Processes in Linux
What is a process?
A process is simply a running application, command, or any other program. For example, whenever you open up your browser, it is stated as being a process until the time you exit it. Another example of a process is a command that is executing until the time it completes executing.
A process is assigned many properties such as its memory context, priority which dictates how much time the CPU allocates the process, and most importantly Process ID (PID).
After a Linux computer has been booted up, the Linux Kernel hands control over to a process known as PID1. PID1 is the primary process which is also the first process to start when Linux boots up. On older Linux systems, the primary process was known as init, while today, it is known as Systemd. The primary process has not only gone through the name transformation, but it also handles processes in a more streamlined manner. PID1 is the parent process and all the other processes are it’s child processes.
Viewing Processes
ps command is used to view processes. Running the ps command without any flags outputs the processes associated only with the current user and terminal session. To view all the processes running on the system from all users, we can pass in -e flag:
ps -e
Remember I had mentioned that every other process is a child of the primary process? Processes that are started by other processes are known as child processes. We can view the hierarchy by adding the -H flag:
ps -eH
From the above figure, you would notice that other processes under systemd are indented, this shows that systemd is the parent process and others are its child processes.
Let us have a more practical look at the process hierarchy. Let’s take the following steps: open up the terminal and run the ps -H command.
As you can see from the output above, the terminal, which is called bash, is a process and the command we ran, ps, is also a process, and it is indented indicating that it is a child of bash because we ran the command from the bash terminal.
Another common switch that is used with the ps command is the -f switch. The -f switch shows full format listing including all arguments a command is using while it is running:
As you can notice, it now shows the full pscommand together with its switches.
The question arises; where does the ps command get all this information from? The answer lies in the /Proc directory. The /Proc directory is a direct line of communication to the Linux Kernel. The Kernel sends data on its runtime configuration and what it is working on to the /Proc directory, so that commands like ps, free, top and many others can utilize that information.
Note that the ps command only provides a snapshot of processes that is held in time, to view the processes in realtime, we can use thetop command!
This marks the end of this post! I hope you got to learn about Linux processes and understand them better. If you have any feedback for me, please drop it below in the comment box. Thank you!
