LabEx
Log InJoin Free

Linux Process Displaying

LinuxBeginner
Practice Now

Introduction

Process management is a fundamental aspect of Linux system administration. Every program or command you run in Linux creates a process, and monitoring these processes is essential for maintaining system performance and troubleshooting issues.

This lab will guide you through mastering the ps command, a powerful tool for monitoring and managing processes running on a Linux system. By understanding how to use the ps command and its various options, you will gain valuable insights into what's happening on your system at any given time.

Throughout this lab, you will learn how to display processes in different formats, view all system processes, and understand the detailed information that ps can provide about each process.

Understanding Basic Process Information

In Linux, every running program or command is represented by a process. Each process has a unique identifier known as a Process ID (PID). The ps command allows you to view these processes and obtain information about them.

Let's begin by exploring the basic usage of the ps command.

Basic ps Command

  1. Open your terminal in the LabEx environment. You should start in the ~/project directory.

  2. Type the following command and press Enter:

ps
  1. You will see output similar to:
  PID TTY          TIME CMD
  188 pts/0    00:00:00 zsh
  449 pts/0    00:00:00 ps

Let's understand what this output means:

  • PID: Process ID, a unique number assigned to each process
  • TTY: Terminal type, indicating which terminal the process is running on
  • TIME: The amount of CPU time the process has used
  • CMD: The command that started the process

In this example, you can see:

  • The zsh shell process (your current terminal session)
  • The ps command you just ran

The default ps command only shows processes associated with your current terminal session. This is useful for quickly checking what commands you've recently executed, but it doesn't give you a complete picture of what's happening on your system.

Try running another command, then run ps again to see how the output changes:

echo "Hello, world"
ps

You'll notice that the echo command doesn't appear in the process list. This is because it started and finished so quickly that it was no longer running by the time you executed the ps command.

Viewing All System Processes

In the previous step, you learned that the basic ps command only shows processes related to your current terminal. However, a typical Linux system has many processes running simultaneously, most of which are not directly related to your terminal session.

To get a more complete picture of what's happening on your system, you can use the -e option with the ps command.

Using ps -e to View All Processes

  1. In your terminal, type the following command and press Enter:
ps -e
  1. You will see a much longer list of processes, similar to:
  PID TTY          TIME CMD
    1 ?        00:00:00 init.sh
   22 ?        00:00:00 supervisord
   23 ?        00:00:00 sshd
   32 ?        00:00:00 dbus-daemon
   35 ?        00:00:00 xfce4-session
   ···

This output shows all processes running on the system, not just those associated with your terminal. Notice that many processes have a ? in the TTY column. This indicates that these processes are not associated with any terminal.

Understanding System Processes

Many of the processes you see are system services running in the background. For example:

  • init.sh (PID 1) is the first process started when the system boots
  • supervisord is a process control system
  • sshd is the SSH server daemon
  • dbus-daemon is the D-Bus message bus daemon
  • xfce4-session is part of the Xfce desktop environment

These processes handle various system functions and provide the services that make your Linux system usable.

Counting the Number of Processes

If you want to know how many processes are currently running on your system, you can pipe the output of ps -e to the wc command:

ps -e | wc -l

The number displayed represents the total count of processes running on your system, plus one line for the header.

Displaying Detailed Process Information

Now that you can view all processes running on your system, let's learn how to get more detailed information about each process. The -f option for the ps command provides a "full format" listing with additional details.

Using ps -ef for Detailed Information

  1. In your terminal, type the following command and press Enter:
ps -ef
  1. You will see output similar to:
UID          PID    PPID  C STIME TTY          TIME CMD
root           1       0  0 16:45 ?        00:00:00 /bin/bash /etc/shiyanlou/sbin/init.sh
root          22       1  0 16:45 ?        00:00:00 /usr/bin/python3 /usr/bin/supervisord -n
root          23      22  0 16:45 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
labex        188     187  0 16:46 pts/0    00:00:00 -zsh
labex        677     188  0 16:55 pts/0    00:00:00 ps -ef

This format provides much more detailed information about each process:

  • UID: User ID of the process owner
  • PID: Process ID
  • PPID: Parent Process ID (the process that started this one)
  • C: CPU utilization
  • STIME: Start time of the process
  • TTY: Terminal associated with the process
  • TIME: CPU time used by the process
  • CMD: Full command with its arguments

Understanding Process Relationships

The PPID column is particularly useful for understanding how processes relate to each other. Every process (except for the very first one) is started by another process, creating a parent-child relationship.

For example, in the output above:

  • Process with PID 1 (init.sh) has a PPID of 0 (it's the first process)
  • Process with PID 22 (supervisord) has a PPID of 1 (it was started by init.sh)
  • Process with PID 23 (sshd) has a PPID of 22 (it was started by supervisord)

This hierarchical relationship forms a "process tree," which you can visualize with specialized tools like pstree (not covered in this lab).

Filtering Process Information

You can combine ps with grep to filter for specific processes. For example, to find all processes related to the zsh shell:

ps -ef | grep zsh

This will show you all processes that have "zsh" in their command name.

Try searching for other processes on your system:

ps -ef | grep bash

This combination of ps with filtering tools makes it a powerful command for system monitoring and troubleshooting.

Process Information Sorting and Advanced Options

Now that you have learned about basic process information and detailed listings, let's explore some additional options that make the ps command even more useful.

Custom Format with ps

The ps command allows you to create custom outputs with specific information that interests you. The -o option lets you specify which columns to display:

ps -eo pid,ppid,cmd,%cpu,%mem --sort=-%cpu

This command displays:

  • Process ID (pid)
  • Parent Process ID (ppid)
  • Command (cmd)
  • CPU usage percentage (%cpu)
  • Memory usage percentage (%mem)

The --sort=-%cpu parameter sorts processes by CPU usage in descending order (the minus sign before %cpu indicates descending order).

You should see output similar to:

  PID  PPID CMD                         %CPU %MEM
  789   788 ps -eo pid,ppid,cmd,%cpu,%  0.0  0.1
  188   187 -zsh                        0.0  0.1
   35    34 xfce4-session               0.0  0.2
   32     1 /usr/bin/dbus-daemon --sys  0.0  0.0
   23    22 sshd: /usr/sbin/sshd -D [l  0.0  0.1
   22     1 /usr/bin/python3 /usr/bin/  0.0  0.2
    1     0 /bin/bash /etc/shiyanlou/s  0.0  0.0

Finding Memory-Intensive Processes

If you want to identify which processes are using the most memory, you can sort by memory usage instead:

ps -eo pid,user,cmd,%mem --sort=-%mem | head -n 6

This command displays the top 5 memory-consuming processes (plus the header line) with their PID, user, command, and memory usage percentage.

Understanding Process States

Processes can be in different states. Let's see this information:

ps -eo pid,stat,cmd

The STAT column shows the process state using single-letter codes:

  • R: Running or runnable
  • S: Sleeping in an interruptible wait
  • D: Uninterruptible sleep (usually IO)
  • Z: Zombie process
  • T: Stopped or being traced

Additional characters may appear after the status letter:

  • <: High-priority
  • N: Low-priority
  • s: Session leader
  • +: In the foreground process group

This information helps in understanding what processes are doing at any given moment.

Hierarchical View with pstree

While not part of the ps command itself, the pstree command provides a visual representation of the process hierarchy:

pstree

This shows the relationships between processes in a tree-like format, making it easier to understand how processes are related to each other.

Real-time Process Monitoring

While the ps command provides a snapshot of processes at a particular moment, sometimes you need to monitor processes continuously. In this step, we will explore tools for real-time process monitoring.

Using the top Command

The top command provides a dynamic real-time view of the running system. It displays system summary information as well as a list of processes or threads currently managed by the Linux kernel.

Run the following command:

top

You will see something like:

top - 17:15:23 up 30 min,  1 user,  load average: 0.00, 0.01, 0.05
Tasks:  31 total,   1 running,  30 sleeping,   0 stopped,   0 zombie
%Cpu(s):  0.0 us,  0.3 sy,  0.0 ni, 99.7 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   1975.1 total,   1558.7 free,    180.4 used,    236.1 buff/cache
MiB Swap:    975.0 total,    975.0 free,      0.0 used.   1651.3 avail Mem

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
    1 root      20   0    8988   3208   2556 S   0.0   0.2   0:00.07 init.sh
   22 root      20   0   39528   8596   6088 S   0.0   0.4   0:00.20 supervisord
   23 root      20   0   12128   6788   5864 S   0.0   0.3   0:00.00 sshd
   ...

The output is divided into two parts:

  1. System summary (top 5 lines)
  2. Process list (sorted by CPU usage by default)

To exit top, press the q key.

Understanding top Output

The system summary provides:

  • Uptime and load averages
  • Task counts by state (running, sleeping, stopped, zombie)
  • CPU usage breakdown
  • Memory and swap usage

The process list shows:

  • PID: Process ID
  • USER: User owner
  • PR: Priority
  • NI: Nice value
  • VIRT: Virtual memory used
  • RES: Resident memory used
  • SHR: Shared memory
  • S: Process status
  • %CPU: CPU usage
  • %MEM: Memory usage
  • TIME+: CPU time used
  • COMMAND: Command name

Interactive Commands in top

While top is running, you can use various keyboard commands to interact with it:

  • Press M to sort by memory usage
  • Press P to sort by CPU usage
  • Press k followed by a PID to kill a process
  • Press h for help

Try pressing M while running top to see processes sorted by memory usage.

Using the watch Command with ps

Another approach to real-time monitoring is using the watch command with ps. This runs a command periodically and displays the output, allowing you to see changes over time.

watch -n 1 'ps -eo pid,ppid,cmd,%cpu,%mem --sort=-%cpu | head -n 6'

This refreshes every 1 second and shows the top 5 CPU-consuming processes.

To exit from watch, press Ctrl+C.

The combination of ps with utilities like watch gives you powerful capabilities for monitoring your system's processes in real-time.

Summary

Throughout this lab, you have learned essential skills for monitoring and managing processes in a Linux system using the ps command and related tools. Here's a recap of what you've covered:

  1. Basic process information: You learned to use the basic ps command to view processes associated with your current terminal session, understanding the basic output format including PID, TTY, TIME, and CMD.

  2. System-wide process viewing: You mastered using ps -e to view all processes running on the system, not just those associated with your terminal.

  3. Detailed process information: You explored the ps -ef command to get detailed information about processes, including user IDs, parent process IDs, start times, and full command lines.

  4. Advanced sorting and formatting: You discovered how to create custom outputs with specific columns and sorting options using ps -eo and the --sort parameter.

  5. Real-time monitoring: You learned to use the top command for dynamic real-time process viewing and how to combine ps with other utilities like watch for continuous monitoring.

These skills are fundamental for system administration, troubleshooting, and performance monitoring in Linux environments. Understanding what processes are running and how they're consuming system resources is essential for maintaining system health and diagnosing issues.

As you continue working with Linux systems, the ability to effectively monitor and manage processes will be one of your most valuable skills.

Related Linux Courses
Quick Start with Linux

Quick Start with Linux

linux
Become a Junior System Administrator

Become a Junior System Administrator

linuxshell
Linux for Noobs

Linux for Noobs

linux