You can use the ps command to view the running process. You usually use the parameters of the ps command to display more output information. I like to use the - e parameter to see each running process, and the - f parameter to get the full details of each process. Here are some examples:
$ ps
PID TTY TIME CMD
88000 pts/0 00:00:00 bash
88052 pts/0 00:00:00 ps
88053 pts/0 00:00:00 head$ ps -e | head
PID TTY TIME CMD
1 ? 00:00:50 systemd
2 ? 00:00:00 kthreadd
3 ? 00:00:00 rcu_gp
4 ? 00:00:00 rcu_par_gp
6 ? 00:00:02 kworker/0:0H-events_highpri
9 ? 00:00:00 mm_percpu_wq
10 ? 00:00:01 ksoftirqd/0
11 ? 00:00:12 rcu_sched
12 ? 00:00:00 migration/0$ ps -ef | head UID PID PPID C STIME TTY TIME CMD root 1 0 0 13:51 ? 00:00:50 /usr/lib/systemd/systemd --switched-root --system --deserialize 36 root 2 0 0 13:51 ? 00:00:00 [kthreadd] root 3 2 0 13:51 ? 00:00:00 [rcu_gp] root 4 2 0 13:51 ? 00:00:00 [rcu_par_gp] root 6 2 0 13:51 ? 00:00:02 [kworker/0:0H-kblockd] root 9 2 0 13:51 ? 00:00:00 [mm_percpu_wq] root 10 2 0 13:51 ? 00:00:01 [ksoftirqd/0] root 11 2 0 13:51 ? 00:00:12 [rcu_sched] root 12 2 0 13:51 ? 00:00:00 [migration/0]
The final example shows the most details. In each line, the UID (user ID) shows the owner of the process. PID (process ID) represents the digital ID of each process, while PPID (parent process ID) represents the digital ID of its parent process. In any Unix system, the process is numbered from 1 and is the first process to run after the kernel is started. Here, systemd is the first process that spawned kthreadd, which also created other processes, including rcu_gp,rcu_par_gp and a series of processes.
Use the kill command to manage processes
The system handles most background processes, so you don't need to worry about them. You only need to focus on the processes created by the application you are running. Although many applications run only one process at a time (such as music player, terminal simulator or game), other applications may create background processes. Some of these apps may still run in the background after you exit so that they can start quickly the next time you use them.
When I run chromium (an open source project on which Google Chrome is based), process management becomes a problem. Chromium ran very hard on my laptop and produced many additional processes. Now I can see these chromium processes by opening only five tabs:
$ ps -ef | fgrep chromium jhall 66221 [...] /usr/lib64/chromium-browser/chromium-browser [...] jhall 66230 [...] /usr/lib64/chromium-browser/chromium-browser [...] [...] jhall 66861 [...] /usr/lib64/chromium-browser/chromium-browser [...] jhall 67329 65132 0 15:45 pts/0 00:00:00 grep -F chromium
I've omitted some lines, including 20 chromium processes and a grep process searching for "chromium" characters.
$ ps -ef | fgrep chromium | wc -l 21
But after I quit Chromium, these processes are still running. How do I close them and reclaim the memory and CPU occupied by these processes?
The kill command allows you to terminate a process. In the simplest case, you tell the kill command to terminate the PID of the process you want to terminate. For example, to terminate these processes, I need to execute the kill command for all 20 Chromium process IDs. One method is to use the command line to obtain Chromium PID, and the other method is to run kill against the list:
$ ps -ef | fgrep /usr/lib64/chromium-browser/chromium-browser | awk '{print $2}'
66221
66230
66239
66257
66262
66283
66284
66285
66324
66337
66360
66370
66386
66402
66503
66539
66595
66734
66848
66861
69702
$ ps -ef | fgrep /usr/lib64/chromium-browser/chromium-browser | awk '{print $2}' > /tmp/pids
$ kill $(cat /tmp/pids)The last two lines are the key. The first command line generates a list of process IDs from Chromium browser. The second command line runs the kill command against the list of process IDs.
Describes the kill command
There is a simpler way to terminate multiple processes at once. Use the kill command. You may guess from the name that kill will terminate all processes matching the name. This means that we can use this command to stop all rogue Chromium processes. This is very simple:
$ killall /usr/lib64/chromium-browser/chromium-browser
But be careful to use kill. This command can terminate all processes that match the name you give. That's why I like to use the ps -ef command to check the process I'm running, and then run kill for the exact path of the command to stop.
You can also use the - i or -- interactive parameter to let killkill prompt you before stopping each process.
killall also supports using the - o or -- older than parameters to find processes earlier than a specific time. For example, it will be helpful if you find a group of malicious processes that have been running for several days. Alternatively, you can find processes later than a specific time, such as runaway processes you recently started. Use the - y or -- young than parameters to find these processes.
Other ways of managing processes
Process management is an important part of system maintenance. In my early career as a Unix and Linux system administrator, the ability to kill illegal jobs was the key to keeping the system running normally. Today, you may not need to personally terminate rogue processes on Linux, but you know that kill and kill can help you in the end.
You can also find other ways to manage the process. In my case, I don't need to use kill or kill to terminate the background Chromium process after I exit the browser. There is a simple setting in Chromium to control:
However, it is wise to always focus on which processes are running on the system and intervene when needed.