Process Management (ps, top, renice, kill)
This article introduces some of the commands and utilities used to manage processes on Linux, with specific reference to the information needed for the RHCSA EX200 and RHCE EX300 certification exams.
Remember, the exams are hands-on, so it doesn’t matter which method you use to achieve the result, so long as the end product is correct.
ps
The ps command produces a report of the current processes on the system. The man page is very comprehensive, including the options to perform some useful common tasks.
To see every process on the system using standard syntax:
ps -e
ps -ef
ps -eF
ps -ely
To see every process on the system using BSD syntax:
ps ax
ps axu
To print a process tree:
ps -ejH
ps axjf
To get info about threads:
ps -eLf
ps axms
To get security info:
ps -eo euser,ruser,suser,fuser,f,comm,label
ps axZ
ps -eM
To see every process running as root (real & effective ID) in user
format:
ps -U root -u root u
To see every process with a user-defined format:
ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
ps -eopid,tt,user,fname,tmout,f,wchan
Print only the process IDs of syslogd:
ps -C syslogd -o pid=
Print only the name of PID 42:
ps -p 42 -o comm=
If there are a lot of processes on the system, you will probably want to page through or limit them using one of the filtering options, or the grep command.
# Shows a page at a time.
ps -ef | more
# Returns only those lines containing the string "ora".
ps -ef | grep ora
# Returns only those lines containing the string "ora",
# with a case-insensitive search.
ps -ef | grep -i ora
# Returns only those lines containing the string "ora",
# omitting the grep line using "grep -v".
ps -ef | grep ora | grep -v grep
# Returns only those lines containing the string "ora",
# omitting the grep line using a regular expression.
ps -ef | grep [o]ra
top_cmd
The top command is probably the most well know utility for displaying the most resource intensive processes on the system. For the most part you can get away with just running top and looking at the output.
# top
top - 17:14:40 up 6:49, 1 user, load average: 0.00, 0.00, 0.00
Tasks: 104 total, 1 running, 103 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1%us, 0.1%sy, 0.0%ni, 99.6%id, 0.2%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 2050836k total, 459132k used, 1591704k free, 44956k buffers
Swap: 4128760k total, 0k used, 4128760k free, 163880k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
3414 root 20 0 15084 1088 824 R 2.0 0.1 0:00.01 top
1 root 20 0 19396 1500 1192 S 0.0 0.1 0:00.71 init
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
...
If you want to add or remove columns from the display, press the “f” key and toggle the letters in the “Current Fields” string. Capital letters mean the column is displayed. When you are satisfied press the return key and you will see the displayed columns will have changed.
Current Fields: NAEHIOQTWKMbcdfgjplrsuvyzX for window 1:Def
Toggle fields via field letter, type any other key to return
* N: %MEM = Memory usage (RES)
* A: PID = Process Id
* E: USER = User Name
* H: PR = Priority
* I: NI = Nice value
* O: VIRT = Virtual Image (kb)
* Q: RES = Resident size (kb)
* T: SHR = Shared Mem size (kb)
* W: S = Process Status
* K: %CPU = CPU usage
* M: TIME+ = CPU Time, hundredths
b: PPID = Parent Process Pid
c: RUSER = Real user name
...
To alter the order of the columns displayed, press the “o” key and use the upper case and lower case letters corresponding to each column to move then left and right of the “Current Fields” string.
The sorting of the data can be altered using the following keys:
- M : Sort by %MEM column.
- N : Sort by PID column.
- P : Sort by %CPU column.
- T : Sort by TIME+ column.
- < : Moves the sort column left.
- > : Moves the sort column right.
The “r” and “k” keys are used to renice and kill sessions. These commands will be discussed below.
People often get a little confused about the memory information summary in the top part of the screen because the free memory listed seems very low to them. Linux uses free physical memory for the file system cache to improve I/O performance. If more memory is needed for processes, it is released from the file system cache. Linux only starts to use swap when all physical memory has been used. So the actual free memory on the system is free+buffers+cached. If your concern is free memory, it is easier to use the free command to monitor it. The “Mem:” line gives the values presented by top, while the “-/+ buffers/cache:” line gives the memory used by processes, ignoring the file system cache.
# free
total used free shared buffers cached
Mem: 2050836 459248 1591588 0 44988 163880
-/+ buffers/cache: 250380 1800456
Swap: 4128760 0 4128760
#
renice
The renice command is used to alter the scheduling priority of one or more processes. The “-h” flag displays the cut down usage notes.
# renice -h
Usage:
renice [-n] priority [-p|--pid] pid [... pid]
renice [-n] priority -g|--pgrp pgrp [... pgrp]
renice [-n] priority -u|--user user [... user]
renice -h | --help
renice -v | --version
#
The priority can be changed to an absolute value or a value relative to the current setting. The following example changes the priority of the process with the PID of 8 to the value 10, then adds 1 to the priority.
# renice 10 8
8: old priority 0, new priority 10
#
# renice +1 8
8: old priority 10, new priority 11
#
With no flags set, it is assumed you are using “renice -n priority -p pid”, so you are only targeting processes by the pid. The following are equivalent.
# renice -n +1 -p 8 9
# renice +1 8 9
You can also target multiple processes based on their group or user.
# renice -n +1 -g 500
# renice -n +1 -u oracle
You can also combine flags to target more processes.
Before you start altering the priorities you need to understand the inter-dependencies between processes. It is possible that by slowing down one process you will adversely affect the performance of other processes that depend on it.
The renice command can also be performed interactively in the top command, or from the “System Monitor” GUI.
kill
Not surprisingly, the kill command is used to kill processes. Assuming we have identified a process we want to kill and it has a process id of “1234”, we may use one of the two common forms are show below.
# kill 1234
# kill -9 1234
The first example sends the “TERM” signal to the specified process, which is the preferred option. The second is more aggressive, sending the “KILL” signal. You should only use the “KILL” signal if your attempts to kill the process with the “TERM” signal have failed.
Always make sure to double check the process you are killing. Killing the wrong process can cause the system to crash.
The kill command can also be performed interactively in the top command, or from the “System Monitor” GUI.
You can kill multiple processes using a single command by combining kill with the ps and awk commands.
# kill -9 `ps -ef | grep ora | awk '{print $2}'`
System Monitor
The “Processes” tab of the “System Monitor” dialog (Applications > System Tools > System Monitor) displays information similar to the top command.
Clicking on the column titles causes the display to be sorted by the column. Repeated clicking toggles between ascending and descending order for the column.
Right-clicking on a process displays a popup menu, allowing you to kill or change the priority (renice) the process.
For more information see:
Leave a comment