Code360 powered by Coding Ninjas X Naukri.com. Code360 powered by Coding Ninjas X Naukri.com
Table of contents
1.
Introduction
2.
Locating a Process
2.1.
top
2.2.
ps
2.3.
pidof
3.
Terminating a Process
3.1.
kill
3.2.
killall
3.3.
pkill
3.4.
xkill
3.5.
top 
4.
No-Hup Command
4.1.
Default Behaviour (without No-Hup)
4.2.
Using No-Hup
5.
Exit Command
6.
Frequently Asked Questions
6.1.
Does xkill close the window even if the window is on a different system?
6.2.
Are Linux and Ubuntu the same?
6.3.
What's the difference between a process and a program?
7.
Conclusion
Last Updated: Mar 27, 2024
Hard

Linux - Process Commands

Author Satvik Gupta
0 upvote
Master Python: Predicting weather forecasts
Speaker
Ashwin Goyal
Product Manager @

Introduction

Linux is an operating system based on the Linux kernel. It's open source, and many distributions exist for it - such as Ubuntu, Debian, etc. It's popular because of the high degree of control it gives to the user. 

Linux Process Commands

Processes are programs that are currently running. Linux gives us various commands to interact with and modify processes. In this article, we will look at a few of the process commands in Linux.

Let's get started!

Locating a Process

We can perform multiple operations on a process. We may need to restart a process if we have changed something in its configuration files. We may need to kill a process if it is misbehaving, if it's hung and is blocking other system resources, and many other reasons.

Before we do any of those things to a process, we need to locate it first. We need to know details about it, such as its full name, and its process ID (pid).

Process ID, or pid, is a unique ID assigned to each process by Linux OS. It's a simple integer that can be used to identify a process.

There are 2 basic commands we can use to locate a process - top and ps.

top

top stands for table of processes. As the name suggests, it displays a list of processes in table form. It's an interactive command, which means we can scroll through the table and type to interact with it. We will see later how to kill a process while in the top command.

To execute it, simply enter the command:

top

You should see a result like this:

Result of top command

We can scroll through this list using up and down arrows. 

The various headings in the tables have the following meanings.

  • PID - The process ID for the process.
  • USER - The owner of the process.
  • PR - The priority of the process. A lower value indicates higher priority.
  • NI - Represents the Nice Value of the task. The nice value is used to determine priority. It varies from -20 to +19. If the Nice Value is high, the process is nicer to other processes, which means its priority is lower.
  • VIRT - The amount of virtual memory used by the process.
  • RES - The amount of RAM the process uses, measured in KB.
  • SHR - The shared memory (KB) used by the process.
  • S - The status of the process. This may take the following values. 
    • D = Uninterruptible Sleep.
    • I = Idle.
    • R = Running.
    • S  = Sleeping.
    • T = stopped by a Job control signal.
    • t = stopped by the debugger during a trace.
    • Z = Zombie.
  • %CPU - The percentage of CPU used by this process.
  • %MEM - This is simply the RES divided by the total RAM.
  • TIME+ - The total CPU time this process has used since it was started. It is accurate up to hundredths of a second.
  • COMMAND - The command that started this process.

ps

ps stands for Process Status. It lists the processes in a system along with details about them. It is different from the top command majorly because it is not interactive - it simply outputs the data onto the terminal. It is handy if we need a list of processes for a script or a program, as it returns data in text format.

To run it, type the command:

ps


You should see the following output.

ps command output

This doesn't seem complete. The top command showed a lot more processes. 

This is because, by default, the ps command only shows the current user's processes. To get the list of processes started by all users, we add a to the ps command. If we want to get extra information about the processes instead of only the 4 columns that ps is showing, we will simply add u to the command. So, enter the below command into the terminal:

ps au

This will be the output.

ps a output

(ps a)

ps au output

(ps au)

From the ps au output, we can see that we are now getting the processes of root and admin. 

But, even now - there are only 4 processes returned - instead of the many that top showed. 

This is because, by default - ps only shows processes that were launched from a terminal instance (i.e., that have a TTY associated with them). Background processes, such as kernel tasks, and GUI applications, won't be shown. To remove this restriction, we add x to our command. 

Our final command becomes

ps aux
ps aux output

This time, we get the full output with the list of all processes.

ps is powerful as it allows us to use grep to filter the list of processes returned. grep is a Linux command that allows us to filter from text. We have to simply provide it with a regular expression, and it will return the lines that contain text matching it. For example, if we wish to filter all the processes that contain the word "nginx" in them, we can write:

ps aux | grep nginx
ps aux | grep nginx output

(Note the last process is the same grep command we just entered)

We can also do complex filtering using regular expressions. For example, to filter out processes that are created by the user admin and whose process ID starts with 5, we can write:

ps aux | grep "^admin[ \t]*5.*"
ps aux | grep "^admin[ \t]*5.*" output

You can read more about Linux's grep command and regular expressions here.

pidof

The pidof <Name> command can tell us the pid of a process. It will return all the PIDs of processes that match the name. 

For example, to find pid of nginx processes, we can type:

pid of nginx


The output will be:

pid of nginx output

Note that these 2 PIDs match the PIDs of the nginx processes we saw above (using grep).

Get the tech career you deserve, faster!
Connect with our expert counsellors to understand how to hack your way to success
User rating 4.7/5
1:1 doubt support
95% placement record
Akash Pal
Senior Software Engineer
326% Hike After Job Bootcamp
Himanshu Gusain
Programmer Analyst
32 LPA After Job Bootcamp
After Job
Bootcamp

Terminating a Process

We may need to terminate processes for multiple reasons. They may be:

  • A process is misbehaving. A process could be trying to access files that we don't want it to access. It may be running commands that are causing undesirable results.
     
  • It is taking up too many resources. A heavy process may be taking up too many resources, causing our system to lag. 
     
  • The process is hung, or non-responsive. An error or bug in the process may have caused it to hang. 
     

We can terminate a process in multiple ways in Linux. Some commands allow us to do this using the name of the process, while others need the PID. We will look at many ways to terminate processes in Linux.

NOTE - You may need to add sudo before running these commands, as they may require root privilege. This does not change the meaning or intent of the command. It just runs the command with a higher privilege.

For our examples, we will be killing the nginx processes. Nginx is a server software that runs two types of processes-the master process and the worker process. The master process reads and processes the configuration files that we write for nginx. It also handles the worker processes - starting them, delegating tasks to them, restarting them, etc. The worker processes are the processes that do the actual handling of requests to the server.
When the master process is killed, the worker process automatically stops running. On the other hand, if the worker process is killed, the master process will simply start a new worker process to replace it.

kill

The kill command is the most commonly used command to terminate a process. It takes the PID of the process as an argument.

Its syntax is 

kill -SIGNAL <pid>


The kill command will send a signal to the process. We can specify the signal in the -SIGNAL flag using either Signal Name or Signal Number. E.g.: 

kill -9 nginx


Will send a SIGTERM signal to nginx. When a process receives a SIGTERM signal, it understands that the OS is telling it to stop execution. However, the process is not killed immediately. The process receives the SIGTERM signal, and it can perform cleanup tasks - such as saving files, entering logs, etc. Then, it can stop execution on its own. 

The signal flag is optional and defaults to SIGTERM. (This is true for all further commands we will see too). You can read more about the various signals and the differences between them here.

Let's try to kill the nginx worker. 

killing the nginx worker process

No output means our command ran correctly.

24016 was the PID of the nginx worker process (you can re-check in our above images). Hence, when it was killed, the master process (24015) simply ran a new worker process. This is why we see a new PID when we run pidof nginx.

Let's now try to kill the master process.

Kill the master process

We see that the worker process has also stopped. We can verify this by running the below command as well. 

ps aux | grep nginx 
killing the process

We see that the only process with nginx in it is the same grep command we just ran. Hence, we can conclude that nginx is now closed.

killall

The killall <name> command kills all the processes in the system that have the name specified.  

(We have restarted nginx on the system before running this again)

Verify that nginx is running

As we can see, nginx is running. 

Now, let's execute killall. 

killall nginx
killall nginx output

No output means our command ran correctly. Let's check with ps if nginx is still running. 

Check if nginx is running.

The only process with nginx in its name is our grep command itself, hence we have killed all other nginx processes (worker and master both). 

killall is case-sensitive. To remove the case sensitivity, use: 

killall -l 

pkill

pkill uses the name of the process to kill it. The major difference between pkill and killall is that killall requires the exact name of the process (up to 15 characters), whereas pkill can kill processes even if we just provide it a partial name. We can also provide it with a pattern in the form of a Regular Expression, and it will kill all processes matching it.

Let's try to kill the nginx processes using pkill. Instead of typing the entire name nginx, we will just use ngi and see if that works. 

We verify that nginx is running by running pidof:

Find pid of nginx

Now, we will try to kill it using pkill.

pkill ngi
Kill nginx using pkill

We can see that even without providing the complete name - pkill has killed both nginx processes. 

pkill should be used carefully, as it can kill processes you did not mean to kill. 

xkill

xkill is used in the GUI of Linux and is part of the X Window System. The X Window System is a windowing system widely used in UNIX-like systems. It provides the framework for the windows in the GUIs we see and use every day. 

xkill tells the X server (the terminal in which we are running xkill) to kill a particular X client (any window we want to close). The server and the client may also be running on different machines.

Let us suppose this is our system, with a terminal and a calculator window open.

Terminal and calculator windows open

Let's invoke the xkill command. It takes no arguments. 

xkill
Run xkill command

This is what is shown, and our cursor turns into an X. We can now simply click on whichever window we want to close, and xkill will close it. 

Click on calculator window

We go to our calculator and click it.

Calculator window will be closed.

We see that xkill has output a statement declaring that it's killing our window, and our calculator window has closed. 

top 

We saw the top command before, it was used to show an interactive list of processes. One of the interactions we can perform with it is to kill a process. To do so, we need to perform the following steps.

1. Make sure you know the pid of the process you are trying to kill. 

2. Enter the top command and press k. You should see this window:

top process asks for pid of process to kill


You will be prompted to type the pid of the process you want to kill (look at the red arrow in the image above). Type the pid of the process you wish to kill.

3. You will be prompted to enter the signal to send to the process. We are using 15, which is the value for SIGTERM.

top asks for signal to send to the process to kill

4. Press Enter, and the process will be killed.

process has been killed

You can see in this image that the process 23994 does not exist anymore.

No-Hup Command

No-Hup command stands for No-Hangup. Usually, when we enter a command in the terminal, the command is started. However, if we exit the terminal while the process is still executing, a SIGHUP signal will be sent to the process, which generally results in the process being stopped.

Default Behaviour (without No-Hup)

Let us try to do a simple ping command without the No-Hup command. Ping command simply sends requests to any website or URL and logs the responses onto the screen. For convenience, we will log the responses into a txt file instead. 

Run the command :

ping www.codingninjas.com > pingresults.txt


The last part ( >pingresults.txt) outputs the result into a txt file instead of onto the screen. (We do not need to check the actual output, we just don't want our screen to be cluttered with it.) We have opened 2 terminals simultaneously, so we can check the txt file from the second terminal while the ping is executing in the first terminal.

ping command halts the terminal.

As we can see, this terminal will not take any more input while the ping command is running. Let's go to the second terminal and verify that our ping command is running, using ps.

ping is still running

As we can see, our ping command is running. Now, let's abruptly close the first terminal and check again.

Ping command stops running after its terminal is closed

The ping command has stopped. 

Using No-Hup

Now, let's try the same thing using no-hup. We will also run the process in the background this time. To run in the background, we can simply add a & at the end. 

Our final command, using no-hup and background task, becomes:

nohup ping www.codingninjas.com &


This will be our output:

Run ping using nohup in the background

It might look like the terminal is waiting for the ping command to finish, but we can actually type. Let's check ps for the ping command.

ps shows that ping is running

We will close this terminal and open it again to verify that no-hup is working.

Ping is running even after closing and reopening the terminal

Our ping command is still active, even though the original terminal has been closed. 

Exit Command

The exit command exits the current terminal or shell. We can optionally provide an integer parameter, and Linux will exit the shell with a return value of that integer parameter. This will be the status number of the exit operation. If we don't provide this integer, it will use the status number of the last executed command. 

Its syntax is :

exit <N> 


Where N is the desired exit status code. 

Let's create a small script and add the exit command to it, using a return code of 200.

Create a script by executing the command:

cat >NinjaDemo.sh 


You can name the file anything you want, but the extension must be .sh. Type the following into the script: 

Demo file with exit code 200

We can see our file has been created by running ls.

Verify that file is created

Now, run :

chmod +x NinjaDemo.sh
./NinjaDemo.sh


This will run the file, and you will see the following output:

Run the script

To verify that the exit status was 200, we will run the command:

echo $?


This will give us the return code of the last executed command, which was our script. 

Verify the status code of the script we just ran

As we can see, our output is correct.

Frequently Asked Questions

Does xkill close the window even if the window is on a different system?

Xkill works across systems too, but it is not always guaranteed that the window will be closed. What xkill does is, it severs the connection between the X-server (which is running on the main machine), and the X-client (which is the window running on the same/different machine). Usually, X client windows close themselves when they lose the connection to the X-server - but this is not always the case.

Are Linux and Ubuntu the same?

Linux is not actually a complete Operating System. It is simply a kernel - it does not provide the shell part (which is the part that the users interact with). Linux is open source, which means anyone can download the source code - and add their own shell to it, and other features they might want. So, Ubuntu is a complete operating system built on top of Linux. It contains the Linux kernel, a GUI for users to interact with, as well as some other features.

What's the difference between a process and a program?

A program is any piece of executable code. It contains the set of codes, data, and files that are necessary to perform a particular task. A process is - an actively running instance of a program. So, when we have a .exe file in our system - it is a program. When we double-click it, and it starts up, it becomes a process.

Conclusion

This blog has explored the various Process commands in Linux-based operating systems. We have explored commands for locating and terminating processes, and we have also seen how the No-Hup and exit command work.

We hope you leave this article with a broader knowledge of Linux, processes, and running commands over CLI. We recommend that you explore our different articles on these topics as well, such as:

Introduction to Linux

Linux Kernel

Linux Directories
 

You can practice questions on various problems on Coding Ninjas Studio, attempt mock tests. You can also go through interview experiences, interview bundle, go along guided paths for preparations, and a lot more!

Keep coding, keep reading Ninjas. 

Previous article
Linux Regex
Next article
Linux Crontab and At
Live masterclass