# Process Control Know how to view and control the running process is also really useful, you can even set a program to run routinely. ## Viewing process The `ps` command is to see what processes are active (I use [Btop](https://github.com/aristocratos/btop) more often, plus it looks badass) ```bash $ ps PID TTY TIME CMD 12 pts/0 00:00:00 bash 25 pts/0 00:00:00 ps ``` The **PIDs** as you see here is when a program starts running it will assign a unique **PID** to it, and **PID** is way more important than the program’s name Often times, we want to know all the processes running so we add a `aux` flag after `ps` `a:` show processes for all users. `u:` display the user that launched the process. `x:` show processes that are not attached to a terminal. ```bash $ ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 1.3 0.0 3060 1920 hvc0 Sl+ 16:23 0:00 /init root 7 0.0 0.0 3060 1792 hvc0 Sl+ 16:23 0:00 plan9 --control-socket 6 --log-level 4 --server-fd 7 -- root 10 0.0 0.0 3076 896 ? Ss 16:23 0:00 /init root 11 0.0 0.0 3076 1024 ? S 16:23 0:00 /init vix 12 0.5 0.0 7176 3968 pts/0 Ss 16:23 0:00 -bash vix 24 0.0 0.0 10712 4096 pts/0 R+ 16:23 0:00 ps aux ``` And here are some important column headers: * **USER:** The user who invoked the process * **PID:** Process ID * **%CPU:** The percent of CPU the process is using * **%MEM:** The percent of memory the process is using * **COMMAND:** The name of the command that started the process Sometimes we are only finding certain process so we can work it with `grep` Let’s say you are looking for **init** ```bash $ ps aux | grep init root 1 0.0 0.0 3060 1920 hvc0 Sl+ 16:23 0:00 /init root 10 0.0 0.0 3076 896 ? Ss 16:23 0:00 /init root 11 0.0 0.0 3076 1024 ? S 16:23 0:00 /init vix 26 0.0 0.0 6428 2048 pts/0 S+ 16:30 0:00 grep --color=auto init ``` ### Live time with top If you want to know which processes are using the most resources we can use `top` But again, for me `btop` or `htop` is better ## Managing processes ### nice Sets the priority for a **new process** that you are about to start Manage processes priority with `nice` and it range form -20 to +19 and 0 being default value. While the negative is the priority (-20 > -13 > 0 > 19) ```bash $ nice -n $ nice -n -14 /bin/something #being higher priority $ nice -n 14 /bin/something #being lower priority ``` ### renice Changes the priority for an **existing process** that is already running `renice` is a bit different from nice since it uses **PID** to declare the program ```bash $ renice -n -p $ renice -n -10 -p 18964 $ renice -n 3 -u james #make all processes owned by user "james" run with lower priority ``` ### Be nice with top We can also use `nice` command with `top` With the top running we press R key and insert **PID** and the nice value After that you can check the **PR** column to see the assigned priority value ## Killing processes ### kill Sometimes when the program is consuming so much resources and lead to freezing or lagging, the kill command is useful in this case With kill command we have total of 64 different signals and default signal will be `SIGTERM (15)` Here’s some common signals: | Signal name | Signal value | Effect | | ----------- | ------------ | ------------------------------------------------------------------------------------------------------------- | | **SIGHUP** | 1 | Hangup(HUP) for long-running service or daemon will likely **reload** while other programs will **terminate** | | **SIGINT** | 2 | Interrupt from keyboard | | **SIGQUIT** | 3 | Quit | | **SIGABRT** | 6 | Cancel | | **SIGKILL** | 9 | Kill signal | | **SIGTERM** | 15 | Termination signal - allow an orderly shutdown | | **SIGSTOP** | 17,19,23 | Stop the process | ```bash $ kill - $ kill -1 18964 #likely reload $ kill -15 18964 #just terminate $ kill -9 18964 #fully terminate the process ``` ### killall If you don’t know the **PID** of the process you can use `killall` with the process’s name, but the signals are the same ```bash $ killall -9 someprocess ``` ## Running processes in background Some commands will take the whole terminal session like when I enter `burpsuite` it will occupy the whole terminal session If that bugs you then you can just add a `&` at the back of the command `$ burpsuite &` so that it will give you the terminal session back and keep the program running You can move processes to the background by using the `bg` command while `fg` let the program move to the **foreground** and both requires **PID** ```bash $ bg 8946 $ fg 8946 ``` ## Scheduling processes To schedule processes we often use `at` and `crond` Noticed that when just insert a certain time without any flags it will take you to interactive mode `at>` and then you can add the files/scripts to schedule it ```bash $ at 23:00 -f /home/scripts/myjob.sh OR $ at 11:00pm at> /home/scripts/myjob.sh ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://vix-w1zzer.gitbook.io/vixwizzer/notes/linux/process-control.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.