HB Computer Security | Aide Memoire
  • Introduction
  • Core Technical Skills
    • Core Skills
      • Linux
        • Getting to Know Linux
          • Using the Shell
            • Shells, Terminals, and Virtual Consoles
            • Choose your Shell
            • Shell Commands
              • Non-PATH Commands
              • Command History
                • Command Line Editing
                  • Keystrokes for Navigating Command Lines
                  • Keystrokes for Editing Command Lines
                  • Keystrokes for Cutting and Pasting Text from within Command Lines
                • Command Line Recall
                  • Keystrokes for Command Line Recall
              • Connecting and Expanding Commands
                • Piping Between Commands
                • Sequential Commands
                • Expanding Commands
            • Shell Variables
              • Common Shell Variables
            • Aliases
            • Create your Own Shell Environment
              • Modification Ideas
          • Navigating the Linux File System (LFS)
            • Filesystem Commands
            • Listing Files and Directories
            • File Permissions and Ownership
              • Modifying Permissions with chmod
              • Modifying Default Permissions with umask
              • Change File Ownership with chown
            • Copying, Moving, and Removing Files
            • Finding Files
              • locate
              • find
              • grep
            • Downloading Files
              • axel
              • wget
              • curl
                • User-Agent: Googlebot
          • Working with Text Files
            • Using vim and vi to Edit Text Files
              • Starting with vi
              • Adding Text
              • Moving Around in the Text
            • Text Manipulation
        • System Administration
          • Installing Linux
            • Installing from Live Media
            • Installing in the Enterprise
            • Partitioning Hard Disks
              • Tips for Creating Partitions
          • Account Administration
            • The root Account
              • Becoming root with su
              • sudo
                • The /etc/sudoers File
                • Granting sudo privileges
                  • visudo Guidance
                • Useful sudo Hints
            • Other Administrative Accounts
            • Standard User Accounts
              • Risks of userdel: Orphaned Files
          • Graphical Remote Administration
            • Cockpit
              • Installation Guide
            • Remote Desktop Protocol with xrdp
              • Installation and Configuration
            • Remote Desktop with vnc
              • Installation and Configuration
              • Running VNC as a System Service
          • Managing Running Processes
            • Listing Processes
              • ps
              • top
              • htop
            • Backgrounding and Foregrounding
              • Starting a Background Process
              • Using Foreground and Background Commands
            • Killing and Recining Processes
              • kill and killall
          • Managing Software
            • Managing Software from the Desktop
            • Going Beyond the Limitations of Software Center
              • Debian Packages
                • Advanced Package Tool (apt)
                • Repositories
                • dpkg
        • Shell Scripting
          • Variables
            • Command Substitution
            • Arguments
          • Reading User Input
          • if, else, and elif
          • BOOLEAN Logic
          • Loops
            • for Loops
            • while Loops
          • Functions
          • Local Vs Global Variables
          • Summary
        • Securing Linux
      • Windows
        • Security Hardening
Powered by GitBook
On this page

Was this helpful?

  1. Core Technical Skills
  2. Core Skills
  3. Linux
  4. System Administration
  5. Managing Running Processes
  6. Listing Processes

ps

PreviousListing ProcessesNexttop

Last updated 3 years ago

Was this helpful?

Listing Processes with ps

The most common utility for checking running processes is the ps command. Use it to see which programs are running, the resources they are using, and who is running them. The following is an example of the ps command:

ps u

In this example, the u option (equivalent to -u) asks that usernames be shown, as well as other information such as:

  • The time the process started

  • Memory

  • CPU usage for processes associated with the current user

The processes shown are associated with the current terminal, tty1. The concept of a terminal comes from the old days when people worked exclusively from character terminals, so a terminal typically represented a single person at a single screen. Nowadays, you can have many “terminals” on one screen by opening multiple virtual terminals or Terminal windows on the desktop.

In this shell session, not much is happening. The first process shows that the user named b3nn3tt opened a bash shell after logging in. The next process shows that b3nn3tt has run the ps u command.

Let's break down the output further:

Column Name

Description

USER

Shows the name of the user who started the process

PID

Each process is represented by a unique ID number referred to as a process ID, or PID. You can use the PID if you ever need to kill a runaway process or send another kind of signal to a process

%CPU

%CPU show the percentages of the processor that the process is consuming

%MEM

%MEM show the percentages of the system RAM that the process is consuming

VSZ

The Virtual Set Size, which shows the size of the image process (in kilobytes)

RSS

The Resident Set Size, which shows the size of the program in memory

TTY

The terminal device being used for the login session

STAT

Represents the state of the process, with R indicating a currently running process and S representing a sleeping process

START

Shows the time the process began running

TIME

Shows the cumulative system time used. Many commands consume very little CPU time, as reflected by 0:00 for processes that haven’t even used a whole second of CPU time

COMMAND

The command that was executed, or the name of the running service

Several other values can appear under the STAT column. For example, a plus sign (+) indicates that the process is associated with the foreground operations.

The VSZ and RSS sizes may be different because VSZ is the amount of memory allocated for the process, whereas RSS is the amount that is actually being used. RSS memory represents physical memory that cannot be swapped

Many processes running on a computer are not associated with a terminal. A normal Linux system has many processes running in the background. Background system processes perform such tasks as logging system activity or listening for data coming in from the network. They are often started when Linux boots up and run continuously until the system shuts down.

Likewise, logging into a Linux desktop causes many background processes to kick off, such as processes for managing audio, desktop panels, authentication, and other desktop features. To page through all of the processes running on your Linux system for the current user, enter the following command:

ps ux

To page through all processes running for ALL users on your system, use the ps aux command as follows:

ps aux

The ps command can be customized to display selected columns of information, and to sort information by one of those columns. Using the -o option, you can use keywords to indicate the columns you want to list with ps. For instance, the next example lists every running process (-e) and then follows the -o option with every column of information I want to display:

ps -eo pid,user,uid,group,gid,vsz,rss,comm

By default, output is sorted by process ID number

If you want to sort by a specific column, you can use the sort= option. For example, to see which processes are using the most memory, I sort by the vsz field:

ps -eo pid,user,group,gid,vsz,rss,comm --sort=vsz

The previous command sorts from lowest memory use to highest. If I wanted to see the highest consumers first, I could put a hyphen in front of that option to sort:

ps -eo pid,user,group,gid,vsz,rss,comm --sort=-vsz
A list of ALL processes running for the current user
A list of ALL processes running for ALL users
Specified desired output, sorted by PID
Specified desired output, sorted by VSZ to determine most memory hungry process (Lower first)
Specified desired output, sorted by VSZ to determine most memory hungry process (Highest first)