Ps Eng

From EIK wiki

Author

Author: Arina Püvi A21
Improved: Epp Maaten, AK21 2015/16
Translated: Christopher Carr, C11 2016/17
Last Change: 08.05.2017

Introduction

Operation systems track system processes and resources. A process is an instance of a program that is being executed, which has been allocated processor and memory (address space) resources. [1]


ps (process status) is a program, which in UNIX-based operation systems shows information about running processes. In Windows PowerShell the command Get-Process (whose alias is also pre-defined as ps) essentially serves the same purpose. [2]. For tracking processes in a graphical user interface, TaskManager (Windows) and Activity Monitor (MacOSX) is used.

Description

Data about processes are held in the process table. Each process has an identificator PID. A process may start other processes. A process, which started a second process is called a parent process. Processes form a process tree, the top of which is the first executed process. A process tree can be shown with the command pstree.

Processes have:

  • input stream STDIN
  • output stream STDOUT
  • error stream STDERR

The ps utility shall write information about processes, subject to having appropriate privileges to obtain information about those processes. By default, ps shall select all processes with the same effective user ID as the current user and the same controlling terminal as the invoker. [3]

Process table

The utility ps usually displays information about each process on a separate line. The process description line includes the PID (process identificator), the invoking terminal, CPU time and command tied to the process. With different parameters it is possible to change the ps command and filter processes you are searching for. If the command contains more than one sort order parameter, the processes will be sorted based on the last sorting option which was specified. [BSD General Commands Manual]

 ps

 PID  TTY      TIME     CMD
 2643 pts/o    00:00:00 su
 2644 pts/0    00:00:00 bash
 3092 pts/0    00:00:00 ps

All running processes have unique identificators (PID), which by default are in the range 1 - 32767. Every new process is assigned the next available PID. When a process finishes its job (or is killed), its PID is freed. Reaching the maximal PID, the next process PID will be selected as the smallest available PID and so on.

The column TTY describes the terminal from which the process was invoked. With no extra parameters, a simple ps command shows only the list of processes invoked in the running terminal, so the information in the TTY column is the same for all lines. The column TIME indicates the amount of time the process has used CPU (central processing unit) resources. This is NOT the time that the process was initiated! The TIME column should show as small a time as possible. If the time is too large, this can point to errors. In the column CMD, the processes own name is listed.

Extended process table elements

UID user identificator
PID process identificator
PPID parent process identificator
C process priority, which is used by process scheduler
STIME process start time
TTY the terminal, with which the given process is bound to
TIME time, that the given process has used CPU resources
CMD the command that invoked the given process
STAT the state of the process. The state is displayed as a sequence of symbols, for example RWNA. The first symbol (R) shows the process is running.

Process state characteristical parameters

R Marks a runnable process.
S Marks a process that is sleeping for less than about 20 seconds.
I Marks a process that is idle (sleeping for longer than about 20 seconds).
D Marks a process in disk (or other short term, uninterruptible) wait.
Z Marks a dead process (a zombie).
T Marks a stopped process.
W Marks an idle interrupt thread.
< The process has raised CPU scheduling priority.
N The process has reduced CPU scheduling priority
L The process has pages locked in core (for example, for raw I/O).

[BSD General Commands Manual]

Display options

Command syntax
ps [options]


Adding the following options to the command ps, we receive the next reports:

-A Display information for all processes.
-a Display information about other users' processes as well as your own (excluding processes which do not have a controlling terminal).
-e Display the environment as well.
-r Sort by current CPU usage, instead of the combination of controlling terminal and process ID.
-x When displaying processes matched by other options, include processes which do not have a controlling terminal.
-f Show commandline and environment information about swapped out processes. This option is honored only if the UID of the user is 0
-j Print information associated with the following keywords: user, pid, ppid, pgid, sid, jobc, state, tt, time, and command.
-l Display information associated with the following keywords: uid, pid, ppid, cpu, pri, nice, vsz, rss, mwchan, state, tt, time, and command.
-L List the set of keywords available for the -O and -o options.
-p Display information about processes which match the specified process IDs.
-G grouplist Display information about processes which are running with the specified real group IDs.
-N namelist Extract the name list from the specified system instead of the default, which is the kernel image the system has booted from.
-o format Display information according to the format specification.
-p proclist Display information about processes which match the specified process ID-s.
-s sidlist Display a list of all session leaders specified in sidlist.
-t termlist Display information about processes attached to the specified terminal devices.
-u userlist Display information associated with the following keywords: user, pid, %cpu, %mem, vsz, rss, tt, state, start, time, and command.
-U userlist Display the processes belonging to the specified usernames.

[BSD General Commands Manual]


Examples

Using the correct option, you can display a complete list of processes in the user's system.

 ps ax

 PID TTY      STAT   TIME COMMAND
 1   ?        S      0:01 init [3]
 2   ?        SN     0:00 [ksoftirqd/0]
 3   ?        S<     0:00 [events/0]
 4   ?        S<     0:00 [khelper]
 5   ?        S<     0:00 [kblockd/0]
 29  ?        S      0:00 [pdflush]

Complete information about every process at a given time: ps -ef

Even more detailed information about the running processes can be seen by running the command ps aux.
With this option you can, for example, search for more information, which user started the process, how much they use system resources (columns CPU, MEM, VSZ and RSS) and when the process was started. [6]

Remarks

  • An alternative to the ps command is top which displays ever-updating information about processes. However, the information you can display using top is limited to the size of the window, so any information that does not fit on screen is just ignored.
  • The ps command is convenient to use with the less utility, so one can use the up and down arrows to scroll through the information, for example ps ax | less.
  • Using the grep utility is convenient to search and display only necessary processes, for exmaple ps ax | grep smbd.

Related commands

  • top
  • pstree
  • proc

Summary

Process must be managed so that the computer could work effectively and optimally use the memory allocated to it. Processes must also sometimes be terminated (killed). To manage processes it is necessary to have knowledge of the ps command's many opportunities, to be able to gather necessary information about processes and know how to analyse it using the various options of the ps command.

Used materials

Command manual BSD General Commands Manual
https://en.wikipedia.org/wiki/Process_(computing) [1]
http://en.wikipedia.org/wiki/Ps_(Unix) [2]
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/ps.html [3]