Today, we are going to take a look inside the /proc directory and develop a familiarity with it. The /proc directory is present on all Linux systems, regardless of flavor or architecture.
One misconception that we have to immediately clear up is that the /proc directory is NOT a real File System, in the sense of the term. It is a Virtual File System. Contained within the procfs are information about processes and other system information. It is mapped to /proc and mounted at boot time.
First, lets get into the /proc directory and have a look around:
# cd /proc
The first thing that you will notice is that there are some familiar sounding files, and then a whole bunch of numbered directories. The numbered directories represent processes, better known as PIDs, and within them, a command that occupies them. The files contain system information such as memory (meminfo), CPU information (cpuinfo), and available filesystems.
Let’s take a look at one of the files first:
# cat /proc/meminfo
which returns something similar to this:
MemTotal: 604340 kB MemFree: 54240 kB Buffers: 18700 kB Cached: 369020 kB SwapCached: 0 kB Active: 312556 kB Inactive: 164856 kB Active(anon): 89744 kB Inactive(anon): 360 kB Active(file): 222812 kB Inactive(file): 164496 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Dirty: 0 kB Writeback: 0 kB AnonPages: 89724 kB Mapped: 18012 kB Shmem: 412 kB Slab: 50104 kB SReclaimable: 40224 kB ...
As you can see, /proc/meminfo contains a bunch of information about your system’s memory, including the total amount available (in kb) and the amount free on the top two lines.
Running the cat command on any of the files in /proc will output their contents. Information about any files is available in the man page by running:
# man 5 /proc/<filename>
I will give you quick rundown on /proc’s files:
- /proc/cmdline – Kernel command line information.
- /proc/console – Information about current consoles including tty.
- /proc/devices – Device drivers currently configured for the running kernel.
- /proc/dma – Info about current DMA channels.
- /proc/fb – Framebuffer devices.
- /proc/filesystems – Current filesystems supported by the kernel.
- /proc/iomem – Current system memory map for devices.
- /proc/ioports – Registered port regions for input output communication with device.
- /proc/loadavg – System load average.
- /proc/locks – Files currently locked by kernel.
- /proc/meminfo – Info about system memory (see above example).
- /proc/misc – Miscellaneous drivers registered for miscellaneous major device.
- /proc/modules – Currently loaded kernel modules.
- /proc/mounts – List of all mounts in use by system.
- /proc/partitions – Detailed info about partitions available to the system.
- /proc/pci – Information about every PCI device.
- /proc/stat – Record or various statistics kept from last reboot.
- /proc/swap – Information about swap space.
- /proc/uptime – Uptime information (in seconds).
- /proc/version – Kernel version, gcc version, and Linux distribution installed.
Within /proc’s numbered directories you will find a few files and links. Remember that these directories’ numbers correlate to the PID of the command being run within them. Let’s use an example. On my system, there is a folder name /proc/12:
# cd /proc/12 # ls
attr coredump_filter io mounts oom_score_adj smaps wchan autogroup cpuset latency mountstats pagemap stack auxv cwd limits net personality stat cgroup environ loginuid ns root statm clear_refs exe maps numa_maps sched status cmdline fd mem oom_adj schedstat syscall comm fdinfo mountinfo oom_score sessionid task
If I run:
# cat /proc/12/status
I get the following:
Name: xenwatch State: S (sleeping) Tgid: 12 Pid: 12 PPid: 2 TracerPid: 0 Uid: 0 0 0 0 Gid: 0 0 0 0 FDSize: 64 Groups: Threads: 1 SigQ: 1/4592 SigPnd: 0000000000000000 ShdPnd: 0000000000000000 SigBlk: 0000000000000000 SigIgn: ffffffffffffffff SigCgt: 0000000000000000 CapInh: 0000000000000000 CapPrm: ffffffffffffffff CapEff: ffffffffffffffff CapBnd: ffffffffffffffff Cpus_allowed: 1 Cpus_allowed_list: 0 Mems_allowed: 00000000,00000001 Mems_allowed_list: 0 voluntary_ctxt_switches: 84 nonvoluntary_ctxt_switches: 0
So, what does this mean? Well, the important part is at the top. We can see from the status file that this process belongs to xenwatch. Its current state is sleeping, and its process ID is 12, obviously. We also can see who is running this, as UID and GID are 0, indicating that this process belongs to the root user.
In any numbered directory, you will have a similar file structure. The most important ones, and their descriptions, are as follows:
- cmdline – command line of the process
- environ – environmental variables
- fd – file descriptors
- limits – contains information about the limits of the process
- mounts – related information
You will also notice a number of links in the numbered directory:
- cwd – a link to the current working directory of the process
- exe – link to the executable of the process
- root – link to the work directory of the process
This should get you started with familiarizing yourself with the /proc directory. It should also provide insight to how a number of commands obtain their info, such as uptime, lsof, mount, and ps, just to name a few.