BSD DevCenter
oreilly.comSafari Books Online.Conferences.

advertisement

BSD Content

All Articles

Big Scary Daemons

Free BSD Basics

OpenBSD Explained

Securing Small Networks


BSD Topics

Administration

Application Development

Archiving

Community

Compatibility Issues

Email

Firewalls

FreeBSD

Getting Started

Kernel

NetBSD

Networking

OpenBSD

Security

Web Design and Development


ONLamp Subjects

Linux

Apache

MySQL

Perl

PHP

Python

BSD


Discovering System Processes
Pages: 1, 2

Note that the default ps will only show your processes; to view all the user processes running on your computer, use the a switch:



ps -a
  PID  TT  STAT   TIME COMMAND
 2100  v0  Ss     0:00.18 -csh (csh)
 2403  v0  R+     0:00.00 ps -a
  313  v1  Is+    0:00.13 -csh (csh)
  314  v2  Is+    0:00.25 -csh (csh)
  315  v3  Is+    0:00.12 -csh (csh)
  316  v4  Is+    0:00.01 /usr/libexec/getty Pc ttyv4
  317  v5  Is+    0:00.01 /usr/libexec/getty Pc ttyv5
  318  v6  Is+    0:00.01 /usr/libexec/getty Pc ttyv6
  319  v7  Is+    0:00.01 /usr/libexec/getty Pc ttyv7

You may find it more useful to see which users started which commands; to do this, include the u switch:

ps -au
USER      PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED   TIME COMMAND
genisis  2404  0.0  0.2   428  244  v0  R+   12:26PM   0:00.00 ps -au
root      273  0.0  0.4   620  448 con- I+    4:53PM   0:00.02 /bin/sh /usr/loc
root      292  0.0  0.4   624  452 con- I+    4:53PM   0:00.01 /bin/sh /usr/loc
genisis   313  0.0  0.8  1328  944  v1  Is+   4:53PM   0:00.13 -csh (csh)
genisis   314  0.0  0.8  1336  960  v2  Is+   4:53PM   0:00.25 -csh (csh)
genisis   315  0.0  0.8  1328  944  v3  Is+   4:53PM   0:00.12 -csh (csh)
root      316  0.0  0.5   920  628  v4  Is+   4:53PM   0:00.01 /usr/libexec/get
root      317  0.0  0.5   920  628  v5  Is+   4:53PM   0:00.01 /usr/libexec/get
root      318  0.0  0.5   920  628  v6  Is+   4:53PM   0:00.01 /usr/libexec/get
root      319  0.0  0.5   920  628  v7  Is+   4:53PM   0:00.01 /usr/libexec/get
genisis  2100  0.0  0.8  1336  960  v0  Ss    9:46AM   0:00.19 -csh (csh)

I find the output easier to read if I include the c switch as it will only show the name of the command, instead of the path:

ps -auc
USER      PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED   TIME COMMAND
genisis  2414  0.0  0.2   428  244  v0  R+   12:31PM   0:00.00 ps
root      273  0.0  0.4   620  448 con- I+    4:53PM   0:00.02 sh
root      292  0.0  0.4   624  452 con- I+    4:53PM   0:00.01 sh
genisis   313  0.0  0.8  1328  944  v1  Is+   4:53PM   0:00.13 csh
genisis   314  0.0  0.8  1336  960  v2  Ss+   4:53PM   0:00.26 csh
genisis   315  0.0  0.8  1328  944  v3  Is+   4:53PM   0:00.12 csh
root      316  0.0  0.5   920  628  v4  Is+   4:53PM   0:00.01 getty
root      317  0.0  0.5   920  628  v5  Is+   4:53PM   0:00.01 getty
root      318  0.0  0.5   920  628  v6  Is+   4:53PM   0:00.01 getty
root      319  0.0  0.5   920  628  v7  Is+   4:53PM   0:00.01 getty
genisis  2100  0.0  0.8  1336  960  v0  Ss    9:46AM   0:00.21 csh

We're still not seeing all of the processes on this system, though. To do this, include the x switch to display the running daemons; this will be a longer output, so we'll pipe it to the more utility:

ps -aucx |more
USER      PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED   TIME COMMAND
genisis  2417  0.0  0.2   428  244  v0  R+   12:32PM   0:00.00 ps
root        1  0.0  0.2   532  304  ??  ILs  Sat11AM   0:00.06 init
root        2  0.0  0.0     0    0  ??  DL   Sat11AM   0:00.11 pagedaemon
root        3  0.0  0.0     0    0  ??  DL   Sat11AM   0:00.00 vmdaemon
root        4  0.0  0.0     0    0  ??  DL   Sat11AM   0:00.20 bufdaemon
root        5  0.0  0.0     0    0  ??  DL   Sat11AM   0:09.53 syncer
root       27  0.0  2.0 70780 2540  ??  ILs  Sat11AM   0:00.08 mount_mfs
root       30  0.0  0.1   208   92  ??  Is   Sat11AM   0:00.00 adjkerntz
root      110  0.0  0.3   536  368  ??  Is    4:53PM   0:00.03 dhclient
root      163  0.0  0.5   904  608  ??  Ss    4:53PM   0:00.53 syslogd
daemon    166  0.0  0.4   916  556  ??  Is    4:53PM   0:00.01 portmap
root      181  0.0  0.5 263052  576  ??  Is    4:53PM  0:00.00 rpc.statd
root      197  0.0  0.6  1028  764  ??  Is    4:53PM   0:00.02 inetd
root      199  0.0  0.6   956  700  ??  Is    4:53PM   0:00.64 cron
root      202  0.0  1.0  1424 1216  ??  Is    4:53PM   0:00.66 sendmail
root      227  0.0  0.4   876  488  ??  Is    4:53PM   0:00.34 moused
root      273  0.0  0.4   620  448 con- I+    4:53PM   0:00.02 sh
root      292  0.0  0.4   624  452 con- I+    4:53PM   0:00.01 sh
genisis   313  0.0  0.8  1328  944  v1  Is+   4:53PM   0:00.13 csh
genisis   314  0.0  0.8  1336  960  v2  Ss+   4:53PM   0:00.26 csh
genisis   315  0.0  0.8  1328  944  v3  Is+   4:53PM   0:00.12 csh
root      316  0.0  0.5   920  628  v4  Is+   4:53PM   0:00.01 getty
root      317  0.0  0.5   920  628  v5  Is+   4:53PM   0:00.01 getty
root      318  0.0  0.5   920  628  v6  Is+   4:53PM   0:00.01 getty
root      319  0.0  0.5   920  628  v7  Is+   4:53PM   0:00.01 getty
genisis  2100  0.0  0.8  1336  960  v0  Ss    9:46AM   0:00.21 csh
root     2239  0.0  3.6  5012 4512  ??  Ss   10:57AM   0:00.40 perl
root     2240  0.0  3.6  5012 4512  ??  I    10:57AM   0:00.02 perl
root        0  0.0  0.0     0    0  ??  DLs  Sat11AM   0:00.06 swapper

Wow, no wonder the kernel needs to assign PIDs to keep track of what is happening on your FreeBSD system. If you find it hard to remember which column is which, add an h to your switches to force ps to rewrite the column headings on every screen.

You may have noticed that our columns changed when we introduced the u switch; the most notable new columns are %CPU and %MEM. Sometimes you may find it more useful for ps to display the processes by CPU or memory usage, rather than in numerical order. To sort by memory usage, use the m switch; to sort by CPU usage, use the r switch.

ps -m
  PID  TT  STAT   TIME COMMAND
  314  v2  Ss+    0:00.28 -csh (csh)
 2100  v0  Ss     0:00.27 -csh (csh)
  313  v1  Is+    0:00.14 -csh (csh)
  315  v3  Is+    0:00.12 -csh (csh)
 2570  v0  R+     0:00.00 ps -m
ps -r
  PID  TT  STAT   TIME COMMAND
  313  v1  Is+    0:00.14 -csh (csh)
  314  v2  Ss+    0:00.28 -csh (csh)
  315  v3  Is+    0:00.12 -csh (csh)
 2100  v0  Ss     0:00.27 -csh (csh)
 2571  v0  R+     0:00.00 ps -r

The switches I've mentioned are the most commonly used switches for the ps utility; you can read the manpage for ps to see what other switches are available so you can find out which combo of switches tweaks the output to your liking.

When using ps, you will most likely come across processes that you've never heard of before; use the whatis command to see which manpages will shed light on the mystery. For example, being the very curious type, I tried the following:

whatis init syncer adjkerntz inetd portmap rpc.statd
init(8) - process control initialization
syncer(4) - filesystem synchronizer kernel process
adjkerntz(8) - adjust local time CMOS clock to reflect time zone changes and keep current timezone offset for the kernel
inetd.conf(5), inetd(5) - internet super-server
portmap(8) - RPC program,version to DARPA port mapper
rpc.statd(8) - host status monitoring daemon

which kept me busy reading for a while. It should also give you lots to do til next week, when we'll look at what we can do with all of this newfound knowledge.

Dru Lavigne is a network and systems administrator, IT instructor, author and international speaker. She has over a decade of experience administering and teaching Netware, Microsoft, Cisco, Checkpoint, SCO, Solaris, Linux, and BSD systems. A prolific author, she pens the popular FreeBSD Basics column for O'Reilly and is author of BSD Hacks and The Best of FreeBSD Basics.

Read more FreeBSD Basics columns.

Discuss this article in the Operating Systems Forum.

Return to the BSD DevCenter.

 

Recommended for You

Sponsored by: