4. Processes

A process is a program that is being executed by the system. Linux is a multitasking system, which means that it can run many processes at the same time. Actually, if there is only one processor, only one process can be executed at a certain time. However the Linux kernel can switch quickly between different processes, allowing each of them to run for a short time, and because this happens very fast, it gives the impression that all the programs are running in parallel.

A process in Linux is started by another process, so each process has a parent and may have some children. Only the init process does not have a parent because it is the first process that is started by the kernel after it is loaded.

We can use the command ps to list processes:
```
ps
```
It shows only the processes associated with the current terminal session. TTY is short for Teletype and refers to the terminal of the process. Each process has a PID (process ID number).
```
ps a
```
Shows all the processes associated with any terminal. TIME shows the amount of CPU time consumed by a process. STAT shows the state of the process, where S is for sleeping, R is for running, etc.
```
ps au
```
Displays also the user (the owner of the process). It also shows what percentage of RAM and CPU a process is using.
```
ps --help
```
```
ps --help simple
```
```
ps aux | less
```
This shows all the processes. Notice that the process number 1 is /sbin/init or /lib/systemd/systemd. Try also:
```
ls -l /sbin/init
```
Another command for listing processes is pstree:
```
pstree
```
With -p shows also the PIDs:
```
pstree -p | less
```
With a username shows only the processes of that user:
```
pstree -p user1
```
With a PID shows only the branch of processes that start at that process:
```
pstree -p 700
```
The command top shows a dynamic view of the processes, which is refreshed periodically:
```
top
```
The first part of the display shows a system summary, and the second part shows a list of processes, with the most active ones at the top (those that consume more RAM, CPU and other resources).

Press q to quit the program.
When we give a command in terminal, the shell starts a new process, and waits until that process is done, before returning the prompt. For example, let's start a process that takes a long time:
```
sleep 100
```
It is going to wait for about 100 seconds. To interrupt a command that is taking too long you can press Ctrl-c.

If we append an ampersand (&) to the command, the shell we run this command in background. This means that we are not going to wait until the command is done, but we will get the prompt immediately, so that we can run other commands:
```
sleep 200 &
```
```
ps
```
```
jobs
```
A command in background is called a job. We can move one of the jobs in foreground with the command fg:
```
fg %1
```
If we don't give a job number as argument, it assumes the first job.

Now that the sleep job is running in terminal, we can interrupt it with Ctrl-c.

If a command is taking too long, we can also stop it with Ctrl-z and then start it in background. For example:
```
sleep 200
```
Now stop it with Ctrl-z. Then move it to background with bg:
```
jobs
```
```
bg %1
```
```
jobs
```
We can send signals to a process with the command kill:
```
sleep 100 &
```
```
ps
```
```
kill $!
```
```
ps
```
The special variable $! contains the PID of the last background process.

By default, kill sends the signal terminate (15 or TERM), which asks the process politely to terminate himself.

The signal interrupt (2 or INT) is the same signal that is sent by Ctrl-c. The program usually will terminate.
```
sleep 100 &
```
```
ps
```
```
kill -2 $!
```
```
ps
```
The signal stop (19 or STOP) is not delivered to the process. Instead the kernel pauses the process, without terminating it (same as Ctrl-z for a foreground process).
```
sleep 300 &
```
```
jobs
```
```
kill -STOP $!
```
```
jobs
```
The signal continue (18 or CONT) will restore a process after it has been paused with STOP.
```
kill -CONT $!
```
```
jobs
```
The signal kill (9 or KILL) is also not delivered to the process. Instead, the kernel terminates the process immediately, no questions asked. This is usually used as a last resort if the process is not responding to the other signals.
```
kill -SIGKILL $!
```
```
jobs
```
There are many other signals as well:
```
kill -l
```
The command killall can send a signal to multiple processes that match a given program or username:
```
sleep 100 &
```
```
sleep 200 &
```
```
sleep 300 &
```
```
jobs
```
```
ps
```
```
killall sleep
```
```
jobs
```
```
ps
```
If you have superuser permissions, you can also try these commands to shutdown or reboot the system:

halt

poweroff

reboot

shutdown -h now

shutdown -r now

Download lesson03/part4.cast

Loading asciinema cast...