Understanding Linux Processes

19 April, 2009

For more on waiting on child processes and using the exec functions, see the next article, How system() works.

In Linux and other Unix systems, a process consists of code (usually loaded as read-only memory), data, and memory occupied by said data that has been allocated a process identifier (PID) and that can reference certain memory locations known as “address spaces.” Such POSIX process may contain various programs which, in turn, may be made up of various threads. Allocated PIDs are usually numbered over 2 (the PID 1 is typically reserved for the init process).

Let’s retake that running code normally is loaded as read-only memory to avoid writing over the code. This means that, for example, given any C function, various different processes can call it safely.

The ps Command
Now, let’s take a look at the ps (“process snapshot”) command. The following are probably the most-used options used:

ps -ef (every process, full format)
ps ax    (every process with a status code)

Here’s an excerpt of what ps -ef gave me:

root         1     0  0 16:22 ?        00:00:00 /sbin/init
patrick   4040  4011  0 17:09 pts/1    00:00:00 vi
patrick   4042  3827  0 17:09 pts/2    00:00:00 bash
patrick   4076  4042  0 17:09 pts/2    00:00:00 ps -ef

UID stands for user ID (remember, Unix systems are multiuser systems), not to be confused with UUID, or “unique ID.” CMD is the command that’s being run. STIME is the system time at which the process started. TIME is the CPU time, that is, the amount of time used by the process to process CPU instructions.

Now, here’s an excerpt of my ps ax output:

    1 ?        Ss     0:00 /sbin/init
 4040 pts/1    S+     0:00 vi
 4042 pts/2    Ss     0:00 bash
 4083 pts/2    R+     0:00 ps ax

Notice the Status column. The following are the most common STAT codes displayed by ps:
S    Sleeping (waiting for input)
s    Session leader
R    Running
l    Multithreaded
T    Stopped
D    Waiting for input/output to complete.

Killing (or Terminating) a Process
To kill a process using its PID, use the kill command. To kill one via its command name, use either killall or pkill. For example, let’s kill the running Vi process as shown above. There are two simple ways to do this:

kill 4040
killall vi

Both yield the same result; Vi prints out the following:
Vim: Caught deadly signal TERM

If you want to kill all processes being run by a certain user group, use killall -g [group name]. Be careful when using killall, though. On certain systems, it does just that – kill all processes. However, with pkill, it may kill all processes that have the passed argument as a substring on certain systems.

Using getpid and fork
If you want to be able to mess around with an application’s own process, the most important functions are getpid and fork. The getpid function returns the running PID, and fork duplicates the currently running process as a child process. Both are defined in unistd.h and important types related to processes are defined in sys/types.h .

Here’s an example program that clones itself into a child process for five seconds (written in a serif font, just like Stroustrup recommends it).

#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>

int main(int argc, char *argv[])
     pid_t child_pid;
     child_pid = fork ();
     printf ("Parent PID: %d\nChild PID:%d\n", (int) getpid(), (int) child_pid);
     sleep (5);
     return 0;

Here’s a sample output of the program and its corresponding ps ax entries:

$ ./a.out
Parent PID: 2770
Child PID:0
Parent PID: 2769
Child PID:2770

$ ps ax
 2769 pts/0    S+     0:00 ./a.out
 2770 pts/0    S+     0:00 ./a.out

Note how there are two outputs. The first one is the child process’ output and the latter is the parent process’ output.(Remember, in order to have enough time to check the processes’ statuses, add sleep(5); right after the printf call.)

The Current State of Linux Distros

19 April, 2009

It’s already mid-April of 2009, a year (like all others) destined to be “the year of the Linux desktop.” Let’s see, then, the improvements that have already been made in the first quarter of the year, and what we can expect from major distros later on.

At the time of writing, the current version of the most popular Linux distribution is 8.10 “Intrepid Ibex.” Version 9.04 “Jaunty Jackalope” will be released in four days, and the following main improvements can be expected:

  • GNOME 2.26 (which includes general improvements to applications, easier-to-use file sharing preferences, a new sound preference pane, and updated GTK+ APIs)
  • New style for notifications
  • Support for Wacom tablets, cloud computing, and Ext4

The current stable Fedora version is Fedora 10. The next version, Fedora 11 “Leonidas”, is in beta and is expected to be released on May 26 of this year. Along with most of Ubuntu’s new features (except the new notification style), Fedora will add a guest account feature, something rather late in the game, considering that Ubuntu and Mac OS X have already had this feature for quite a while now. Another rather exciting feature is a 20-second boot sequence, which is already 90% done, and a new text-based installation interface (something Ubuntu needs to catch up on).


openSUSE 11.1 was released on December 18 of 2008. I reviewed 11.0 before it was released and I guess that 11.2 “Fichte”, which will only be released in November, will be a great improvement as well.  There isn’t much information yet on what we’ll see in 11.2.