If you want to know what processes are currently running, you can use ps (this stands for process status). By itself, ps, doesn't return much information; but there are a large number of options available to help you determine what processes are running. Perhaps the best group of options is -au, which lists all processes (the "a") along with the name of the user (the "u") who started it.
[selfg@localhost selfg]$ ps -au
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
selfg 2273 0.8 1.1 4244 1400 pts/0 S 12:10 0:00 bash
selfg 2306 0.0 0.5 2540 676 pts/0 R 12:11 0:00 ps -au
[selfg@localhost selfg]$
When you look at this listing you'll notice several columns of information:
USER
This who started the process - and is, thus, the owner of that process. You'll note, for example, selfg owns both of the processes listed.
PID
The process identification number. A unique number identifies each process and it is this number that is used to work with a process (to kill it, for example). You'll note that PID 2273 is my bash shell. The PID is a "one-up" number, so as new processes are started they will get constantly higher numbers. Therefore, the PID for some process on your computer will be different from those you see in this listing.
%CPU
This is how much CPU time the process is using. Remember, this is a snapshot and will change from second to second as processes are started and stopped. You'll notice that the bash shell is only taking .8% of my CPU capacity.
%MEM
This is how much memory the process is using.
VSZ
The amount of virtual memory needed by the process. We will cover virtual memory in the next class.
RSS
The amount of actual (or "real") memory needed by the process.
TTY
What terminal the process is using. (The "TTY" comes from the industry-wide abbreviation for "Teletype" since original Unix computers used these devices for input and output.) The processes on this page are attached to the default terminal used when the computer was booted. We will look at TTYs later.
STAT
The current status of the process. In Linux, processes have several possible statuses:
R. Running. This process is actually executing.
S. Sleeping. This process is ready to run but must wait for the operating system to give it some CPU time.
D. Uninterruptible sleep. Usually this is some sort of input process that can only be awakened by the input device. For example, if your modem is constantly "on" but just waiting on a signal from outside we would say that is in an uninterruptible sleep status. This status is about like a "blocked" state discussed in the theory section.
T. Trace. This process is being debugged by a programmer and is temporarily halted.
Z. Zombie. This is a process that is no longer valid. Normally this is due to a poorly written program where a parent process was killed and its child processes was left in a "zombie" status. If nothing else, Unix has some cool names for process status - where else could you claim you killed a zombie created by a daemon?
START
The time the process started.
TIME
The amount of time the process has spent on the CPU.
This listing shows all of the process - even those with no terminal (that is what the "x" option does). You'll note that selfg is listed as the owner of several processes. Also notice that near the end of the listing you can see where other users logged on. Process 1441 is where a Gnome session was started and process 2449 is the ps command ran to get this list. You'll note that ps was at 12:25pm, but it did not take much CPU time. (The amount of time for the CPU is listed as 0:00 minutes (the 10th column). The command actually did take a few milliseconds to complete, but not enough time to register for this listing.)
The pstree Command
Sometimes you may want to see some sort of heirarchy of processes. That would allow you to know which processes started (or "spawned") other processes. The command pstree prints to the screen a graphic representation of the various processes on your computer and what process started each. Remember that we are working with a text shell, so the "graphic representation" is a pretty simplified version using only ASCII characters. In the next listing, you can see that init spawned all other processes (recall that init is the first process that runs in Linux; it initializes the entire system). You can see that some process called "X" spawned the Gnome session.
It's sometimes useful to be able to monitor processes and see which process at any given moment is using CPU, memory, and other resources. The top command can be used for this purpose. Top runs constantly and displays the current status of the system (updated every five seconds). The next listing shows top running on my computer. Do be careful about running top since it uses a lot of computer resources as it executes. It will slow down your machine, so only use it on occasion or if you suspect some process is a "run-away".
The first line in the display shows the time the command was executed, the amount of time the computer has been on (the "uptime"), the number of users logged on, and the "load averages." The three load averages are the average number of processes ready to run in the last 1, 5, and 15 minutes.
The second line shows the number of processes currently executing, broken down into running, sleeping, zombie, and stopped.
The third line shows the states of the CPU. In the listing above, my CPU spent 28.2% of its time completing user tasks, 2.7% with system tasks, 2.9% nice tasks, 0.0% waiting for input or output, and 66.1% idle.
The forth and fifth lines summarize the memory usage. On my computer, I had about 126M available, used about 122M, had about 3M free, had no shared memory, and I had about 26M of memory used for buffers. Line five breaks memory into active, D, and C registers.
The next line shows the statistics on swapping. I had about 257M of swap space available, was using about 61M, had 195M free, and had cached about 36M.
The largest section of the top display shows the various processes running. The columns for this section indicate:
PID
Process Identification Number
USER
The user's name
PRI
The task priority
NI
The nice value of the task
SIZE
The size of the task's code, plus data, plus stack space (kilobytes)
RSS
The amount of real (or physical) memory being used by the task (kilobytes)
SHARE
The amount of shared memory being used by the task
STAT
The task's status: Running (R), Sleeping (S), Uninterruptible Sleep (D), Zombie (Z), and Stopped (T). A "W" indicates the process is swapped out and an "N" indicates a positive nice value.
%CPU
The task's share of CPU time
%MEM
The task's share of memory
TIME
The amount of time the task has been running
CPU
The CPU number handling the task (only useful if the computer is using multiple CPUs)
COMMAND
The command that started the task
You'll notice that I'm running two "find" commands and together they are using about 19% of my CPU's capacity. Of course, on my computer there is not much else going on, so that is OK. However, if I were the system administrator for a large system and found a couple of processes using that much CPU time I would likely kill them.