Process Management
In Linux, the term "process" is defined as a program loaded into memory and executing in the processor (CPU).
Processes can range from short commands run from the command line to network services running for the duration of the operating system's uptime.
Types of Processes
Foreground Processes
By default, all processes run in the foreground. They take input from the keyboard and display output on the screen. Running the pwd command is a good example of a foreground process.
root@hackerbox:~$ pwd/rootIn this example, the process executed by the pwd command ran in the foreground, displayed the output, and exited after completing its task. Foreground processes lock the terminal until they finish their tasks and do not allow other operations to be performed in the meantime.
Background Processes
Background processes do not lock the terminal when run; they start running in the background. When background processes are running, multiple processes can run in parallel.
To run a command in the background, append the & character to it. For example, let's run the pwd command in the background:
root@hackerbox:~$ pwd &
[1] + Done pwdUnlike the first example, the pwd command did not print the path of the current directory as it was run as a background process. Instead, it provided information about the background process it started.[1]indicates that the process job number is 1.
Done indicates that the process successfully completed its task.
Let's do a different example The pwd command, by nature, completes its task immediately and exits. However, some commands run continuously until you send a stop signal. The ping command is a good example of this.
Let's send a ping to 127.0.0.1 with the ping command and run it in the background. This will allow us to send ping requests to 127.0.0.1 for as long as our terminal or the running process remains open, while still allowing us to use our terminal for other tasks.
root@hackerbox:~$ ping 127.0.0.1 &
[1] 54017
root@hackerbox:~$
64 bytes from 127.0.0.1: icmp_seq=100 ttl=64 time=0.081 ms
64 bytes from 127.0.0.1: icmp_seq=101 ttl=64 time=0.164 ms
64 bytes from 127.0.0.1: icmp_seq=102 ttl=64 time=0.075 ms[1] indicates that the background job number for the process is 1. 54017 is the Process ID (PID) for the background process. The PID is a unique number identifying the process.
Some commands, like ping, may provide output to the terminal even when running in the background. As seen in the example, although running in the background, the ping command prints output to the terminal every second. However, this output does not prevent us from performing other tasks and does not lock the terminal.
Managing Processes in the Current Terminal Session
We can easily list the background processes started in our current terminal session using the jobs command.
root@hackerbox:~$ jobs
[1] running ping 127.0.0.1According to the output, we have a ping 127.0.0.1command running in the background in our current terminal session, with a job number of 1.
To bring this background command back to the foreground, we can use the fg(foreground) command. We type the job number of the process with a % sign next to the fg command.
root@hackerbox:~$ fg %1
[1] - running ping 127.0.0.1
64 bytes from 127.0.0.1: icmp_seq=645 ttl=64 time=1.448 ms
64 bytes from 127.0.0.1: icmp_seq=646 ttl=64 time=0.161 ms
64 bytes from 127.0.0.1: icmp_seq=647 ttl=64 time=0.219 ms
64 bytes from 127.0.0.1: icmp_seq=648 ttl=64 time=0.130 msAs we can see, the process is running in the foreground again.
How do we stop it? We can easily stop a program running in the terminal by pressing the CTRL+C shortcut on the keyboard.
64 bytes from 127.0.0.1: icmp_seq=645 ttl=64 time=1.448 ms
64 bytes from 127.0.0.1: icmp_seq=646 ttl=64 time=0.161 ms
64 bytes from 127.0.0.1: icmp_seq=647 ttl=64 time=0.219 ms
64 bytes from 127.0.0.1: icmp_seq=648 ttl=64 time=0.130 ms
^C
--- 127.0.0.1 ping statistics ---
706 packets transmitted, 706 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.055/0.180/1.668/0.105 ms
root@hackerbox:~$Managing System-Wide Processes
In addition to processes in our current terminal session, there are processes running system-wide. These can be processes used by the operating system, the terminal, service providers, or programs that continuously run in the background.
We can view system-wide processes using the ps command.
root@hackerbox:~$ ps
PID TTY TIME CMD
19 pts/1 00:00:00 sh
24 pts/1 00:00:00 psAs seen in the example, there are two processes running system-wide. One is the terminal running the
shprocess, and the other is the ps command we just executed.
For a more detailed output, we can use the -f parameter of the ps command.
root@hackerbox:~$ ps -f
UID PID PPID C STIME TTY TIME CMD
1001 19 1 0 07:20 pts/1 00:00:00f sh
1001 25 19 0 08:04 pts/1 00:00:00 ps -fThe detailed explanations of the columns in the command output are as follows:
UID
User ID - The ID number of the user running the process
PID
Process ID - The unique identifier for the process
PPID
Parent Process ID - The unique identifier for the parent process that started the process
C
CPU - The CPU usage of the process
STIME
Start Time - The start time of the process
TTY
Terminal Type - The type of terminal where the process is running
TIME
The total time the process has been running
CMD
Command - The command that started the process
Stopping a Running Process
To stop running processes, if the process runs in the foreground, we can easily press the CTRL+C shortcut on the keyboard.
If it's a background process, we need to know the Process ID (PID) number to stop it.
root@hackerbox:~$ ps
UID PID PPID C STIME TTY TIME CMD
1001 19 1 0 07:20 pts/1 00:00:00f sh
1001 25 19 0 08:04 pts/1 00:00:00 ps -fIn the output above, we have the PID for the process sh (19). To stop this process, use the kill command.
root@hackerbox:~$ kill 19If the process does not terminate with the command above, we can forcefully stop it with the interrupt signal -9.
root@hackerbox:~$ kill -9 19Last updated