"Processes in Linux: Uncovering the Unique Skills of Task Management" (ps, top, etc.)

Welcome to my blog, in the world of code, every line is a story

## Preface

In the Linux world, processes and threads are the core of system operation. Knowing how to view and manage these tasks is an essential skill for every system administrator and developer. This article will reveal to you the wonderful ways to view processes and threads in Linux and lead you into the mysterious door of task management.

Basic commands: ps and top

ps and top are two common commands used to view process information on Unix/Linux systems.

Use ps command to view process information:

psThe command is used to display the status of the current process. Here are some commonly used ps command options:

• ps aux: Show detailed information of all processes.
• ps aux | grep <process_name>: Find information about a specific process.
• ps -ef: Display process tree.
• ps -e --forest: Display process tree, showing the relationship between processes in a tree structure.

For example, to view details of all processes, you can run:

ps aux

Use top to monitor system tasks in real time:

topThe command provides real-time and dynamic viewing of system task information. It regularly updates and displays the list of processes running in the system, as well as the resource usage of each process. Here are some commonly used top command options:

• top: By default, the system task list is displayed interactively.
• top -n 1: Execute the top command once and then exit, suitable for viewing transient status.
• top -p <pid>: Display information about a specific process.
• top -u <username>: Display process information for a specific user.

For example, to interactively display a list of live system tasks, you can run:

top

In interactive modetop, you can use some keyboard commands to sort and filter, such as pressing P to sort by CPU usage, Press the M key to sort by memory usage, etc.

These two commands provide different ways to view system process information. ps provides a one-time snapshot, and top provides real-time dynamic monitor. You can choose which command to use based on your specific needs.

Process details pstree and pgrep

pstree and pgrep are two commonly used commands for viewing and manipulating processes on Unix/Linux systems.

Use pstree to display the tree structure of the process:

pstreeThe command displays the hierarchical relationship of processes in a tree structure. It allows you to more clearly understand the parent-child relationship between processes. Here are some commonly used pstree command options:

• pstree: Display the entire process tree.
• pstree -p: Displays the process tree and displays the PID of each process.
• pstree -u: Display the process tree and the user to which each process belongs.

For example, to display the entire process tree, run:

pstree

Use pgrep to find a process by name:

pgrepThe command finds the PID of a process based on its name. Here are some commonly used pgrep command options:

• pgrep <process_name>: Find the PID of a process based on its name.
• pgrep -l <process_name>: Displays the PID and process name that match the process name.
• pgrep -f <pattern>: Use regular expressions to find processes that contain a specified pattern on the command line.

For example, to find the PID of a process named nginx, you would run:

pgrep nginx

If you want to display the PID and process name that match the process name, you can run:

pgrep -l nginx

This will display output similar to "1234 nginx" where 1234 is the PID of the process and nginx is the name of the process.

These two commands provide different perspectives, pstree shows the hierarchy of processes, while pgrep can find processes based on name or other criteria. Depending on your needs, you can choose to use one or a combination of both commands.

Process status and resources: htop

htop is an interactive, more intuitive process viewing tool that provides more functions and a friendlier user interface than top. htop Allows you to more easily view and manage the processes running on your system.

Here are some common features of htop:

• Colorized display: htop Differentiate different types of processes by color, making it easier for users to identify the status of the process.

• Interactive interface: htop provides an interactive interface that allows users to sort, filter, and operate using the keyboard.

• Tree structure: Similar to pstree, htop provides a tree structure display method, allowing users to Able to clearly understand the hierarchical relationships between processes.

• Real-time update: htop will update the process list and resource usage in real time, allowing users to obtain system status in a timely manner.

To use htop, first make sure you have the tool installed. You can use package management tools (such as apt, yum, etc.) to install, for example:

# 使用 apt 安装 htop（适用于 Debian/Ubuntu 系统）
sudo apt-get install htop

# 使用 yum 安装 htop（适用于 CentOS/RHEL 系统）
sudo yum install htop

After the installation is complete, just enter htop in the terminal to start htop:

htop

In the htop interface, you can use different keys on the keyboard to sort, filter, view help, etc. Some commonly used keys include:

• F2: Enter the settings interface and configure the displayed columns and sorting method.
• F4: Enter search mode and filter processes based on keywords.
• F5: Refresh the screen.
• F9: Enter the process killing interface, and you can choose to kill a process.

htop is a powerful tool that can more intuitively view process status and understand resource usage. htop is a very useful choice when you need to monitor system processes in real time.

Inter-process relationship: lsof and fuser

lsof and fuser are two commands used to view the relationship between processes. They can help you understand which processes occupy the file and which processes are accessing a certain file.

Use lsof to see which processes occupy the file:

lsofThe (List Open Files) command is used to display the list of open files in the current system. Here are some commonly used lsof command options:

• lsof <filename>: Display the processes occupying the specified file.
• lsof -i: Display network connection status.
• lsof -i :<port>: Display the processes occupying the specified port.
• lsof -u <username>: Display files opened by a specific user.

For example, to see which processes the file /var/log/syslog is occupied by, you can run:

lsof /var/log/syslog

Use fuser to find access to a file by a process:

fuserThe command is used to find which processes on a file or file system are accessed. Here are some commonly used fuser command options:

• fuser <filename>: Displays the processes accessing the specified file.
• fuser -k <filename>: Kill the process accessing the specified file.
• fuser -v <filename>: Show detailed information, including the process's PID and user.

For example, to view the access process of file /var/log/syslog, you can run:

fuser /var/log/syslog

This will display the PID of the process accessing the file.

These two commands can help you understand the relationship between files and processes, and are very useful for troubleshooting problems, finding resource usage, etc. Depending on the situation, you can choose to use one or a combination of both commands.

Process monitoring and restrictions

ulimit and kill are two commonly used commands for process monitoring and limiting. ulimit is used to set user-level resource limits, while kill is used to terminate or send a signal to a process.

Use ulimit to set user-level resource limits:

ulimitThe command is used to view and set user-level resource limits. Here are some commonly used ulimit command options:

• ulimit -a: Shows the current values ​​of all resource limits.
• ulimit -c unlimited: Set core dump size to unlimited.
• ulimit -n <max_open_files>: Set the maximum number of open files.
• ulimit -u <max_user_processes>: Set the maximum number of user processes.

For example, to set the maximum number of open files to 1024, run:

ulimit -n 1024

Use kill to end the process:

killThe command is used to send a signal to a process. Here are some commonly used kill command options:

• kill <PID>: Send the default termination signal (SIGTERM) to the specified process.
• kill -9 <PID>: Forcefully terminate the specified process (send SIGKILL signal).
• killall <process_name>: Send signal to all processes with the same name.

For example, to kill the process with PID 1234, run:

kill 1234

Or use the -9 option to force termination:

kill -9 1234

This will send the SIGKILL signal, forcing the process to terminate even if it cannot terminate normally.

These two commands are very useful for monitoring and controlling processes. Use ulimit to set user-level resource limits, and kill to end processes, helping to manage running processes in the system. Use kill -9 with caution as it will immediately terminate the process, possibly resulting in data loss or corruption.

Process debugging tools

strace and gdb are two tools used for process debugging and tracing on Linux systems.

Use strace to trace process system calls:

straceThe command is used to trace system calls and signals of a process. Here are some commonly used strace command options:

• strace <command>: Runs the specified command and traces its system calls.
• strace -p <PID>: Trace the system calls of the specified PID process.
• strace -c <command>: Count the number and time of system calls.
• strace -e trace=<syscall>: Only trace specified system calls.

For example, to trace the system calls of a command, you can run:

strace ls

Use gdb for process debugging:

gdb (GNU Debugger) is a powerful debugging tool used to debug programs in programming languages ​​such as C and C++. Here are some commonly used gdb commands:

• gdb <executable>: Starts gdb and loads the specified executable file.
• run <arguments>: Run the program with command line parameters.
• break <function>: Set a breakpoint at the specified function.
• info breakpoints: Display information about all current breakpoints.
• list <function>: Display the source code of the specified function.
• step: Execute a statement and enter the function.
• next: Execute a statement without entering the function.
• continue: Continue program execution until the next breakpoint is encountered.
• quit: Exit gdb.

For example, to debug an executable named example, run:

gdb ./example

Then, you can use run to start the program, break to set breakpoints, and step, next perform single-step debugging, use continue to continue execution, and finally use quit to exit gdb.

These two tools are very useful in troubleshooting problems, locating program errors, etc. strace can be used to trace system calls, while gdb provides a more comprehensive debugging function, allowing you to view variables, call stacks and other information during program execution.

Summarize:

By studying this article, readers will master a variety of Linux task management skills. From basic to advanced, we dive into various tools and methods for viewing processes and threads. Whether you are new to Linux or an experienced user, this blog provides you with a comprehensive task management solution. Let us uncover the mystery of Linux task management together!

Conclusion

Thank you very much for reading the entire article. I hope you gained something from it. If you find it valuable, please like, collect, and follow my updates. I look forward to sharing more technologies and thoughts with you.