All You Need To Know About Processes in Linux [Comprehensive Guide]
In this article, we will walk through a basic understanding of processes and briefly look at how to manage processes in Linux using certain commands.
A process refers to a program in execution; it’s a running instance of a program. It is made up of the program instruction, data read from files, other programs or input from a system user.
Types of Processes
There are fundamentally two types of processes in Linux:
- Foreground processes (also referred to as interactive processes) – these are initialized and controlled through a terminal session. In other words, there has to be a user connected to the system to start such processes; they haven’t started automatically as part of the system functions/services.
- Background processes (also referred to as non-interactive/automatic processes) – are processes not connected to a terminal; they don’t expect any user input.
What is Daemons
These are special types of background processes that start at system startup and keep running forever as a service; they don’t die. They are started as system tasks (run as services), spontaneously. However, they can be controlled by a user via the init process.
Creation of a Processes in Linux
A new process is normally created when an existing process makes an exact copy of itself in memory. The child process will have the same environment as its parent, but only the process ID number is different.
There are two conventional ways used for creating a new process in Linux:
- Using The System() Function – this method is relatively simple, however, it’s inefficient and has significantly certain security risks.
- Using fork() and exec() Function – this technique is a little advanced but offers greater flexibility, speed, together with security.
How Does Linux Identify Processes?
Because Linux is a multi-user system, meaning different users can be running various programs on the system, each running instance of a program must be identified uniquely by the kernel.
And a program is identified by its process ID (PID) as well as it’s parent processes ID (PPID), therefore processes can further be categorized into:
- Parent processes – these are processes that create other processes during run-time.
- Child processes – these processes are created by other processes during run-time.
The Init Process
Init process is the mother (parent) of all processes on the system, it’s the first program that is executed when the Linux system boots up; it manages all other processes on the system. It is started by the kernel itself, so in principle it does not have a parent process.
The init process always has process ID of 1. It functions as an adoptive parent for all orphaned processes.
You can use the pidof command to find the ID of a process:
# pidof systemd # pidof top # pidof httpd
To find the process ID and parent process ID of the current shell, run:
$ echo $$ $ echo $PPID
Starting a Process in Linux
Once you run a command or program (for example cloudcmd – CloudCommander), it will start a process in the system. You can start a foreground (interactive) process as follows, it will be connected to the terminal and a user can send input it:
Linux Background Jobs
To start a process in the background (non-interactive), use the
& symbol, here, the process doesn’t read input from a user until it’s moved to the foreground.
# cloudcmd & # jobs
You can also send a process to the background by suspending it using
[Ctrl + Z], this will send the SIGSTOP signal to the process, thus stopping its operations; it becomes idle:
# tar -cf backup.tar /backups/* #press Ctrl+Z # jobs
To continue running the above-suspended command in the background, use the bg command:
To send a background process to the foreground, use the fg command together with the job ID like so:
# jobs # fg %1
You may also like: How to Start Linux Command in Background and Detach Process in Terminal
States of a Process in Linux
During execution, a process changes from one state to another depending on its environment/circumstances. In Linux, a process has the following possible states:
- Running – here it’s either running (it is the current process in the system) or it’s ready to run (it’s waiting to be assigned to one of the CPUs).
- Waiting – in this state, a process is waiting for an event to occur or for a system resource. Additionally, the kernel also differentiates between two types of waiting processes; interruptible waiting processes – can be interrupted by signals and uninterruptible waiting processes – are waiting directly on hardware conditions and cannot be interrupted by any event/signal.
- Stopped – in this state, a process has been stopped, usually by receiving a signal. For instance, a process that is being debugged.
- Zombie – here, a process is dead, it has been halted but it’s still has an entry in the process table.
How to View Active Processes in Linux
1. ps Command
It displays information about a selection of the active processes on the system as shown below:
# ps # ps -e | head
2. top – System Monitoring Tool
Read this for more top usage examples: 12 TOP Command Examples in Linux
3. glances – System Monitoring Tool
glances is a relatively new system monitoring tool with advanced features:
For a comprehensive usage guide, read through: Glances – An Advanced Real Time System Monitoring Tool for Linux
There are several other useful Linux system monitoring tools you can use to list active processes, open the link below to read more about them:
How to Control Processes in Linux
Linux also has some commands for controlling processes such as kill, pkill, pgrep and killall, below are a few basic examples of how to use them:
$ pgrep -u tecmint top $ kill 2308 $ pgrep -u tecmint top $ pgrep -u tecmint glances $ pkill glances $ pgrep -u tecmint glances
To learn how to use these commands in-depth, to kill/terminate active processes in Linux, open the links below:
- A Guide to Kill, Pkill and Killall Commands to Terminate Linux Processess
- How to Find and Kill Running Processes in Linux
Note that you can use them to kill unresponsive applications in Linux when your system freezes.
Sending Signals To Processes
The fundamental way of controlling processes in Linux is by sending signals to them. There are multiple signals that you can send to a process, to view all the signals run:
$ kill -l
To send a signal to a process, use the kill, pkill or pgrep commands we mentioned earlier on. But programs can only respond to signals if they are programmed to recognize those signals.
And most signals are for internal use by the system, or for programmers when they write code. The following are signals which are useful to a system user:
- SIGHUP 1 – sent to a process when its controlling terminal is closed.
- SIGINT 2 – sent to a process by its controlling terminal when a user interrupts the process by pressing
- SIGQUIT 3 – sent to a process if the user sends a quit signal
- SIGKILL 9 – this signal immediately terminates (kills) a process and the process will not perform any clean-up operations.
- SIGTERM 15 – this a program termination signal (kill will send this by default).
- SIGTSTP 20 – sent to a process by its controlling terminal to request it to stop (terminal stop); initiated by the user pressing
The following are kill commands examples to kill the Firefox application using its PID once it freezes:
$ pidof firefox $ kill 9 2687 OR $ kill -KILL 2687 OR $ kill -SIGKILL 2687
To kill an application using its name, use pkill or killall like so:
$ pkill firefox $ killall firefox
Changing Linux Process Priority
On the Linux system, all active processes have a priority and certain nice value. Processes with higher priority will normally get more CPU time than lower priority processes.
However, a system user with root privileges can influence this with the nice and renice commands.
From the output of the top command, the NI shows the process nice value:
Use the nice command to set a nice value for a process. Keep in mind that normal users can attribute a nice value from zero to 20 to processes they own.
Only the root user can use negative nice values.
To renice the priority of a process, use the renice command as follows:
$ renice +8 2687 $ renice +8 2103
Check out our some useful articles on how to manage and control Linux processes.
- Linux Process Management: Boot, Shutdown, and Everything in Between
- Find Top 15 Processes by Memory Usage with ‘top’ in Batch Mode
- Find Top Running Processes by Highest Memory and CPU Usage in Linux
- How to Find a Process Name Using PID Number in Linux
That’s all for now! Do you have any questions or additional ideas, share them with us via the feedback form below.