I installed Cygwin for 64 bit versions of Windows.and I run "Cygwin64 Terminal" in order to confirm whole process' state. As far as I know, ps command must show STAT column but It is impossible to find STAT column Whenever I execute "ps -l" or "ps aux" ,"ps -ef", "ps axj"..
I really want to view STAT column in ps command because a source code which I practice recently request me to check zombie process by means of ps command.
screenshot of ps command without STAT column
Use procps
$ /usr/bin/procps.exe ax
PID TTY STAT TIME COMMAND
1580 pty1 Ss 0:00 -bash
1624 pty0 R 0:00 /usr/bin/procps ax
1522 ? Ss 0:05 /usr/bin/mintty -i /Cygwin-Terminal.ico -
1599 pty1 T 0:00 less .bashrc
1523 pty0 Ss 0:00 -bash
1579 ? Ss 0:00 /usr/bin/mintty -i /Cygwin-Terminal.ico -
you can find it in procps-ng package
$ cygcheck -f /usr/bin/procps
procps-ng-3.3.16-1
Related
There is a field in process object in node.js: process.title
That field allows you to change process name displayed in top or ps command on linux.
Is there some way to do this for and in bash script also?
Changing the command line reference from running processes is possible on *NIX with /proc filesystem :
$ ps
PID TTY TIME CMD
106 tty4 00:00:01 bash
719 tty4 00:00:00 ps
$ echo "toto" > /proc/106/comm
$ ps
PID TTY TIME CMD
106 tty4 00:00:01 toto
719 tty4 00:00:00 ps
$
And yes, it's not the prettiest way to do so.
I am just trying to understand more about the PID column when running the ps command.
If I have two terminal windows open, in the first one I run the following command
firefox &
Then run the ps command in BOTH and get the following output from the first window
PID TTY TIME CMD
16814 pts/1 00:00:00 bash
16822 pts/1 00:00:04 MainThread
16881 pts/1 00:00:02 Privileged Cont
16938 pts/1 00:00:00 WebExtensions
17026 pts/1 00:00:00 Web Content
17081 pts/1 00:00:00 ps
And the following in the second
PID TTY TIME CMD
16794 pts/0 00:00:00 bash
17082 pts/0 00:00:00 ps
In both outputs we see the shell process. Why do they not have the same PID, even if it has the same process name.
Say someone runs htop with sudo:
$sudo htop
I know we can get the user name of the htop process by:
$ps aux | grep htop
But in this case it only returns root as the username:
$ps aux | grep htop
root 21186 0.0 0.0 71256 4148 pts/2 S+ 17:16 0:00 sudo htop
root 21187 2.6 0.0 31460 5128 pts/2 S+ 17:16 0:21 htop
How can I find out which user is behind root?
This might work for you. It grabs the commands executed with sudo from /var/log/auth.log:
awk '/sudo/&&/COMMAND/ {
print gensub(/sudo: ([^ ]*).*USER=([^ ]*).*COMMAND=([^ ]*)/,
"\\1 (as \\2) command: \\3", 1)
}' /var/log/auth.log
Simply use grep on /var/log/secure or /var/log/auth.log (depends on the distro):
$ sudo grep sudo /var/log/secure
(or)
$ sudo grep sudo /var/log/auth.log
If these two doesn't work then use sudo journalctl _COMM=sudo
It will give output as:
Apr 14 00:23:35 hell-abhi sudo[14519]: hell_abhi : TTY=pts/1 ; PWD=/home/hell_abhi ; USER=root ; COMMAND=/bin/journalctl _COMM=sudo
Apr 14 00:21:43 hell-abhi sudo[14348]: hell_abhi : TTY=pts/0 ; PWD=/home/hell_abhi ; USER=root ; COMMAND=/bin/nano
The table shows: date, time, user, pid, teminal, directory, command used.
Here you can see: hell_abhi ran sudo nano from /home/hell_abhi(his home directory).
I know if I type ps -ef I get the processes. But how can I read the process tree of a user say xyz, so that I can draw it in hierarchal form?
Should I read the file path towards process and draw it as a tree structure? Or what?
Here is a selection from a larger ps -ef output:
UID PID PPID C STIME TTY TIME CMD
....
xyz 15152 15112 0 23:08:00 pts/19 0:00 usr/bin/bash
xyz 15112 15106 0 23:07:54 ? 0:00 /local/openssh/4.5p1/sbin/sshd -R
root 236 6535 0 21:27:06 ? 0:01 /local/openssh/4.5p1/sbin/sshd -R
xyz 15431 15152 0 23:09:30 pts/19 0:00 ps -ef
.....
How can I draw the process hierarchy of xyz?
Thanks
pstree [options] [pid or username];
see http://www.linfo.org/pstree.html and http://manpages.ubuntu.com/manpages/precise/man1/pstree.1.html
You can use htop -u USERNAME and then press F5
I connect to a remote server using SSH
I was compiling using cmake and then make, it's not common to have a progress percentage in compilation process, but this time it has. I was watching the compilation process until my internet connection failed, so puTTY closed the session and I had to connect again to my server. I though that all the progress was lost, but i first make sure by watching the processes list by ps aux command, and I noticed that the processes related to the compilation are still running:
1160 tty1 Ss+ 0:00 /sbin/mingetty tty1
2265 ? Ss 0:00 sshd: root#pts/1
2269 pts/1 Ss 0:00 -bash
2353 pts/1 S+ 0:00 make
2356 pts/1 S+ 0:00 make -f CMakeFiles/Makefile2 all
2952 ? S 0:00 pickup -l -t fifo -u
3085 ? Ss 0:00 sshd: root#pts/0
3089 pts/0 Ss 0:00 -bash
3500 pts/1 S+ 0:01 make -f src/compiler/CMakeFiles/hphp_analysis.dir/bui
3509 pts/1 S+ 0:00 /bin/sh -c cd /root/hiphop/hiphop-php/src/compiler &&
3510 pts/1 S+ 0:00 /usr/bin/g++44 -DNO_JEMALLOC=1 -DNO_TCMALLOC=1 -D_GNU
3511 pts/1 R+ 0:03 /usr/libexec/gcc/x86_64-redhat-linux6E/4.4.4/cc1plus
3512 pts/0 R+ 0:00 ps ax
I would like to know if is possible to watch the current progress of the compilation by watching the previously closed terminal output. Something similar like 'cat /dev/vcsa1' or something
As per the comment above, you should have used screen.
As it is, you could try to peek at the file descriptors used by sshd and the shell that you started, but I don't think this will get you very far.