Viewing a Process

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Viewing a Process

Solaris is a multitasking environment in which a number of programs run at the same time. This means that many users can be active on the system at the same time, running many jobs (processes) simultaneously. Each Solaris program can start and stop multiple processes while it is running, but only one job is active per processor at any given time while the other jobs wait in a job queue. A parent process forks a child process, which, in turn, can fork other processes.

Note

The term fork is used to describe a process started from another process. As with a fork in the road, one process turns into two. You’ll also see the term spawn used—the two words are interchangeable.

A process is a single program running in its own address space. A process under Solaris consists of an address space and a set of data structures in the kernel to keep track of that process. The address space is a section of memory that contains the code to execute a task. The kernel must keep track of the following data for each process on the system:

Address space
Current status of the process
Execution priority of the process
Resource usage of the process
Current signal mask
Ownership of the process

A process is distinct from a job, command, or program that can be composed of many processes working together to perform a specific task. For example, a computer-aided design application is a single program. When this program starts, it spawns other processes as it runs. When a user logs into the program, it spawns yet other processes. Each process has a process ID associated with it and is referred to as a pid. You can monitor processes that are currently executing by using one of the commands listed in Table 15.1.

Table 15.1. Commands to Display Processes
Command	Description
`ps`	Executed from the command line to display information about active processes.
`pgrep`	Executed from the command line to find processes by a specific name or attribute.
`prstat`	Executed from the command line to display information about active processes on the system.
`sdtprocess`	A GUI used to display and control processes on a system. This utility requires a terminal capable of displaying graphics.

Before getting into the commands used to monitor processes, you first need to become familiar with process attributes. A process has certain attributes that directly affect execution. These are listed in Table 15.2.

Table 15.2. Process Attributes
Attribute	Description
`PID`	The process identification (a unique number that defines the process within the kernel)
`PPID`	The parent PID (the creator of the process)
`UID`	The user ID number of the user who owns the process
`EUID`	The effective user ID of the process
`GID`	The group ID of the user who owns the process
`EGID`	The effective group ID that owns the process
`Priority`	The priority at which the process runs

Use the ps command to view processes currently running on the system. Use the ps command when you’re on a character-based terminal and don’t have access to a graphical display. Adding the -l option to the ps command displays a variety of other information about the processes currently running, including the state of each process (listed under S). The codes used to show the various process states are listed in Table 15.3.

Table 15.3. Process States
Code	Process Status	Description
`O`	Running	The process is running on a processor.
`S`	Sleeping	The process is waiting for an event to complete.
`R`	Runnable	The process is on the run queue.
`Z`	Zombie state	The process was terminated and the parent is not waiting.
`T`	Traced	The process was stopped by a signal because the parent is tracing it.

To see all the processes that are running on a system, type this:

ps –el

The system responds with the following output:

# ps –el 
F  S   UID   PID  PPID  C PRI NI   ADDR  SZ  WCHAN TTY   TIME CMD 
19 T     0     0     0  0   0 SY   ?      0        ?     0:18 sched 
 8 S     0     1     0  0  40 20   ?    150      ? ?     0:00 init 
19 S     0     2     0  0   0 SY   ?      0      ? ?     0:00 pageout 
19 S     0     3     0  0   0 SY   ?      0      ? ?     0:01 fsflush 
 8 S     0   309     1  0  40 20   ?    217      ? ?     0:00 sac 
 8 S     0   315     1  0  40 20   ?    331      ? ?     0:00 sshd 
 8 S     0   143     1  0  40 20   ?    273      ? ?     0:00 rpcbind 
 8 S     0    51     1  0  40 20   ?    268      ? ?     0:00 sysevent 
 8 S     0    61     1  0  40 20   ?    343      ? ?     0:01 picld 
 8 S     0   453   403  0  50 20   ?   1106      ? ?     0:00 dtfile 
 8 S     0   189     1  0  40 20   ?    509      ? ?     0:00 automoun 
 8 S     0   165     1  0  40 20   ?    292      ? ?     0:00 inetd 
 8 S     0   200     1  0  40 20   ?    415      ? ?     0:00 syslogd 
 8 S     0   180     1  0  40 20   ?    266      ? ?     0:00 lockd 
 8 S     0   219     1  0  40 20   ?    391      ? ?     0:00 lpsched 
 8 S     1   184     1  0  40 20   ?    306      ? ?     0:00 statd 
 8 S     0   214     1  0  40 20   ?    365      ? ?     0:00 nscd 
 8 S     0   204     1  0  40 20   ?    254      ? ?     0:00 cron 
 8 S     0   232     1  0  40 20   ?    173      ? ?     0:00 powerd 
 8 S     0   255   254  0  40 20   ?    215      ? ?     0:00 smcboot 
 8 S     0   258     1  0  40 20   ?    356      ? ?     0:02 vold

The manual page for the ps command describes all the fields displayed with the ps command, as well as all the command options. Table 15.4 lists some important fields.

Table 15.4. Process Fields
Field	Description
`F`	Flags associated with the process.
`S`	The state of the process. The two most common values are `S` for sleeping and `R` for running. An important value to look for is `X`, which means that the process is waiting for memory to become available. When you frequently see this on your system, you are out of memory. Refer to Table 15.3 for a complete list of the process states.
`UID`	The user ID of the process owner. For many processes, this is `0` because they run setuid.
`PID`	The process ID of each process. This value should be unique. Generally, PIDs are allocated lowest to highest, but they wrap at some point. This value is necessary for you to send a signal, such as the `kill` signal, to a process.
`PPID`	The parent process ID. This identifies the parent process that started the process. Using the PPID enables you to trace the sequence of process creation that took place.
`PRI`	The priority of the process. Without the `-c` option, higher numbers mean lower priority. With the `-c` option, higher numbers mean higher priority.
`NI`	The `nice` value, used in priority computation. This is not printed when the `-c` option is used. The process’s `nice` number contributes to its scheduling priority. Making a process nicer means lowering its priority.
`ADDR`	The memory address of the process.
`SZ`	The `SIZE` field. This is the total number of pages in the process. Each page is 4096 bytes.
`WCHAN`	The address of an event for which the process is sleeping (if it’s `–`, the process is running).
`STIME`	The starting time of the process (in hours, minutes, and seconds).
`TTY`	The terminal assigned to your process.
`TIME`	The cumulative CPU time used by the process in minutes and seconds.
`CMD`	The command that generated the process.

You often want to look at all processes. You can do this using the command ps -el. A number of options available with the ps command control what information gets printed. A few of them are listed in Table 15.5.

Table 15.5. ps Command Options
Option	Description
`-A`	Lists information for all processes. Identical to the `–e` option.
`-a`	Lists information about all processes most frequently requested. Processes not associated with a terminal will not be listed.
`-e`	Lists information about every process now running.
`-f`	Generates a full listing.
`-l`	Generates a long listing.
`-P`	Prints the number of the processor to which the process is bound, if any, under an additional column header PSR. This is a useful option on systems that have multiple processors.
`-u <username>`	Lists only process data for a particular user. In the listing, the numerical user ID is printed unless you give the `-f` option, which prints the login name.

For a complete list of options to the ps command, refer to the Solaris online manual pages.

Note

The sort command is useful when you’re looking at system processes. Use the sort command as the pipe output to sort by size or PID. For example, to sort by the SZ field, use the command ps -el | sort +9 (remember, sort starts numbering fields with 0).

pgrep

Solaris 9 provides the pgrep command, which replaces the combination of the ps, grep, egrep, and awk commands that were used to manage processes in releases before Solaris 7. The pgrep command examines the active processes on the system and reports the process IDs of the processes whose attributes match the criteria you specify on the command line. The command syntax for the pgrep command is shown here:

pgrep <options> <pattern>

pgrep options are described in Table 15.6.

Table 15.6. pgrep Options
Option	Description
`-d <delim>`	Specifies the output delimiter string to be printed between each matching process ID. If no `-d` option is specified, the default is a newline character.
`-f`	The regular expression pattern should be matched against the full process argument string. If no `-f` option is specified, the expression is matched only against the name of the executable file.
`-g <pgrplist>`	Matches only processes whose process group ID is in the given list.
`-G <gidlist>`	Matches only processes whose real group ID is in the given list. Each group ID may be specified as either a group name or a numerical group ID.
`-l`	Long output format. Prints the process name along with the process ID of each matching process.
`-n`	Matches only the newest (most recently created) process that meets all other specified matching criteria.
`-P <ppidlist>`	Matches only processes whose parent process ID is in the given list.
`-s <sidlist>`	Matches only processes whose process session ID is in the given list.
`-t <termlist>`	Matches only processes that are associated with a terminal in the given list. Each terminal is specified as the suffix following /dev/ of the terminal’s device pathname in /dev (for example, term/a or pts/0).
`-u <euidlist>`	Matches only processes whose effective user ID is in the given list. Each user ID may be specified as either a login name or a numerical user ID.
`-U <uidlist>`	Matches only processes whose real user ID is in the given list. Each user ID may be specified as either a login name or a numerical user ID.
`-v`	Matches all processes except those that meet the specified matching criteria.
`-x`	Considers only processes whose argument string or executable filename exactly matches the specified pattern.
`<pattern>`	A pattern to match against either the executable filename or full process argument string.

For example, the following pgrep example finds all processes that have “dt” in the process argument string:

pgrep -l -f "dt"

The system responds with this:

453 dtfile -session dtM7aGwj 
333 /bin/ksh /usr/dt/bin/Xsession 
293 /usr/dt/bin/dtlogin –daemon 
314 /usr/openwin/bin/Xsun :0 -nobanner -auth /var/dt/A:0-RaOKa 
316 /usr/dt/bin/dtlogin –daemon 
391 /usr/dt/bin/ttsession 
379 -sh -c unset DT;   DISPLAY=:0;   /usr/dt/bin/dtsession_res –merge 
376 /usr/dt/bin/sdt_shell -c unset DT; DISPLAY=:0;  /usr/dt/bin/dt 
377 /usr/dt/bin/dsdm 
392 /usr/dt/bin/dtsession 
399 dtwm 
4298 /usr/dt/bin/dtterm -display 192.168.0.3:0 
402 /usr/dt/bin/dtterm -session dthIaGth -C –ls 
403 dtfile -session dtM7aGwj 
404 /usr/dt/bin/sdtperfmeter -f -H -t cpu -t disk -s 1 -name fpperfmeter 
406 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom,zip,jaz,dvdrom,rmdisk 
2998 /usr/dt/bin/dtexec -open 0 -ttprocid 1.yba-3 01 391 1289637086  
     1 1 0 192.168.0. 
2999 /usr/dt/bin/dtscreen -mode blank

To find the process ID for the lpsched process, issue this command:

pgrep -l lpsched

The system responds with this:

6899 lpsched

prstat

Use the prstat command from the command line to monitor system processes. Again, like the ps command, it provides information on active processes. The difference is that you can specify whether you want information on specific processes, UIDs, CPU IDs, or processor sets. By default, prstat displays information about all processes sorted by CPU usage. Another nice feature with prstat is that the information remains on the screen and is updated periodically. The information displayed by the prstat command is described in Table 15.7.

Table 15.7. Column Headings for the prstat Command
Column Heading	Description
`PID`	The process identification (a unique number that defines the process within the kernel)
`USERNAME`	The login ID name of the owner of the process
`SIZE`	The total virtual memory size of the process in kilobytes (K), megabytes (M), or gigabytes (G)
`RSS`	The resident set size of the process in kilobytes, megabytes, or gigabytes
`STATE`	The state of the process: `cpu<n>`—Process is running on CPU. `<n>sleep`—Process is waiting for an event to complete. `run`—Process is in run queue. `zombie`—Process has terminated and parent is not waiting. `stop`—Process is stopped.
`PRI`	The priority of the process
`NICE`	The value used in priority computation
`TIME`	The cumulative execution time for the process
`CPU`	The percentage of recent CPU time used by the process
`PROCESS`	The name of the process
`NLWP`	The number of lightweight processes (LWPs) in the process

I’ve introduced some new terminology in this section, so Table 15.8 defines a few terms related to processing in general.

Table 15.8. Process Terminology
Term	Description
Multitasking	A technique used in an operating system for sharing a single processor among several independent jobs. Multitasking introduces overheads because the processor spends some time in choosing the next job to run and in saving and restoring tasks’ state. However, it reduces the worst-case time from job submission to completion compared with a simple batch system, in which each job must finish before the next one starts. Multitasking also means that while one task is waiting for some external event, the CPU is free to do useful work on other tasks. A multitasking operating system should provide some degree of protection of one task from another to prevent tasks from interacting in unexpected ways, such as accidentally modifying the contents of each other’s memory areas. The jobs in a multitasking system may belong to one or many users. This is distinct from parallel processing, in which one user runs several tasks on several processors. Time sharing is almost synonymous with multitasking, but it implies that there is more than one user.
Parallel processing	The simultaneous use of more than one computer to solve a problem. The processors either may communicate to cooperate in solving a problem or may run completely independently, possibly under the control of another processor that distributes work to the others and collects results from them.
Multithreaded	Sharing a single CPU among multiple tasks (or “threads”) in a way designed to minimize the time required to switch threads. Multithreading differs from multitasking in that threads share more of their environment with each other than do tasks under multitasking.
Lightweight process (LWP)	A single-threaded subprocess. LWPs are scheduled by the kernel to use available CPU resources based on their scheduling class and priority. LWPs include a kernel thread, which contains information that must be in memory all the time, and a LWP, which contains information that is swappable. A process can consist of multiple LWPs and multiple application threads. A lightweight process is somewhere between a thread and a full process.
Application thread	A series of instructions with a separate stack that can execute independently in a user’s address space. The threads can be multiplexed on top of LWPs.
Address space	The range of addresses that a processor or process can access, or at which a device can be accessed. The term may refer to either a physical address or a virtual address. The size of a processor’s address space depends on the width of the processor’s address bus and address registers.
Shared memory	Usually refers to RAM, which can be accessed by more than one process in a multitasking operating system with memory protection.

The syntax for the prstat command is as follows:

prstat [options] <count> <interval>

Table 15.9 describes the prstat command options and arguments.

Table 15.9. prstat Options and Arguments
Option	Description
PRSTAT OPTIONS
`-a`	Displays separate reports about processes and users at the same time.
`-c`	Continuously prints new reports below previous reports instead of overwriting them.
`-n <nproc>`	Restricts the number of output lines. The `<nproc>` argument specifies how many lines of process or LWP statistics are reported.
`-p <pidlist>`	Reports only processes that have a PID in the given list.
`-P <cpulist>`	Reports only processes or LWPs that have most recently executed on a CPU in the given list. The `<cpulist>` argument identifies each CPU by an integer as reported by `psrinfo`.
`-S <key>`	Sorts output lines by `<key>` in descending order.Values for `<key>` can be: `cpu`—Sorts by process CPU usage. This is the default. `time`—Sorts by process execution time. `size`—Sorts by size of process image. `rss`—Sorts by resident set size. `pri`—Sorts by process priority.
`-s <key>`	Sorts output lines by `<key>` in ascending order. See the `–S` option for a list of valid `keys` to use.
`-t`	Reports total usage summary for each user.
`-u <euidlist>`	Reports only processes whose effective user ID is in the given list. The value for `<euidlist>` may be specified as either a login name or a numerical user ID.
`-U <euidlist>`	Reports only processes whose real user ID is in the given list. The value for `<euidlist>` may be specified as either a login name or a numerical user ID.
PRSTAT ARGUMENTS
`<count>`	Specifies the number of times that the statistics are repeated. By default, `prstat` reports statistics until a termination signal is received.
`<interval>`	Specifies the sampling interval in seconds; the default interval is 5 seconds.

Note

psrinfo displays one line for each configured processor, displaying whether it is online, noninterruptible, offline, or powered off, as well as when that status last changed.

The following example uses the prstat command to view the four most active root processes running. I’m using the –n option to restrict the output to the top four processes. The next number, 5, repeats the command 5 times, and the last number, 3, runs the command in 3-second intervals:

prstat –u root –n 4 5 3

The system displays the following output:

PID USERNAME  SIZE   RSS  STATE  PRI  NICE  TIME    CPU  PROCESS/NLWP 
4375 root     4568K 4344K cpu0    59    0   0:00:00 0.4% prstat/1 
4298 root     7088K 5144K sleep   59    0   0:00:02 0.2% dtterm/1 
 304 root     2304K 1904K sleep   59    0   0:02:35 0.0% mibiisa/7 
 427 root     1832K 1304K sleep   59    0   0:00:00 0.0% rpc.rstatd/1 
Total: 53 processes, 111 lwps, load averages: 0.02, 0.01, 0.01

The output updates on your display 5 times every 3 seconds.

CDE Process Manager

In a common desktop environment (CDE) you have access to the Process Manager, sdtprocess, a graphical CDE tool that provides a process manager window for monitoring and controlling system processes.

The advantage of using the Process Manager is that you can view and control processes without knowing all the complex options associated with the ps and kill commands. For example, you can display processes that contain specific character strings, and you can sort the process list alphabetically or numerically. You can initiate a search using the find command, or you can terminate a process simply by highlighting it and clicking kill.

To open the Process Manager, you need to log into the CDE windowing environment. You can start the GUI by executing the command sdtprocess, as follows:

sdtprocess &

Or, you can click Find Process on the front panel Tools subpanel, as shown in Figure 15.1.

Figure 15.1. Front panel.

The Process Manager window opens, as shown in Figure 15.2.

Figure 15.2. Process Manager window.

Each process attribute in the header of the Process Manager window provides detailed information about the process and is described in Table 15.10.

Table 15.10. Process Manager Window
Column Heading	Description
`ID`	Process ID
`Name`	Process name
`Owner`	Login ID name of the owner of the process
`CPU%`	Ratio of CPU time available in the same period, expressed as a percentage
`RAM`	Amount of RAM currently occupied by this process
`Swap`	Total size in virtual memory
`Started`	Actual start time (or date, if other than current)
`Parent`	Process ID of parent process, or PPID
`Command`	Actual UNIX command (truncated) being executed

Click any of the column headings to sort the processes by that attribute. For example, click the CPU heading to sort all processes by their CPU usage. The list updates every 30 seconds, but you can enter a value in the Sampling field to update the list as frequently as you like. Finally, you can enter a text string in the Find drop-down menu that is common to the process entries of all the processes you want to display. In Figure 15.3, I entered “root” in the Find field to display all processes owned by root. I also changed the sampling rate to every 5 seconds and clicked the CPU heading to sort processes by their CPU usage.

Figure 15.3. Sorted Process Manager window.

Another nice feature of the Process Manager is the capability to display the ancestry of a process. When a UNIX process initiates one or more processes, these are child processes, or children. Child and parent processes have the same user ID. To view the parent process and all the child processes that belong to it, highlight the process in the Process Manager window. Click Process from the toolbar at the top of the window and select Show Ancestry, as shown in Figure 15.4.

Figure 15.4. Selecting Show Ancestry.

The window shown in Figure 15.5 displays showing all the processes belonging to the parent.

Figure 15.5. Show Ancestry window.

The command-line equivalent to the Ancestry selection in the Process Manager is the ptree command. Use this command when you don’t have a graphical display terminal. The ptree command displays the process ancestry trees containing the specified PIDs or users. The child processes are displayed indented from their respective parent processes. For example, here is the process tree for the -sh process, which has a PID of 293:

ptree 293

The system responds with this:

293  /usr/dt/bin/dtlogin –daemon 
  316   /usr/dt/bin/dtlogin –daemon 
    333   /bin/ksh /usr/dt/bin/Xsession 
      376   /usr/dt/bin/sdt_shell -c  unset DT;DISPLAY=:0;/usr/dt/bin/dt 
        379  -sh -c unset DT; DISPLAY=:0; usr/dt/bin/dtsession_res –  
              merge 
          392   /usr/dt/bin/dtsession 
            402   /usr/dt/bin/dtterm -session dthIaGth -C –ls 
              418   -sh

pargs

The pargs command is new to Solaris 9 and is used from the command line to examine the arguments and environment variables of a process (or number of processes). pargs can also be used to examine core files.

The syntax for the pargs command is as follows:

pargs [options] pid | core

Table 15.11 describes the pargs command options and arguments.

Table 15.11. pargs Options and Arguments
Option	Description
PARGS OPTIONS
`-a`	Prints the process arguments.
`-c`	Treats strings in the target process as though they were encoded in 7-bit ASCII.
`-e`	Prints process environment variables and values.
`-F`	Force. Grabs the target process even if another process has control.
`-x`	Prints process auxiliary vector.
`pid`	Process ID list. The PID list can be a single process ID or multiple PIDs separated by a space.
`core`	Processes a core file.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Viewing a Process

Create new playlist

Sign In

Sign Up

Viewing a Process

pgrep

prstat

CDE Process Manager

Figure 15.1. Front panel.

Figure 15.2. Process Manager window.

Figure 15.3. Sorted Process Manager window.

Figure 15.4. Selecting Show Ancestry.

Figure 15.5. Show Ancestry window.

pargs

Table of Contents for
Viewing a Process