Chapter 9: Managing Linux Processes
parent process
process that starts other processes
binary programs
programs that exist on the filesystem until executed; they were written in a certain programming language and compiled into a binary format that only the computer can understand; ex- ls, find, grep
system cron tables
represent system tasks and exist in the /etc/crontab file as well as the /etc/cron.d directory; can only be edited by root user
user cron tables
represent tasks that individual users schedule and exist in the /var/spool/cron directory on Fedora or /var/spool/cron/crontabs on Ubuntu
top command
second most common program to display processes; displays an interactive screen listing processes organized by processor time (most used); press h for help; to kill with top, press k key and supply appropriate PID and kill signal when prompted; to change NI values with top, press r key and give PID and NI value when prompted
process state (S)
seen in ps -l command; indicates what a process is currently doing; most valuable information to a system administrator; S=sleeping, R=running, T=stopped or traced to mother process, Z=zombie
trap
some processes can ignore or "trap" certain kinds of kill signals sent to them
daemon process
system process that is not associated with a terminal
kill signal
terminates a process
cron table fields
1 = minute past the hour (0-59) 2 = hour (0-23) 3 = day of month (1-31) 4 = month of year (1-12) 5 = day of week (0/7 = Sunday, 1 = Monday, etc) - use * wildcard in a field to match all values - you can use several values in a field, just separate them with a comma - you can specify user before typing pathname
/etc/at.allow
A file listing all users who can use the at command
/etc/at.deny
A file listing all users who cannot access the at command; if /etc/at.allow exists, the system only checks that file rather than the deny file; usually only a blank deny file will exist, which means all users can use the at daemon
foreground process
A process for which the BASH shell that executed it must wait for its termination
background process
A process that does not require the BASH shell to wait for its termination; upon execution, the user receives the BASH shell prompt immediately; you can do this by appending an ampersand (&) character to the command; each background process has a PID and background job ID; to kill a background process, use a kill command with % and the background job ID, ex- kill %1
what happens during forking?
the parent shell waits while the child shell uses the exec function to carry out its tasks and then the exit function to kill itself
directories used for repetitive tasks
there are directories where you can put scripts that you would like to use hourly (/etc/cron.hourly/), daily (/etc/cron.daily/), weekly, or monthly
forking
The act of creating a new BASH shell child process from a parent BASH shell process; this is done when executing compiled programs or shell scripts by using the fork function
shell script
a computer program designed to be run by the BASH shell
foreground command (fg)
use to move a background process to the foreground; use % and background job ID to specify which process to move; to pause a foreground process, use Ctrl+z, which gives the process a background job ID so it can be moved to the background
background command (bg)
use to move a process to the background; + indicates most recent process, - indicates second most recent process; if you do not specify which process, the most recent is used
renice command
used to change a process' priority after it has already been started by using the command, the new value, and the process PID(s); to change NI value of all process for a specific user or group, as root you execute the command: renice <new NI value> -u <user> or -g <group>
mail command
used to check local system mail; if the standard output of any command scheduled using atd has not been redirected to a file, it will be mailed to the user
crontab command
used to create or edit a user cron table using -e option, which opens vi editor; information is stored in the file /var/spool/cron/username; to list a user cron table, use -l option with crontab command; use -r option to remove cron table; root user can use -u option and <user> to edit, list or remove other user's cron tables
at daemon
used to schedule a command to execute once in the future; start with at and give argument, you will receive a prompt from where you will type commands, line by line. when done, use Ctrl+d; make sure that your commands redirect to a file; at command returns a job ID, use at -l to view jobs or atq command; use -c option and job ID to view contents of job and shell environment; use -d optino and job ID to remove a job or the atrm command; to schedule a shell script (for many commands at once) use at <argument> -f <scriptname>
cron daemon
used to schedule a command to execute repeatedly in the future
jobs command
used to view background job IDs
killall command
uses process name to kill instead of PID; useful for killing processes with same name
rogue process
a process that has encountered an error during execution and continually uses up system resources; top command useful for detecting these
zombie process
a process that has finished and is waiting for its parent to release its PID so the PID can be used again; kill the parent, kill the zombie; to find all zombies use ps -el | grep Z command
process
a program that is running in memory and on the CPU; program in action
nice value (NI)
can be used to affect the process priority indirectly; measured between -20 to 19 (greater chance of high to low priority); any user can make their own processes a lower priority, but only the root user can make a process a higher priority; processes start at NI value of 0; background processes are given a NI value of 4 by default
nice command
can be used to specify NI value when starting a process using the -n option and the command to start; if NI value omitted, value of +10 used by default
shell function
commands built into the BASH shell running in memory; ex- cd, exit
cron tables
configuration files used to specify when a command should be executed; uses six fields separated by a space or tab characters; the first five fields specify the times to run the command and the sixth field is the absolute pathname to the command to be executed; use can use a #comment line to help make it more understandable, ex- #generate a daily summary of process accounting at 23:53 53 23 * * * root /usr/lib/sa/sa2 -A
/var/spool/at (Fedora) or /var/spool/cron/atjobs (Ubuntu)
directories where shell environment and scheduled commands are stored
pstree command
displays the lineage of a process by tracing its PPIDs until it gets to the init daemon; use pipe and head or less commands
parent process ID (PPID)
each process has a PPID which identifies the process that started it
init daemon
has PID of 1 and PPID of 0; first process started by kernel (0 refers to kernel); all processes can be traced back to the init daemon
SIGKILL
kill signal that cannot be trapped; it does not close temporary files or resources properly so must be used as last resort
kill command
most common command used to send kill signals; use -l option to see list of the 64 different kinds of kill signals; to kill a process, use kill -option PID; if no option specified, default signal SIGTERM used; if you kill a parent, the parent kills its children first
ps command
most versatile and common linux utility to view processes; without arguments, it simply displays a list of processes that are running in the current shell
/etc/cron.deny and /etc/cron.allow files
on Fedora, a blank deny file exists, so all users can use crontab command; on Ubuntu, neither file exists, so all users can use crontab command
process priority (PRI)
priority used by the kernel for the process, measured between 0 and 127 (high to low)
user process
process started and run in a user's terminal; ex- ls, grep, find commands
child process
process started by a another process; there can be an unlimited amount of child processes per parent
time slice
amount of time a process has to use the CPU; measured in milliseconds; the lower the PRI number, the most likely it is to get time slices
process ID (PID)
an ID that allows the kernel to identify the process uniquely; not necessarily given in sequential order
program
an executable file on the hard disk that can be run when you execute it
/proc directory
another way to view process information; each subdirectory is named for the PID of the process that it contains information for
two different daemons used to schedule commands
at daemon (atd) and cron daemon (crond)
3 main types of linux commands
binary program, shell script, and shell function