One of the most used commands in linux to find about the running processes in linux is ps command and top command. There are many command line arguments that we can give to these commands to extract the exact information that we need. But it is a bit confusing, right? So here we are going to look for the most used command line arguments in the ps command.
1. ps -eflH
root@ubuntu:/tmp$ ps -elfH
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
1 S root 2 0 0 80 0 - 0 kthrea 08:23 ? 00:00:00 [kthreadd]
1 S root 236 2 0 60 -20 - 0 loop_t 08:23 ? 00:00:02 [loop0]
1 S root 238 2 0 80 0 - 0 kjourn 08:23 ? 00:00:00 [jbd2/loop0-8]
4 S root 1 0 0 80 0 - 830 poll_s 08:23 ? 00:00:00 /sbin/init
1 S root 304 1 0 80 0 - 662 poll_s 08:24 ? 00:00:00 upstart-udev-bridge --daemon
5 S root 306 1 0 80 0 - 775 ep_pol 08:24 ? 00:00:00 udevd --daemon
5 S root 442 306 0 80 0 - 774 ep_pol 08:24 ? 00:00:00 udevd --daemon
5 S root 443 306 0 80 0 - 774 ep_pol 08:24 ? 00:00:00 udevd --daemon
1 S root 730 1 0 80 0 - 663 poll_s 08:24 ? 00:00:00 upstart-socket-bridge --daemon
4 S root 881 1 0 80 0 - 1606 poll_s 08:24 ? 00:00:00 /usr/sbin/sshd -D
5 S syslog 902 1 0 80 0 - 7253 poll_s 08:24 ? 00:00:00 rsyslogd -c5
5 S 103 908 1 0 80 0 - 1075 poll_s 08:24 ? 00:00:01 dbus-daemon --system --fork --activation=upstart
4 S root 922 1 0 80 0 - 666 ep_pol 08:24 ? 00:00:00 /usr/sbin/dnscrypt-proxy -a 127.0.0.2
0 S root 937 1 0 80 0 - 1716 poll_s 08:24 ? 00:00:00 /usr/sbin/modem-manager
5 S root 939 1 0 80 0 - 6947 poll_s 08:24 ? 00:00:00 NetworkManager
4 S root 1037 1 0 80 0 - 10297 poll_s 08:24 ? 00:00:00 lightdm
4 S root 1079 1037 0 80 0 - 4946 poll_s 08:24 tty7 00:00:13 /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -back
4 S sree 1636 1037 0 80 0 - 11874 poll_s 08:25 ? 00:00:00 /usr/bin/gnome-session --session=ubuntu
1 S sree 1669 1636 0 80 0 - 964 poll_s 08:25 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-ses
0 S sree 1696 1636 0 80 0 - 31232 poll_s 08:25 ? 00:00:01 /usr/lib/gnome-settings-daemon/gnome-settings-daemon
0 S sree 1710 1636 0 80 0 - 61219 poll_s 08:25 ? 00:00:40 compiz
0 S sree 1867 1710 0 80 0 - 510 wait 08:25 ? 00:00:00 /bin/sh -c /usr/bin/compiz-decorator
0 S sree 1868 1867 0 80 0 - 5769 poll_s 08:25 ? 00:00:00 /usr/bin/unity-window-decorator
0 S sree 2621 1710 0 80 0 - 510 wait 09:33 ? 00:00:00 /bin/sh -c gnome-terminal
0 S sree 2622 2621 0 80 0 - 35946 poll_s 09:33 ? 00:00:06 gnome-terminal
0 S sree 2628 2622 0 80 0 - 553 unix_s 09:33 ? 00:00:00 gnome-pty-helper
0 S sree 2629 2622 0 80 0 - 2342 wait 09:33 pts/0 00:00:00 bash
0 R sree 2970 2629 0 80 0 - 1282 - 09:52 pts/0 00:00:00 ps -elfH
Here we can see each of the command line switches (command line arguments) can do the the simple ps command.
-e This will show all processes running in the system
-l This will show the out put in long listing format
-H This will show the processes started in hierarchical format
-f This will show the commands which has started the process
Now we can check the columns in the above output.
F: system flag set by kernel for the process
S: state of the process (S for sleeping,R for running,Z for zombie and T for process terminated)
PID: process id of parent process
C: cpu usage by the process
PRI: priority of the process(higher the value lower the priority)
NI: nice value which is used to set priority of the process
ADDR: memory address of the process
SZ: approximate amount of swap space required if the process was swapped out
WCHAN: address of kernel function where the process is sleeping
STIME: start time of the process
TTY: terminal in which the process is running
TIME: total time taken by the process to run
CMD: command which is used to run the process
In the above command see this section:
4 S root 1037 1 0 80 0 - 10297 poll_s 08:24 ? 00:00:00 lightdm
4 S root 1079 1037 0 80 0 - 4946 poll_s 08:24 tty7 00:00:13 /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -back
4 S sree 1636 1037 0 80 0 - 11874 poll_s 08:25 ? 00:00:00 /usr/bin/gnome-session --session=ubuntu
1 S sree 1669 1636 0 80 0 - 964 poll_s 08:25 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-ses
0 S sree 1696 1636 0 80 0 - 31232 poll_s 08:25 ? 00:00:01 /usr/lib/gnome-settings-daemon/gnome-settings-daemon
0 S sree 1710 1636 0 80 0 - 61219 poll_s 08:25 ? 00:00:40 compiz
0 S sree 1867 1710 0 80 0 - 510 wait 08:25 ? 00:00:00 /bin/sh -c /usr/bin/compiz-decorator
0 S sree 1868 1867 0 80 0 - 5769 poll_s 08:25 ? 00:00:00 /usr/bin/unity-window-decorator
0 S sree 2621 1710 0 80 0 - 510 wait 09:33 ? 00:00:00 /bin/sh -c gnome-terminal
0 S sree 2622 2621 0 80 0 - 35946 poll_s 09:33 ? 00:00:06 gnome-terminal
0 S sree 2628 2622 0 80 0 - 553 unix_s 09:33 ? 00:00:00 gnome-pty-helper
0 S sree 2629 2622 0 80 0 - 2342 wait 09:33 pts/0 00:00:00 bash
0 R sree 2970 2629 0 80 0 - 1282 - 09:52 pts/0 00:00:00 ps -elfH
See the last column,
It shows that lightdm has started first and then it has spawned /usr/bin/X (graphical interface) which has started Gnome Desktop Environment and finally it has started bach and the command ps -elfH.
It shows the process in hierarchical order. This is very helpful for troubleshooting.
2. ps auxef
This is based on the BSD style
f: shows in hierarchical format
e: shows environmental variables used
a: shows all processes
u: uses user oriented format
x: shows detailed information including the command which started the process
1. ps -eflH
root@ubuntu:/tmp$ ps -elfH
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
1 S root 2 0 0 80 0 - 0 kthrea 08:23 ? 00:00:00 [kthreadd]
1 S root 236 2 0 60 -20 - 0 loop_t 08:23 ? 00:00:02 [loop0]
1 S root 238 2 0 80 0 - 0 kjourn 08:23 ? 00:00:00 [jbd2/loop0-8]
4 S root 1 0 0 80 0 - 830 poll_s 08:23 ? 00:00:00 /sbin/init
1 S root 304 1 0 80 0 - 662 poll_s 08:24 ? 00:00:00 upstart-udev-bridge --daemon
5 S root 306 1 0 80 0 - 775 ep_pol 08:24 ? 00:00:00 udevd --daemon
5 S root 442 306 0 80 0 - 774 ep_pol 08:24 ? 00:00:00 udevd --daemon
5 S root 443 306 0 80 0 - 774 ep_pol 08:24 ? 00:00:00 udevd --daemon
1 S root 730 1 0 80 0 - 663 poll_s 08:24 ? 00:00:00 upstart-socket-bridge --daemon
4 S root 881 1 0 80 0 - 1606 poll_s 08:24 ? 00:00:00 /usr/sbin/sshd -D
5 S syslog 902 1 0 80 0 - 7253 poll_s 08:24 ? 00:00:00 rsyslogd -c5
5 S 103 908 1 0 80 0 - 1075 poll_s 08:24 ? 00:00:01 dbus-daemon --system --fork --activation=upstart
4 S root 922 1 0 80 0 - 666 ep_pol 08:24 ? 00:00:00 /usr/sbin/dnscrypt-proxy -a 127.0.0.2
0 S root 937 1 0 80 0 - 1716 poll_s 08:24 ? 00:00:00 /usr/sbin/modem-manager
5 S root 939 1 0 80 0 - 6947 poll_s 08:24 ? 00:00:00 NetworkManager
4 S root 1037 1 0 80 0 - 10297 poll_s 08:24 ? 00:00:00 lightdm
4 S root 1079 1037 0 80 0 - 4946 poll_s 08:24 tty7 00:00:13 /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -back
4 S sree 1636 1037 0 80 0 - 11874 poll_s 08:25 ? 00:00:00 /usr/bin/gnome-session --session=ubuntu
1 S sree 1669 1636 0 80 0 - 964 poll_s 08:25 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-ses
0 S sree 1696 1636 0 80 0 - 31232 poll_s 08:25 ? 00:00:01 /usr/lib/gnome-settings-daemon/gnome-settings-daemon
0 S sree 1710 1636 0 80 0 - 61219 poll_s 08:25 ? 00:00:40 compiz
0 S sree 1867 1710 0 80 0 - 510 wait 08:25 ? 00:00:00 /bin/sh -c /usr/bin/compiz-decorator
0 S sree 1868 1867 0 80 0 - 5769 poll_s 08:25 ? 00:00:00 /usr/bin/unity-window-decorator
0 S sree 2621 1710 0 80 0 - 510 wait 09:33 ? 00:00:00 /bin/sh -c gnome-terminal
0 S sree 2622 2621 0 80 0 - 35946 poll_s 09:33 ? 00:00:06 gnome-terminal
0 S sree 2628 2622 0 80 0 - 553 unix_s 09:33 ? 00:00:00 gnome-pty-helper
0 S sree 2629 2622 0 80 0 - 2342 wait 09:33 pts/0 00:00:00 bash
0 R sree 2970 2629 0 80 0 - 1282 - 09:52 pts/0 00:00:00 ps -elfH
Here we can see each of the command line switches (command line arguments) can do the the simple ps command.
-e This will show all processes running in the system
-l This will show the out put in long listing format
-H This will show the processes started in hierarchical format
-f This will show the commands which has started the process
Now we can check the columns in the above output.
F: system flag set by kernel for the process
S: state of the process (S for sleeping,R for running,Z for zombie and T for process terminated)
PID: process id of parent process
C: cpu usage by the process
PRI: priority of the process(higher the value lower the priority)
NI: nice value which is used to set priority of the process
ADDR: memory address of the process
SZ: approximate amount of swap space required if the process was swapped out
WCHAN: address of kernel function where the process is sleeping
STIME: start time of the process
TTY: terminal in which the process is running
TIME: total time taken by the process to run
CMD: command which is used to run the process
In the above command see this section:
4 S root 1037 1 0 80 0 - 10297 poll_s 08:24 ? 00:00:00 lightdm
4 S root 1079 1037 0 80 0 - 4946 poll_s 08:24 tty7 00:00:13 /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -back
4 S sree 1636 1037 0 80 0 - 11874 poll_s 08:25 ? 00:00:00 /usr/bin/gnome-session --session=ubuntu
1 S sree 1669 1636 0 80 0 - 964 poll_s 08:25 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-ses
0 S sree 1696 1636 0 80 0 - 31232 poll_s 08:25 ? 00:00:01 /usr/lib/gnome-settings-daemon/gnome-settings-daemon
0 S sree 1710 1636 0 80 0 - 61219 poll_s 08:25 ? 00:00:40 compiz
0 S sree 1867 1710 0 80 0 - 510 wait 08:25 ? 00:00:00 /bin/sh -c /usr/bin/compiz-decorator
0 S sree 1868 1867 0 80 0 - 5769 poll_s 08:25 ? 00:00:00 /usr/bin/unity-window-decorator
0 S sree 2621 1710 0 80 0 - 510 wait 09:33 ? 00:00:00 /bin/sh -c gnome-terminal
0 S sree 2622 2621 0 80 0 - 35946 poll_s 09:33 ? 00:00:06 gnome-terminal
0 S sree 2628 2622 0 80 0 - 553 unix_s 09:33 ? 00:00:00 gnome-pty-helper
0 S sree 2629 2622 0 80 0 - 2342 wait 09:33 pts/0 00:00:00 bash
0 R sree 2970 2629 0 80 0 - 1282 - 09:52 pts/0 00:00:00 ps -elfH
See the last column,
It shows that lightdm has started first and then it has spawned /usr/bin/X (graphical interface) which has started Gnome Desktop Environment and finally it has started bach and the command ps -elfH.
It shows the process in hierarchical order. This is very helpful for troubleshooting.
2. ps auxef
This is based on the BSD style
f: shows in hierarchical format
e: shows environmental variables used
a: shows all processes
u: uses user oriented format
x: shows detailed information including the command which started the process
Seem to recall that in a version of SCO OpenServer that I used at College in 1993-5 that the man entry for the ps command said something like: "The data output from the ps command is likely to be out of date, but what the hell, most of the output of the ps command is pretty much out of date anyway." Probably not completely correct but this is from memory (I do have a printout of it somewhere in one of my many paperwork boxes)!
ReplyDeleteInteresting..
Delete