Controlling Process

Components of Process
● A process represents a running program.
● It’s the abstraction through which memory, processor time, and I/O resources
can be managed and monitored.
● A process consists of an address space and a set of data structures within the
kernel.
● The address space is a set of memory pages that the kernel has marked for
the process’s use
PID: process ID number

● The kernel assigns a unique ID number to every process.

● Most commands and system calls that manipulate processes require you to
specify a PID to identify the target of the operation.
● PIDs are assigned in order as processes are created.
PPID: Parent PID
● Neither UNIX nor Linux has a system call that initiates a new process running
a particular program
● Instead, it’s done in two separate steps. First, an existing process must clone
itself to create a new process.
● The clone can then exchange the program it’s running for a different one
● When a process is cloned, the original process is referred to as the parent,
and the copy is called the child.
● The PPID attribute of a process is the PID of the parent from which it was
cloned
UID and EUID: real and effective user ID

● A process’s UID is the user identification number of the person who created
● The EUID is the “effective” user ID, an extra UID that determines what
resources and files a process has permission to access at any given moment.
GID and EGID : real and effective group ID

● The GID is the group identification number of a process

● GID (Group Identifier):
○ This represents the primary group of the user who owns the process.
● EGID (Effective Group Identifier):
○ This represents the effective group ID associated with the process.
○ Processes can acquire additional group permissions temporarily by
changing their effective group ID.
Niceness

● A process’s scheduling priority determines how much CPU time it receives.

● Niceness also known as nice value refers to a numeric representation of its
priority for cpu scheduling
Control terminal :

● When a process is associated with a terminal as its called control terminal

● Standard input ,standard output and standard error channel are connected to
the terminal device
● This allow the process to interact with the user through the terminal ,read
input from keyboard and display output and error message on screen
Process Life cycle
● The fork system call creates a new process by duplicating the existing
process.
● This new process is identical to the parent process except for its PID (Process
ID) and a few other attributes.
● After the fork call, both the parent and child processes continue execution
from the next instruction following the fork.
● They receive different return values from the fork call: the child gets 0, and the
parent gets the PID of the newly created child.
● After forking, the child process often uses one of the exec family of functions
to replace its current image with a new one.
● This allows the child process to execute a different program from the one that
its parent was executing.
● During system boot, the kernel initializes and launches several processes,
with one of the most notable being the initialization process, usually named
init or systemd.
● This process is assigned PID 1 and is responsible for starting and managing
other processes
● When a process completes, it calls a routine named _exit to notify the kernel
that it is ready to die. It supplies an exit code (an integer) that tells why it’s
exiting.
Signals
● Signals are process-level interrupt requests
● They can be sent among processes as a means of communication.
● They can be sent by the terminal driver to kill, interrupt, or suspend processes
when keys such as and are pressed.
● They can be sent by an administrator (with kill) to achieve various ends.
● They can be sent by the kernel when a process commits an infraction such as
division by zero
When a process receives a signal, one of two things happens:

● If the process has designated a signal handler for that particular signal, the
handler routine is called. The handler receives information about the context
in which the signal was delivered.
● If no handler is designated for the signal, the kernel takes some default action
on behalf of the process
Kill and Killall
kill

● The kill command is most often used to terminate a process. kill can send any
signal, but by default it sends a TERM
● The syntax is

kill [-signal] pid

where signal is the number or symbolic name of the signal to be sent.

● A kill without a signal number does not guarantee that the process will die,
because the TERM signal can be caught, blocked, or ignored.
killall
● kills processes by name.
● For example, the following command kills all Apache web server processes:

$ sudo killall httpd

● The pkill command searches for processes by name and sends the specified
signal.
Process State
Suspend AND Resume State

● The STOP and CONT signals allows for the suspension and resumption of
processes.
● The STOP signal suspends a process, pausing its execution.
● Conversely, the CONT signal resumes a previously stopped process,
allowing it to continue its execution from where it was halted.
● These signals affect the entire process and are not specific to individual
threads within the process
● Execution and waiting State :While a process may be considered runnable,
individual threads within that process often need to wait for the kernel to
perform certain tasks on their behalf before they can continue execution.
● Thread Sleep State: During the waiting period described above, the thread
enters a short-term sleep state, during which it cannot execute.
nice and renice
● The nice command is used to launch a new process with a modified
scheduling priority (niceness).
● In this, if we give a process a higher priority, then Kernel will allocate more
CPU time to that process.
● The range of allowable niceness values varies among systems. In Linux the
range is -20 to +19
● Lower values represent higher priorities, while higher values represent lower
priorities.
● Unless the user takes special action, a newly created process inherits the
niceness of its parent process.
● A process’s niceness can be set at the time of creation with the nice
command and adjusted later with the renice command.
renice
● The renice command is used to change the scheduling priority (niceness) of
already running processes
● It allows you to adjust the priority of a process by specifying its PID, process
group ID (PGID), or user.
● Example: renice +10 -p 1234 will increase the priority of the process with PID
1234 by 10.
ps
● The ps command is the system administrator’s main tool for monitoring
processes.
● ps can show the PID, UID, priority, and control terminal of processes.
● It also informs you how much memory a process is using, how much CPU
time it has consumed, and what its current status is
● You can obtain a useful overview of all the processes running on the system
with ps aux. The a option says show all processes, and x says show even
processes that don’t have a control terminal; u selects the “user oriented”
output format .
Example : $ps aux
top
● top command is used to show the Linux processes.
● It provides a dynamic real-time view of the running system.
● Usually, this command shows the summary information of the system and the
list of processes or threads which are currently managed by the Linux Kernel
The /proc filesystem
● The /proc filesystem in Linux is a virtual filesystem that provides a view into
the kernel's internal data structures and system parameters.
● /proc is often referred to as a "pseudo-filesystem" because it doesn't contain
real files on disk. Instead, it is a virtual filesystem that the kernel generates
dynamically to expose various system information and statistics to user-space
processes.
● The /proc filesystem contains a wide range of information about the system,
including details about running processes, memory usage, CPU utilization,
hardware configuration, and kernel parameters
● One of the primary purposes of /proc is to provide detailed information about
running processes.
● Each process is represented by a directory named with its Process ID (PID)
within the /proc directory.
● Inside each process directory, there are various files containing information
such as command line arguments, memory maps, file descriptors, and more.
● Many system parameters and settings can be dynamically adjusted by writing
to special files within the /proc filesystem
strace
● This commands display every system call that a process makes and every
signal it receives
● strace is a powerful debugging tool available in Linux systems, often used to
inspect the behavior of running processes at a low level.
● strace is designed to intercept and record the system calls made by a
process, providing insight into its behavior, interactions with the kernel, and
potential errors
● You can attach strace to a running process to observe its system calls in
real-time, or you can launch a new process with strace to monitor its behavior
from the start.
Functionality

● strace displays every system call made by the process, including details such
as the call name, arguments passed to the call, and the result code returned
by the kernel
● It decodes system call arguments, making it easier to understand the purpose
of each call.
● Errors that occur during system calls, such as filesystem permission errors or
socket conflicts, are often evident in the strace output
Runaway processes
● A runaway process refers to a program or process that consumes an
excessive amount of system resources, such as CPU, memory, disk, or
network bandwidth, beyond what is expected or reasonable for its normal
operation.
● Runaway processes can be identified by observing their abnormal
consumption of system resources.
● This can be seen through tools like ps, top, or uptime, which provide
information about CPU usage, memory consumption, and system load
averages.
● High CPU utilization, excessive memory usage, or consistently high system
load averages are common indicators of runaway processes
● Runaway processes may result from various factors, including software bugs,
inefficient implementation, or failure to handle upstream failures gracefully

● Runaway processes can significantly impact system performance and stability

by monopolizing system resources and interfering with the operation of other
processes