The ps command in Linux is the abbreviation of Process Status. The ps command lists the processes currently running in the system. The ps command lists snapshots of the current processes, which are those processes at the time of execution of the ps command. If you want to dynamically display process information, you can use the top command.
To monitor and control the process, we must first understand the current process, that is, we need to view the current process, and the ps command is the most basic and very powerful process view command. Using this command, you can determine which processes are running and running, whether the process ends, whether the process is deadly, which processes occupy too much resources, and so on. In short, most of the information can be obtained by executing the command.
ps provides us with a one-time view of the process, the results it provides are not dynamic and continuous; if you want to monitor the process time, you should use top tool.
The Kill Command is used to kill processes.
Processes on linux have five states:
- Running (running or waiting in the running queue)
- Interruption (Hibernation, obstruction, waiting for a condition to form or receive a signal)
- Non-interruptible (signals received do not wake up and cannot run, processes must wait until interruptions occur)
- Rigidity (process terminated, but process descriptor exists until the parent calls wait4() system call and releases)
- Stop (process stops running after receiving SIGSTOP, SIGSTP, SIGTIN, SIGTOU signals)
The ps tool identifies five status codes of a process:
- D uninterruptible sleep (usually IO)
- R runnable (on run queue)
- S interrupt sleeping
- T Stop traced or stopped
- Z rigid a defunct ("zombie") process
1. Command format:
ps[parameter]
2. Command function:
Used to display the status of the current process
3. Command parameters:
- a Displays all processes
- - a Displays all programs under the same terminal
- - A Displays all processes
- c Displays the true name of the process
- - N reverse selection
- - e equals "-A"
- e Displays environment variables
- f Display Program Relations
- - H shows tree structure
- r Displays the process of the current terminal
- T Displays all programs of the current terminal
- u All processes for specified users
- - au displays more detailed information
- - aux displays all the itineraries that contain other users
- - C < Command > Lists the status of the specified command
- Lines < Number of rows > Number of rows per page
- Width < number of characters > number of characters per page
- - help displays help information
- version Display version Display
4. Use examples:
Example 1: Display all process information
Order:
ps -AOutput:
[root@localhost test6]# ps -A
PID TTY TIME CMD
1 ? 00:00:00 init
2 ? 00:00:01 migration/0
3 ? 00:00:00 ksoftirqd/0
4 ? 00:00:01 migration/1
5 ? 00:00:00 ksoftirqd/1
6 ? 00:29:57 events/0
7 ? 00:00:00 events/1
8 ? 00:00:00 khelper
49 ? 00:00:00 kthread
54 ? 00:00:00 kblockd/0
55 ? 00:00:00 kblockd/1
56 ? 00:00:00 kacpid
217 ? 00:00:00 cqueue/0
……Omit some resultsExplain:
Example 2: Display specified user information
Order:
ps -u rootOutput:
[root@localhost test6]# ps -u root
PID TTY TIME CMD
1 ? 00:00:00 init
2 ? 00:00:01 migration/0
3 ? 00:00:00 ksoftirqd/0
4 ? 00:00:01 migration/1
5 ? 00:00:00 ksoftirqd/1
6 ? 00:29:57 events/0
7 ? 00:00:00 events/1
8 ? 00:00:00 khelper
49 ? 00:00:00 kthread
54 ? 00:00:00 kblockd/0
55 ? 00:00:00 kblockd/1
56 ? 00:00:00 kacpid
……Omit some resultsExplain:
Example 3: Display all process information, along with the command line
Order:
ps -efOutput:
[root@localhost test6]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Nov02 ? 00:00:00 init [3]
root 2 1 0 Nov02 ? 00:00:01 [migration/0]
root 3 1 0 Nov02 ? 00:00:00 [ksoftirqd/0]
root 4 1 0 Nov02 ? 00:00:01 [migration/1]
root 5 1 0 Nov02 ? 00:00:00 [ksoftirqd/1]
root 6 1 0 Nov02 ? 00:29:57 [events/0]
root 7 1 0 Nov02 ? 00:00:00 [events/1]
root 8 1 0 Nov02 ? 00:00:00 [khelper]
root 49 1 0 Nov02 ? 00:00:00 [kthread]
root 54 49 0 Nov02 ? 00:00:00 [kblockd/0]
root 55 49 0 Nov02 ? 00:00:00 [kblockd/1]
root 56 49 0 Nov02 ? 00:00:00 [kacpid]
……Omit some resultsExplain:
Example 4: Commonly used combinations of ps and grep to find specific processes
Order:
ps -ef|grep sshOutput:
[root@localhost test6]# ps -ef|grep ssh
root 2720 1 0 Nov02 ? 00:00:00 /usr/sbin/sshd
root 17394 2720 0 14:58 ? 00:00:00 sshd: root@pts/0
root 17465 17398 0 15:57 pts/0 00:00:00 grep sshExplain:
Example 5: List the current login PID and related information that belongs to you
Order:
ps -lOutput:
[root@localhost test6]# ps -l
F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
4 S 0 17398 17394 0 75 0 - 16543 wait pts/0 00:00:00 bash
4 R 0 17469 17398 0 77 0 - 15877 - pts/0 00:00:00 psExplain:
Meaning of relevant information:
F stands for flag of the program and 4 for super user
S represents the state of the program (STAT). The meaning of each STAT will be introduced in the article.
The UID program is owned by the UID
PID is the ID of this program!
PPID is the ID of its parent program.
Percentage of resources used by the CPU
PRI is the abbreviation of Priority, which will be introduced later in detail.
NI This is the Nice value, which we will continue to introduce in the next section.
The ADDR is the kernel function, indicating the part of the program in memory. If it's a running program, it's usually "-"
Memory size used by SZ
Whether WCHAN is currently in operation or not, if -, it is in operation
Terminal location of TTY logger
CPU time used by TIME.
What are the instructions issued by CMD
By default, PS lists only the PIDs associated with the current bash shell, so when I use ps-l, there are only three PIDs.
Example 6: List all programs currently in memory
Order:
ps auxOutput:
[root@localhost test6]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10368 676 ? Ss Nov02 0:00 init [3]
root 2 0.0 0.0 0 0 ? S< Nov02 0:01 [migration/0]
root 3 0.0 0.0 0 0 ? SN Nov02 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S< Nov02 0:01 [migration/1]
root 5 0.0 0.0 0 0 ? SN Nov02 0:00 [ksoftirqd/1]
root 6 0.0 0.0 0 0 ? S< Nov02 29:57 [events/0]
root 7 0.0 0.0 0 0 ? S< Nov02 0:00 [events/1]
root 8 0.0 0.0 0 0 ? S< Nov02 0:00 [khelper]
root 49 0.0 0.0 0 0 ? S< Nov02 0:00 [kthread]
root 54 0.0 0.0 0 0 ? S< Nov02 0:00 [kblockd/0]
root 55 0.0 0.0 0 0 ? S< Nov02 0:00 [kblockd/1]
root 56 0.0 0.0 0 0 ? S< Nov02 0:00 [kacpid]
……Omit some resultsExplain:
USER: The process belongs to that user's account
PID: Number of the process
% CPU: Percentage of CPU resources used by this process
% MEM: Percentage of physical memory occupied by the process
VSZ: The amount of virtual memory used by the process (Kbytes)
RSS: The fixed amount of memory (Kbytes) used by the process
TTY: This process operates on that terminal. If it has nothing to do with the terminal, it will be displayed. In addition, tty1-tty6 is the login program on the terminal. If it is pts/0 and so on, it is the program connected to the host by the network.
STAT: The current state of the program, the main state is
R: The program is currently in operation, or can be operated.
S: The program is currently sleeping (idle state), but can be awakened by some signal.
T: The program is currently being detected or stopped.
Z: The program should have been terminated, but its parent program could not terminate him normally, resulting in the state of zombie program.
START: The time when the process was triggered to start
TIME: The actual CPU operation time of the process
COMMAND: The actual instructions of the program
Example 7: List program display similar to program tree
Order:
ps -axjfOutput:
[root@localhost test6]# ps -axjf
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
PPID PID PGID SID TTY TPGID STAT UID TIME COMMAND
0 1 1 1 ? -1 Ss 0 0:00 init [3]
1 2 1 1 ? -1 S< 0 0:01 [migration/0]
1 3 1 1 ? -1 SN 0 0:00 [ksoftirqd/0]
1 4 1 1 ? -1 S< 0 0:01 [migration/1]
1 5 1 1 ? -1 SN 0 0:00 [ksoftirqd/1]
1 6 1 1 ? -1 S< 0 29:58 [events/0]
1 7 1 1 ? -1 S< 0 0:00 [events/1]
1 8 1 1 ? -1 S< 0 0:00 [khelper]
1 49 1 1 ? -1 S< 0 0:00 [kthread]
49 54 1 1 ? -1 S< 0 0:00 \_ [kblockd/0]
49 55 1 1 ? -1 S< 0 0:00 \_ [kblockd/1]
49 56 1 1 ? -1 S< 0 0:00 \_ [kacpid]Explain:
Example 8: Find out the PID numbers associated with cron and syslog services
Order:
Output:
[root@localhost test6]# ps aux | egrep '(cron|syslog)'
root 2682 0.0 0.0 83384 2000 ? Sl Nov02 0:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
root 2735 0.0 0.0 74812 1140 ? Ss Nov02 0:00 crond
root 17475 0.0 0.0 61180 832 pts/0 S+ 16:27 0:00 egrep (cron|syslog)
[root@localhost test6]#Explain:
Other examples:
1. Paging can be done by connecting | pipe to more
Order:
ps -aux |more- Display all processes and output them to the ps001.txt file
Order:
ps -aux > ps001.txt- Output specified fields
Order:
ps -o pid,ppid,pgrp,session,tpgid,comm Output:
[root@localhost test6]# ps -o pid,ppid,pgrp,session,tpgid,comm
PID PPID PGRP SESS TPGID COMMAND
17398 17394 17398 17398 17478 bash
17478 17398 17478 17398 17478 ps
[root@localhost test6]#