Do you think IIT Guwahati certified course can help you in your career?
Introduction
Linux is an operating system based on the Linux kernel. It's open source, and many distributions exist for it - such as Ubuntu, Debian, etc. It's popular because of the high degree of control it gives to the user.
Processes are programs that are currently running. Linux gives us various commands to interact with and modify processes. In this article, we will look at a few of the process commands in Linux.
Let's get started!
Locating a Process
We can perform multiple operations on a process. We may need to restart a process if we have changed something in its configuration files. We may need to kill a process if it is misbehaving, if it's hung and is blocking other system resources, and many other reasons.
Before we do any of those things to a process, we need to locate it first. We need to know details about it, such as its full name, and its process ID (pid).
Process ID, or pid, is a unique ID assigned to each process by Linux OS. It's a simple integer that can be used to identify a process.
There are 2 basic commands we can use to locate a process - top and ps.
top
top stands for table of processes. As the name suggests, it displays a list of processes in table form. It's an interactive command, which means we can scroll through the table and type to interact with it. We will see later how to kill a process while in the top command.
To execute it, simply enter the command:
top
You should see a result like this:
We can scroll through this list using up and down arrows.
The various headings in the tables have the following meanings.
PID - The process ID for the process.
USER - The owner of the process.
PR - The priority of the process. A lower value indicates higher priority.
NI - Represents the Nice Value of the task. The nice value is used to determine priority. It varies from -20 to +19. If the Nice Value is high, the process is nicerto other processes, which means its priority is lower.
VIRT - The amount of virtual memory used by the process.
RES - The amount of RAM the process uses, measured in KB.
SHR - The shared memory (KB) used by the process.
S - The status of the process. This may take the following values.
D = Uninterruptible Sleep.
I = Idle.
R = Running.
S = Sleeping.
T = stopped by a Job control signal.
t = stopped by the debugger during a trace.
Z = Zombie.
%CPU - The percentage of CPU used by this process.
%MEM - This is simply the RES divided by the total RAM.
TIME+ - The total CPU time this process has used since it was started. It is accurate up to hundredths of a second.
COMMAND - The command that started this process.
ps
ps stands for Process Status. It lists the processes in a system along with details about them. It is different from the top command majorly because it is not interactive - it simply outputs the data onto the terminal. It is handy if we need a list of processes for a script or a program, as it returns data in text format.
To run it, type the command:
ps
You should see the following output.
This doesn't seem complete. The top command showed a lot more processes.
This is because, by default, the ps command only shows the current user's processes. To get the list of processes started by allusers, we add a to the ps command. If we want to get extra information about the processes instead of only the 4 columns that ps is showing, we will simply add u to the command. So, enter the below command into the terminal:
ps au
This will be the output.
(ps a)
(ps au)
From the ps au output, we can see that we are now getting the processes of root and admin.
But, even now - there are only 4 processes returned - instead of the many that top showed.
This is because, by default - ps only shows processes that were launched from a terminal instance (i.e., that have a TTY associated with them). Background processes, such as kernel tasks, and GUI applications, won't be shown. To remove this restriction, we add x to our command.
Our final command becomes
ps aux
This time, we get the full output with the list of all processes.
ps is powerful as it allows us to use grep to filter the list of processes returned. grep is a Linux command that allows us to filter from text. We have to simply provide it with a regular expression, and it will return the lines that contain text matching it. For example, if we wish to filter all the processes that contain the word "nginx" in them, we can write:
ps aux | grep nginx
(Note the last process is the same grep command we just entered)
We can also do complex filtering using regular expressions. For example, to filter out processes that are created by the user admin and whose process ID starts with 5, we can write:
ps aux | grep "^admin[ \t]*5.*"
You can read more about Linux's grep command and regular expressions here.
pidof
The pidof <Name> command can tell us the pid of a process. It will return all the PIDs of processes that match the name.
For example, to find pid of nginx processes, we can type:
pid of nginx
The output will be:
Note that these 2 PIDs match the PIDs of the nginx processes we saw above (using grep).
Terminating a Process
We may need to terminate processes for multiple reasons. They may be:
A process is misbehaving. A process could be trying to access files that we don't want it to access. It may be running commands that are causing undesirable results.
It is taking up too many resources. A heavy process may be taking up too many resources, causing our system to lag.
The process is hung, or non-responsive. An error or bug in the process may have caused it to hang.
We can terminate a process in multiple ways in Linux. Some commands allow us to do this using the name of the process, while others need the PID. We will look at many ways to terminate processes in Linux.
NOTE - You may need to add sudo before running these commands, as they may require root privilege. This does not change the meaning or intent of the command. It just runs the command with a higher privilege.
For our examples, we will be killing the nginx processes. Nginx is a server software that runs two types of processes-the master process and the worker process. The master process reads and processes the configuration files that we write for nginx. It also handles the worker processes - starting them, delegating tasks to them, restarting them, etc. The worker processes are the processes that do the actual handling of requests to the server. When the master process is killed, the worker process automatically stops running. On the other hand, if the worker process is killed, the master process will simply start a new worker process to replace it.
kill
The kill command is the most commonly used command to terminate a process. It takes the PID of the process as an argument.
Its syntax is
kill -SIGNAL <pid>
The kill command will send a signal to the process. We can specify the signal in the -SIGNAL flag using either Signal Name or Signal Number. E.g.:
kill -9 nginx
Will send a SIGTERM signal to nginx. When a process receives a SIGTERM signal, it understands that the OS is telling it to stop execution. However, the process is not killed immediately. The process receives the SIGTERM signal, and it can perform cleanup tasks - such as saving files, entering logs, etc. Then, it can stop execution on its own.
The signal flag is optional and defaults to SIGTERM. (This is true for all further commands we will see too). You can read more about the various signals and the differences between them here.
Let's try to kill the nginx worker.
No output means our command ran correctly.
24016 was the PID of the nginx worker process (you can re-check in our above images). Hence, when it was killed, the master process (24015) simply ran a new worker process. This is why we see a new PID when we run pidof nginx.
Let's now try to kill the master process.
We see that the worker process has also stopped. We can verify this by running the below command as well.
ps aux | grep nginx
We see that the only process with nginx in it is the same grep command we just ran. Hence, we can conclude that nginx is now closed.
killall
The killall <name> command kills all the processes in the system that have the name specified.
(We have restarted nginx on the system before running this again)
As we can see, nginx is running.
Now, let's execute killall.
killall nginx
No output means our command ran correctly. Let's check with ps if nginx is still running.
The only process with nginx in its name is our grep command itself, hence we have killed all other nginx processes (worker and master both).
killall is case-sensitive. To remove the case sensitivity, use:
killall -l
pkill
pkill uses the name of the process to kill it. The major difference between pkill and killall is that killall requires the exact name of the process (up to 15 characters), whereas pkill can kill processes even if we just provide it a partial name. We can also provide it with a pattern in the form of a Regular Expression, and it will kill all processes matching it.
Let's try to kill the nginx processes using pkill. Instead of typing the entire name nginx, we will just use ngi and see if that works.
We verify that nginx is running by running pidof:
Now, we will try to kill it using pkill.
pkill ngi
We can see that even without providing the complete name - pkill has killed both nginx processes.
pkill should be used carefully, as it can kill processes you did not mean to kill.
xkill
xkill is used in the GUI of Linux and is part of the X Window System. The X Window System is a windowing system widely used in UNIX-like systems. It provides the framework for the windows in the GUIs we see and use every day.
xkill tells the X server (the terminal in which we are running xkill) to kill a particular X client (any window we want to close). The server and the client may also be running on different machines.
Let us suppose this is our system, with a terminal and a calculator window open.
Let's invoke the xkill command. It takes no arguments.
xkill
This is what is shown, and our cursor turns into an X. We can now simply click on whichever window we want to close, and xkill will close it.
We go to our calculator and click it.
We see that xkill has output a statement declaring that it's killing our window, and our calculator window has closed.
top
We saw the top command before, it was used to show an interactive list of processes. One of the interactions we can perform with it is to kill a process. To do so, we need to perform the following steps.
1. Make sure you know the pid of the process you are trying to kill.
2. Enter the top command and press k. You should see this window:
You will be prompted to type the pid of the process you want to kill (look at the red arrow in the image above). Type the pid of the process you wish to kill.
3. You will be prompted to enter the signal to send to the process. We are using 15, which is the value for SIGTERM.
4. Press Enter, and the process will be killed.
You can see in this image that the process 23994 does not exist anymore.
No-Hup Command
No-Hup command stands for No-Hangup. Usually, when we enter a command in the terminal, the command is started. However, if we exit the terminal while the process is still executing, a SIGHUP signal will be sent to the process, which generally results in the process being stopped.
Default Behaviour (without No-Hup)
Let us try to do a simple ping command without the No-Hup command. Ping command simply sends requests to any website or URL and logs the responses onto the screen. For convenience, we will log the responses into a txt file instead.
Run the command :
ping www.codingninjas.com > pingresults.txt
The last part ( >pingresults.txt) outputs the result into a txt file instead of onto the screen. (We do not need to check the actual output, we just don't want our screen to be cluttered with it.) We have opened 2 terminals simultaneously, so we can check the txt file from the second terminal while the ping is executing in the first terminal.
As we can see, this terminal will not take any more input while the ping command is running. Let's go to the second terminal and verify that our ping command is running, using ps.
As we can see, our ping command is running. Now, let's abruptly close the first terminal and check again.
The ping command has stopped.
Using No-Hup
Now, let's try the same thing using no-hup. We will also run the process in the background this time. To run in the background, we can simply add a & at the end.
Our final command, using no-hup and background task, becomes:
nohup ping www.codingninjas.com &
This will be our output:
It might look like the terminal is waiting for the ping command to finish, but we can actually type. Let's check ps for the ping command.
We will close this terminal and open it again to verify that no-hup is working.
Our ping command is still active, even though the original terminal has been closed.
Exit Command
The exit command exits the current terminal or shell. We can optionally provide an integer parameter, and Linux will exit the shell with a return value of that integer parameter. This will be the status number of the exit operation. If we don't provide this integer, it will use the status number of the last executed command.
Its syntax is :
exit <N>
Where N is the desired exit status code.
Let's create a small script and add the exit command to it, using a return code of 200.
Create a script by executing the command:
cat >NinjaDemo.sh
You can name the file anything you want, but the extension must be .sh. Type the following into the script:
We can see our file has been created by running ls.
Now, run :
chmod +x NinjaDemo.sh
./NinjaDemo.sh
This will run the file, and you will see the following output:
To verify that the exit status was 200, we will run the command:
echo $?
This will give us the return code of the last executed command, which was our script.
As we can see, our output is correct.
Frequently Asked Questions
Does xkill close the window even if the window is on a different system?
Xkill works across systems too, but it is not always guaranteed that the window will be closed. What xkill does is, it severs the connection between the X-server (which is running on the main machine), and the X-client (which is the window running on the same/different machine). Usually, X client windows close themselves when they lose the connection to the X-server - but this is not always the case.
Are Linux and Ubuntu the same?
Linux is not actually a complete Operating System. It is simply a kernel - it does not provide the shell part (which is the part that the users interact with). Linux is open source, which means anyone can download the source code - and add their own shell to it, and other features they might want. So, Ubuntu is a complete operating system built on top of Linux. It contains the Linux kernel, a GUI for users to interact with, as well as some other features.
What's the difference between a process and a program?
A program is any piece of executable code. It contains the set of codes, data, and files that are necessary to perform a particular task. A process is - an actively running instance of a program. So, when we have a .exe file in our system - it is a program. When we double-click it, and it starts up, it becomes a process.
Conclusion
This blog has explored the various Process commands in Linux-based operating systems. We have explored commands for locating and terminating processes, and we have also seen how the No-Hup and exit command work.
We hope you leave this article with a broader knowledge of Linux, processes, and running commands over CLI. We recommend that you explore our different articles on these topics as well, such as:
![ps aux | grep "^admin[ \t]*5.*" output](https://files.codingninjas.in/article_images/linux-process-commands-7-1667590853.jpg)
85+ registered