Please advice , how to verify the program that execute the process ?
For example
the following commands ( ps -ef ) will view the process sendmail in case this process is running
ps –ef | grep sendmail
root 9558 9544 019:05? 00:00:00/usr/sbin/sendmail-FCronDaemon-i-odi-oem-oi-t
what I want to find is the script that execute the binary /usr/sbin/sendmail
so my question – which flags I need to add to the syntax "ps –ef" in order to get from ps –ef the full details , include which program running the process
is it possible ?
Example and remark
If
/etc/rc3.d/sendmail run the binary /usr/sbin/sendmail
Then I expect to see the /etc/rc3.d/sendmail PATH from the command ps –ef …….
What do you need is a tree output and know the parent processes.
Example pstree -a:
[~]# pstree -a
init
├─atd
├─atop -a -w /var/log/atop.log 600
├─cron
├─dbus-daemon --system --fork --activation=upstart
├─getty -8 38400 tty4
│ ├─sshd
│ └─sshd
│ └─zsh
│ └─pstree -a
├─udevd --daemon
│ ├─udevd --daemon
│ └─udevd --daemon
├─upstart-socket- --daemon
├─upstart-udev-br --daemon
Here you can see that there is a process of zsh (my shell) which is running command pstree. The zsh itself was started by process sshd.
Here is the same output for ps -AF:
root 10006 649 0 22329 3944 0 12:48 ? 00:00:00 sshd: root#pts/2
root 10041 10006 0 10355 5276 0 12:48 pts/2 00:00:00 -zsh
root 16465 10041 0 4538 1220 0 12:52 pts/2 00:00:00 ps -AF
The second column is process id and the third column is parent process id. You see that the parent of ps -AF is the shell process 10041. You can always trace back processes to the init (process id 1) by walking them parent by parent.
In your case if you want to find /etc/rc3.d/sendmail you probably need to walk processes up from /usr/sbin/sendmail until you have something of which full path us under /etc/rc3.d.
Related
There is a field in process object in node.js: process.title
That field allows you to change process name displayed in top or ps command on linux.
Is there some way to do this for and in bash script also?
Changing the command line reference from running processes is possible on *NIX with /proc filesystem :
$ ps
PID TTY TIME CMD
106 tty4 00:00:01 bash
719 tty4 00:00:00 ps
$ echo "toto" > /proc/106/comm
$ ps
PID TTY TIME CMD
106 tty4 00:00:01 toto
719 tty4 00:00:00 ps
$
And yes, it's not the prettiest way to do so.
I installed Cygwin for 64 bit versions of Windows.and I run "Cygwin64 Terminal" in order to confirm whole process' state. As far as I know, ps command must show STAT column but It is impossible to find STAT column Whenever I execute "ps -l" or "ps aux" ,"ps -ef", "ps axj"..
I really want to view STAT column in ps command because a source code which I practice recently request me to check zombie process by means of ps command.
screenshot of ps command without STAT column
Use procps
$ /usr/bin/procps.exe ax
PID TTY STAT TIME COMMAND
1580 pty1 Ss 0:00 -bash
1624 pty0 R 0:00 /usr/bin/procps ax
1522 ? Ss 0:05 /usr/bin/mintty -i /Cygwin-Terminal.ico -
1599 pty1 T 0:00 less .bashrc
1523 pty0 Ss 0:00 -bash
1579 ? Ss 0:00 /usr/bin/mintty -i /Cygwin-Terminal.ico -
you can find it in procps-ng package
$ cygcheck -f /usr/bin/procps
procps-ng-3.3.16-1
I'm new to linux.
How can I show a list of all processes that says about each process if it's running or suspended?
I've tried
ps -ef|grep myusername
but it doesn't say if the processes are running or not.
also tried
ps ux
same thing, it doesn't say if the processes are running or not.
I'm looking for something like this list:
I get this list when I move a process to background, I don't know how to see it otherwise...
You can use "ps" to list processes, This (ps aux) will list all the processes. Given an example output of it below.
ps aux | more
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 189160 9376 ? Ss 15:51 0:04 /usr/lib/systemd/systemd --switched-root --system --deserialize 20
root 2 0.0 0.0 0 0 ? S 15:51 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 15:51 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 15:51 0:00 [kworker/0:0H]
root 7 0.0 0.0 0 0 ? S 15:51 0:06 [rcu_sched]
root 8 0.0 0.0 0 0 ? S 15:51 0:00 [rcu_bh]
root 9 0.0 0.0 0 0 ? S 15:51 0:04 [rcuos/0]
By checking the STAT of the process ( UNDER "STAT" ) you can identify the process states, Below are some possible states codes.
R running or runnable (on run queue)
D uninterruptible sleep (usually IO)
S interruptible sleep (waiting for an event to complete)
Z defunct/zombie, terminated but not reaped by its parent
T stopped, either by a job control signal or because it is being
traced
You can type "man ps" to get more info.
You can use htop to see the list of processes and there is a column for process state
What does a C process status mean in htop?
http://www.howtogeek.com/howto/ubuntu/using-htop-to-monitor-system-processes-on-linux/
ps -p PID -o comm=
Enter the code above where PID is PID of the process.
Following command will be more helpful to you.
Use the command : sudo lsof -i -n -P
This command lists the Application Name, PID, User, IP version, Device ID and the Node with Port Name. It shows both TCP and UDP.
Variations :
To format it in a nice, readable way; use :
sudo lsof -i -n -P | more
To view view only TCP connections :
sudo lsof -i -n -P | grep TCP | more
To view view only UDP connections :
sudo lsof -i -n -P | grep UDP | more
I know if I type ps -ef I get the processes. But how can I read the process tree of a user say xyz, so that I can draw it in hierarchal form?
Should I read the file path towards process and draw it as a tree structure? Or what?
Here is a selection from a larger ps -ef output:
UID PID PPID C STIME TTY TIME CMD
....
xyz 15152 15112 0 23:08:00 pts/19 0:00 usr/bin/bash
xyz 15112 15106 0 23:07:54 ? 0:00 /local/openssh/4.5p1/sbin/sshd -R
root 236 6535 0 21:27:06 ? 0:01 /local/openssh/4.5p1/sbin/sshd -R
xyz 15431 15152 0 23:09:30 pts/19 0:00 ps -ef
.....
How can I draw the process hierarchy of xyz?
Thanks
pstree [options] [pid or username];
see http://www.linfo.org/pstree.html and http://manpages.ubuntu.com/manpages/precise/man1/pstree.1.html
You can use htop -u USERNAME and then press F5
Does anyone know how to use procps-3.2.8 in listing all the running processes of ubuntu/linux?
And how to kill them using procps-3.2.8?
please provide the step-by-step procedure and provide useful links about procps.
procps is the package which contains the many command line utility provided. You can find the complete information about each utility option under the procpcs from the below location:
On the homepage we can get the following information about procps:
procps is the package that has a bunch of small useful utilities that give information about processes using the /proc filesystem. The
package includes the programs ps, top, vmstat, w, kill, free, slabtop,
and skill.*
http://www.linuxfromscratch.org/lfs/view/7.2/chapter06/procps.html
http://procps.sourceforge.net/
How to use procps-3.2.8 in listing all the running processes?
ps is the part of procps package and there are numerous ways to list the all running process(For detailed information do man ps).
mantosh#mantosh4u:~/practice$ ps -V
procps version 3.2.8
mantosh#mantosh4u:~/practice$ ps -AF
UID PID PPID C SZ RSS PSR STIME TTY TIME CMD
root 1 0 0 6143 2544 3 14:38 ? 00:00:00 /sbin/init
root 2 0 0 0 0 1 14:38 ? 00:00:00 [kthreadd]
.............................................................................
root 3320 2 0 0 0 0 15:13 ? 00:00:00 [kworker/u:2]
root 3334 2 0 0 0 1 15:18 ? 00:00:00 [kworker/1:0]
How to kill them using procps-3.2.8?
pkill is part of procps package which contains numerous command line option to kill a process. For detailed information man pkill on your terminal.
mantosh#mantosh4u:~/practice$ pkill -V
pkill (procps version 3.2.8)
mantosh#mantosh4u:~/practice$ pkill -f gedit
In the above example, the gedit was the process name which has been killed.