Viewing Processes In most cases, the first step in managing processes is to view what processes
are running on your system. The primary tool for viewing processes—and
one of the Linux administrator’s best friends—is the
ps
command. Run it in
your command line to see what processes are active:
kali >ps PID TTY TIME CMD
39659 pts/0 00:00:01 bash
39665 pts/0 00:00:00 ps
The Linux kernel, the inner core of the operating system that con
trols nearly everything, assigns a unique process ID (PID) to each process
sequentially, as the processes are created. When working with these processes
in Linux, you often need to specify their PIDs, so it is far more important to
note the PID of the process than the name of the process.
Alone, the
ps
command doesn’t really provide you with much infor
mation. Running the
ps
command without any options lists the processes
started (said to be invoked) by the currently loggedin user (in our case,
root) and what processes are running on that terminal. Here, it simply says
that the bash shell is open and running and that we ran the
ps
command.
We want and need far more information than that, particularly on those
processes run by other users and by the system in the background. Without
this information, we know very little of what is actually taking place on our
system.
Running the
ps
command with the options
aux
will show all processes
running on the system for all users, as shown in Listing 61. Note that you
don’t prefix these options with a dash (
-
) and that everything is in lower
case; because Linux is casesensitive, using uppercase options would give
you significantly different results.
kali >ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.4 202540 6396 ? Ss Apr24 0:46 /sbin/init
root 2 0.0 0.0 0 0 ? S Apr24 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S Apr24 0:26 [ksoftirqd/0]
--snip--
root 39706 0.0 0.2 36096 3204 pts/0 R+ 15:05 0:00 ps aux
Listing 6-1: Using the aux options to see processes for all users As you can see, this command now lists so many processes, they likely
run off the bottom of your screen. The first process is
init
, listed in the
Process Management
63 final column, and the last process is the command we ran to display,
ps aux
.
Many of the details (
PID
,
%CPU
,
TIME
,
COMMAND
, and so on) may be different on
your system but should have the same format. For our purposes, here are
the most important columns in this output: