Gathering information about processes

- [Narrator] Hi and welcome to the last section of this course, administration calls. A GNU Linux ecosystem consists of running programs, services, connected devices, file systems, users, and a lot more. Having an overview of the entire system and managing the OS as a whole is the primary purpose of system administration. One should be armed with enough knowledge of commonly used commands and proper usage practices to gather system information and manage resources. It also helps in writing script and automation tools that perform management tasks.

This section will introduce several such tools. Now we move on to the first video of the last section, gathering information about processes. This video will show you how to gather information about processes. Processes are the running instance of a program. Several processes run on a computer, and each process is assigned a unique identification number called a process ID, PID. Multiple instances of the same program with the same name can now be executed at the same time, but they will have different PIDs.

A process consists of several attributes, such as which user owns the process, the amount of memory used by the program, CPU time used by the program, and so on. Important command related to process management are top, PS and PGREP. Let's see how we can gather information about processes. Let's see how to do it. PS is an important tool for gathering information about the processes. It provides information on which user owns the process, the time when a process started, the command path used for the execute in the process, PID, the terminal it is attached with, TTY, the memory used by the process, CPU time used by the process, and so on.

For example, this will print the details of the file regarding its file type. An example is like so. The PS command is usually used with a set of parameters. When it's run without any parameter, PS will display processes that are running on the current terminal, TTY. The first column shows the process ID, PID. The second column is a TTY terminal. The third column is how much time has elapsed since the process started, and finally, CMD, the command.

In order to show more columns consisting of more information use the minus F, stands for fall, as follows. The proceeding PS commands are not useful as it does not provide any information about processes other than the ones attached to the current terminal. In order to get information about every process running on the system add the minus E, every option. The minus AX all option will also produce an identical output. The minus X argument along with minus A specifies to remove the default TTY restriction imparted by PS.

Usually using PS without arguments prints processes that are attached to the terminal only. Run one of these commands. The PS command supports several details to be displayed along with the process name and PID. By default, PS shows the information as different columns and some of them may be not useful for us. We can specify the columns to be displayed using minus O flag and hence thereby print only the required columns.

Different parameters associated with the process are specified with options for that parameter. The list of parameters and usage of minus O are discussed next. In order to display the required columns of output using PS use-- Parameters for minus O are delimited by using the comma operator. It should be noted that there is no space in between the comma operator and the next parameter. Usually the minus O option is combined with the minus E every option, minus OE, as it should list every process running in the system.

However when certain filters are used along with minus O, such as those for listing the processes owned by specified users, minus E is not used along with minus O. Usage of minus E with a filter will nullify the filter and will show all process entries. A command is as follows. Here com stands for command and PCPU is percentage of CPU usage. There are different parameters that can be used with the minus O option and their descriptions are as follows.

PCPU, percentage of CPU. PID, process ID. PPID, parent process ID. PMEM, percentage of memory. Comm, executable file name. Command, simple command. User, the user who started the process. Nice, the priority, niceness. Time, cumulative CPU time. Etime, elapsed time since the process started.

TTY, the associated TTY device. EUID, the effective user. STST, process state. Let's go through additional usage examples of process manipulation commands. Top, top is a very important command for system administrators. The top command will by default output a list of top CPU consuming processes. The output is updated every few seconds and is used as follows.

It will display several parameters along with the top CPU consuming processes. Sorting the PS output with respect to a parameter. Output of the PS command can be sorted according to specified columns with the minus sort parameter. The ascending or descending order can be specified using the plus ascending or minus descending prefix to the parameter as follows. For example, to list the top 10 CPU consuming processes use-- Here, processes are sorted in the descending order by percentage of CPU usage, and head is applied to extract the top 10 processes.

We can use grab to extract entries in the PS output related to a given process name or another parameter. In order to find out entries about running bash processes use-- Finding the process ID when given command names. Suppose several instances of a command are being executed. We may need to identify the PID of the processes. This information can be found using the PS, or PGREP command. We can use PS as follows.

The minus O used here to find format specifier was described in the earlier part of the recipe, but here you can equal is appended with PID. This is to remove the header PID from the output of PS. In order to remove headers for each column append equals to the parameter. For example-- This command lists the process IDs of bash processes. Alternatively, there is a handy command called PGREP. You should use PGREP to get a quick list of process IDs for a particular command.

For example-- PGREP requires only a portion of the command name and its input argument to extract the bash command. For example, PGREP ash, or PGREP bass, will also work. But PS requires you to type the exact command. PGREP accepts many more input filtering options. In order to specify a delimiter character for output rather than using a new line as the delimiter use-- Specify a list of owners of the user for the matching processes as follows.

In this command, root and test are users. Return the count of matching processes as follows. Filters with PS for real user ID or ID effective user or ID. With PS it's possible to group processes based on the real and effective use name or PID specified. Specified arguments can be used to filter the PS output by checking whether each entry belongs to a specific effective user, or a real user from the list of arguments, and shows only the entries matching them.

This can be done as follows. Specify an effective users list by using minus U, euser one, euser two, and so on. Specify a real users list by using minus capital U ruser one, ruser two, and so on. For example, this command will show all processes running with root as the effective user ID and the real user ID, well, but also show the user and percentage CPU usage columns. Mostly we find minus O along with minus E as EO, but when filters are applied, minus O should act alone, as mentioned in this section.

TTY filter for PS. The PS output can be selected by specifying the TTY to which the process is attached. Use the minus T option to specify the TTY list as follows. For example-- Information about process threads. Usually information about process threads are hidden in the PS output.

We can show information about threads in the PS output by adding the minus capital L option. Then it will show two columns, NLWP and NLP. NLWP is the thread count for a process, and NLP is the thread ID for each entry in PS. For example-- This command lists 10 processes with a maximum number of threads.

Specifying output width and columns to be displayed. We can specify the columns to be displayed in the PS output using the user defined output format specify minus O. Another way to specify the output format is with standard options. Practice them according to your usage style. Try these options.

Showing environment variables for a process. Understanding which environment variables a process is dependent on is a very useful bit of information we might need. The way a process behaves might be heavily dependent on the environmental variable set. We can debug and make use of environment data before fixing several problems relating to the running of processes. In order to list environment variables along with PS entries use-- An example of where this type of environment tracing can come in handy is when in tracing problems with app to get package manager.

If you use an HTTP property to connect to the Internet you may need to set your environment variables. Let's say you forget to set the environment variables in the script. The app to get command will not select the proxy and hence returns an error. Then you can actually look at an environment variable and track the issue. We may need some applications to be run automatically with scheduling tools, such as Cron. But it might be dependent on some environment variables. Suppose if we want to open a GUI windowed application at a given time. We schedule it using Crontab at a specific time.

But this will not work. It's because a windowed application always depends on the display environment variable. To figure out the environment variables needed, run the window app manually and then run PS. Find out the environment variables and prefix them before a command name appears in Crontab, as follows. Here display equals colon zero was obtained from the PS output. About which, where is, file, what is, and load average. There are a few commands which are useful for exploring other commands and such.

Let's discuss them. The which command is used to find the location of a command. We type commands in the terminal without knowing the location where the executable is stored. When we type a command the terminal looks for the command in a set of locations and executes the executable file if found at the location. These sets of locations are specified using an environment path variable. For example-- We can export path and add our own locations to be searched when command names are typed.

For example, to add slash home slash test slash bin to path use the following command. The which command outputs the location of the command given as the argument. For example-- This command is similar to the which command, but it not only returns the path of the command, it also prints the location of the man page if available and also the path of the source code for the command if available.

For example-- The file command is an interesting and frequently used command. It's used for determining file type. An example is as follows. The what is command outputs a one line description of the command given as the argument. It passes information from the man page.

For example-- Apropos. Sometimes we need to search if some command related to a word exists, then we can search the man pages for strings in the command. For this we can use-- It's an important parameter for the total load on the running system. It specifies the average of the total number of runnable processes on the system. It is specified by three values. The first value indicates the average in one minute.

The second indicates the average in five minutes, and the third indicates the average in 15 minutes. It can be obtained by running up time as follows. Great. We have successfully learned how to gather information about processes. In the next video, we'll see about killing processes and send or respond to signals.