In Linux, almost everything is either a File, or a Process. Here is some great information about Processes.
There are essentially 2 types of Processes. The Classic Process, and the Modern Process. However, both types of processes have components in common. A process consists of the executing program, data, files, other resources (such as memory), and an Operating System abstraction called the Execution Engine (which consists of the Status and Stack). A Process is a computational environment.
Each Process has a PID, or Process IDentification number. The PID is similar to a Process Descriptor. This will just be number, such as 2310, or 508.
A Classic Process can be defined as a program in execution. When a Classic Process is started, it is assigned it’s own private address space (chunk of memory). This private address space will hold the references to the process’s stack, status, and data. A Classic Process can be forked (by the fork() call), and thus create a Child Process. A Child Process is given it’s own address space, and an exact copy of the parent’s address space, however, the child and parent share the same File Descriptors.
The main parts of a Classic Process are these: Text Segment, Data Segment, and Stack Segment. The Text Segment is the compiled binary instructions. The Data Segment holds things like constants, such as Pi- 3.1415, or whatever the program defined. The Stack Segment holds temporary variables.
A Modern Process is more of a container for Threads (or Light Weight Processes). A Modern Process can have multiple Threads of execution. For example, a Modern Process requires a Thread to execute (base thread), whereas, a Classic Process does not. The Base Thread can then start other process’s with their own threads with their own PID, or, simply start other threads under the same PID.
A Process that has multiple threads will share the Executing Program, Data, Files, and Other Resources between the threads. However, each thread has it’s own Status and Stack.
To view processes on the Linux Command Line, simply use the ps command:
You’ll notice that the output may be small. By default, the ps program will only show your current user’s processes. Here is some example output:
PID TTY TIME CMD
2766 pts/1 00:00:00 bash
2781 pts/1 00:00:00 ps
You can see that there are 2 PIDs, 2766 and 2781. The CMD is the command that was run, so you can see that I used bash, and ran the ps command. Those are my only 2 processes. Of course, the second process stops shortly after this output is displayed.
Also note the TTY. A TTY is a terminal connected to standard input. So, ps is only showing me the processes running in that TTY.
You can use some options to view more processes:
Here is a short excerpt from the command:
root 2493 0.0 0.0 28268 1116 ? Ss 16:28 0:00 wpa_supplicant
jon 2509 1.3 4.1 558924 73604 ? Sl 16:28 0:47 /opt/google/chr
jon 2514 0.0 0.3 247400 6448 ? S 16:28 0:00 \_ /opt/google
jon 2515 0.0 0.0 6020 580 ? S 16:28 0:00 \_ /opt/google
With the “faux” option, we can see the PID, the user who owns the process, the CPU% used, the Memory % used, the TTY, Start time, and command, as well as child processes starting with the \_ symbols before the command name.
If you want to see the Thread ID’s as well as the Process ID’s, you need to use different options:
In this out you will have a column for the PID, and LWP (Light Weight Process). The LWP is basically the Thread ID, and you will see that some PID’s have multiple LWP. You can use -A option to view all the processes.
Another great tool to checkout is “top.” Top will give you live updated feedback of the proesses running, their cpu and memeory usage, etc. Give it a try!