directory specified and searches all directories under the specified directory. In the
preceding example, we are looking for the file named
foo
. You can use regular expres‐
sions, including wildcards, in your search. If you want to find a file that begins with
the
letters
foo
, you use
find / -name “foo*” -print
. If you are using search patterns, you
need to put the string and pattern inside double quotes. While
find
has a lot of capa‐
bilities, this will get you started.
Process Management
When you
run a program, you initiate a process. You can think of a
process
as a
dynamic, running instance of a program, which is static as it sits on a storage
medium. Every running Linux system has dozens or hundreds of processes running
at any given time.
In most cases, you can expect the operating system to manage the
processes in the best way. However, at times you may want to get yourself involved.
As an example, you may want to check whether a process is running, since not all
processes are running in the foreground. A
foreground process
is one that currently
has the potential for the
user to see and interact with, as compared with a
background
process
, which a user wouldn’t be able to interact with unless it was brought to the
foreground and designed for user interaction. For example, just checking the number
of processes running on an otherwise
idle Kali Linux system, I discovered 141 pro‐
cesses. Out of that 141, only one was in the foreground. All others were services of
some sort.
To get a list of processes, you can use the
ps
command. The command all by itself
doesn’t get you much more than the list of processes that
belong to the user running
the program. Every process, just like files, has an owner and a group. The reason is
that processes need to interact with the filesystem and other objects, and having an
owner and a group is the way the operating system determines
whether the process
should be allowed access. In
Example 1-3
, you can see what just running
ps
looks like.
Example 1-3. Getting a process list
root@rosebud:~# ps
PID TTY TIME CMD
4068 pts/1 00:00:00 bash
4091 pts/1 00:00:00 ps
What you see in
Example 1-3
is the identification
number of the process, commonly
known as the
process ID
, or
PID
, followed by the teletypewriter port the command
was issued on, the amount
of time spent in the processor, and finally the command.
Most of the commands you will see have parameters you can append to the com‐
mand line, and these will change the behavior of the program.
