard ps command really just lists the basics. To get more details about the processes running on your Linux system, you will need to pass some command line arguments. Passing ps the commonly used aux arguments will display processes started by other users (a), processes with no terminal or one different from yours (x), and the user who started the process and when it began (u). Listing A shows an example of what the output of ps aux might look like. There is a lot more information now. The fields USER, %CPU, %MEM, VSZ, RSS, STAT, and START have been added. Let's take a quick look at what this tells you. First, you now see all processes, not just the ones running on your terminal. The USER field shows you which user initiated the command. Many processes begin at system start time and often list root or some system account as the USER. Other processes are, of course, run by individuals. That information alone could help narrow down a problem. Say a user begins a script that eats up a lot of I/O on a production server. Being able to immediately tell who ran the program can speed up the time to resolution. The %CPU, %MEM, VSZ, and RSS fields all deal with system resources. First, you can see what percentage of the CPU the process is currently utilising. This information is shown in real time, so spikes can be harder to detect with ps. You may find yourself running ps commands rather frequently trying to catch a culprit process. Along with CPU utilisation, you can see current memory utilisation and its VSZ (virtual memory size) and RSS (resident set size). VSZ is the amount of memory the program would take up if it were all in memory; RSS is the actual amount currently in memory. Knowing how much a process is currently eating will help determine if it is acting normally or has spun out of control. Programs have a tendency to consume more memory and CPU than they should. While programmers work hard to make sure their code handles resources well, sometimes it is up to an administrator to decide if it needs to be stopped or restarted. You will notice a "?" in most of the TTY fields in the ps aux output. This is because most of these programs were started at boot time and/or by init scripts. The controlling terminal does not exist for these processes; thus, the question mark. On the other hand, the command linux-sanity-check has a TTY value of pts/14. This is a command being run from a remote connection and has a terminal associated with it. This information is helpful for when you have more than one connection open to a machine and want to determine which window a command is running in. STAT shows the current status of a process. In our example, many are sleeping, indicated by an S in the STAT field. This simply means that they are waiting on something. It could be user input or the availability of system resources. The linux-sanity-check, however, has a status of R, meaning it is currently running. Sometimes, you can glance through this list and focus on the R processes. If most processes are sleeping and there is some sort of problem, it can be best to focus on those currently running. That status isn't necessarily a bad sign, but sometimes a process that has been running overly long is an indication of some deeper issue.

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

SPM

The 2 million number quoted is shipments not sales, an exact repeat of last year's dire sales of WP7. Sales to customers are likely to number only...

3 hours ago by SPM on Nokia earnings fail to shine despite Lumia
apexwm

It sounds like this is just another variable in the complex equation of Microsoft licensing, which often results in customers overpaying as it is....

4 hours ago by apexwm on UK customers to lose out in Microsoft licensing change
chonzchor

I am really thankful to you for this nice and beautiful information.I really like this. cable ties

5 hours ago by chonzchor on Currys £16.99 USB cable rip-off.
Brian Jones

What would be nice would be if Microsoft practiced consistent pricing between the US and Europe.

10 hours ago by Brian Jones via Facebook on UK customers to lose out in Microsoft licensing change
Karen Friar

@Scott Deagan: Ofcom dedicated a section to upload speeds - see page 19 onward of its full report:...

10 hours ago by Karen Friar on UK broadband speed climbs 22 percent
EUDataProtection

The EU proposals can all be read in full on the reform website: http://ec.europa.eu/justice/data-protection/minisite/index.html

11 hours ago by EUDataProtection on Firms face tough new EU fines for data breaches
Jake Rayson

Found out that Taskwarrior stores all data in plain text files: "Task writes all pending tasks to the file ~/.task/pending.data and all completed...

13 hours ago by Jake Rayson on Taskwarrior: command line task manager
ians1

"...based 6,000 miles away..." Indeed, so who do you complain to when things go wrong? I would not buy shares in Faecebook even if I could...

14 hours ago by ians1 on Facebook plans to raise $5bn via share launch
servermanagement

These are really very useful tips of backing up the system. Each tips are important and essential to prevent loosing all the data that we have....

16 hours ago by servermanagement on Ten ways to take the sting out of IT disasters
Scott Deagan

Why is the upstream never discussed? I'd like to see Ofcom explain to Internet users why people in the UK can only get a maximum of 10Mb/s upstream...

24 hours ago by Scott Deagan via Facebook on UK broadband speed climbs 22 percent
Moley

Seemingly a very strange decision, even perverse. Mind you, the basis of the decision is hardly explained here or in Cnet. Perhaps we will hear...

1 day ago by Moley on Free Maps costs Google £400K in damages in France
Jake Rayson

@OccupyACAT: I had heard mention of the Emacs extension but not the Ubiquity project. Interesting to see an idea spread almost simultaneously! Re....

1 day ago by Jake Rayson on Ubuntu HUD Intenterface? Sublime already there!
markhumphryes

With no Flash support on LoveFilm, mobile devices running Android will not be able to use it - I presume - I tried a trial via my Galaxy Tab 10.1...

1 day ago by markhumphryes on Lovefilm drops Flash, kills Linux support
manek

And people wonder why there is caution about doing business with large, consumer-focused technology companies, most of which are based 6,000 miles...

2 days ago by manek on Facebook plans to raise $5bn via share launch
manek

Yes, frameworks and smarter compilers - but I suspect a lot of the code will have to be written with parallel processing as one of its fundamental...

2 days ago by manek on Parallel computing takes a step forward
Simon Bisson and Mary Branscombe

Well, this is why I'm both fascinated and slightly worried; parallel computing and concurrency and complex architectures don't seem to be something...

2 days ago by Simon Bisson and Mary Branscombe on Parallel computing takes a step forward
ians1

Let's hope that they take more notice of their shareholders than they do of their poor customers! I have never experienced customer service as bad...

2 days ago by ians1 on Facebook plans to raise $5bn via share launch
servermanagement

Thanks for the heads up. Will definitely check this HUD Intenterface.

2 days ago by servermanagement on Linux Minterface
Will A

Some more observations by an extremely frustrated user in Canada (apparently every country has a different set of "issues"): The web interfaces...

2 days ago by Will A on Cambridge researchers knock Verified by Visa
Jake Rayson

@zdnetukuser: I hope there's more conciliation and less bitterness in the graphical shell camps, I'd like to Ubuntu to succeed, I *want* to have a...

2 days ago by Jake Rayson on Linux Minterface