Harley Hahn's Guide to
Unix and Linux
|
|
Harley Hahn's Guide to
|
|
A Personal Note
Chapters...
Command
INSTRUCTOR |
Exercises and Answers for Chapter 26... Processes and Job Control Review Question #1: What is a process? What part of the operating system manages processes? Define the following terms: process ID, parent process, child process, fork and exec. Answer A process is a program that is loaded into memory and ready to run, along with the program's data and the information needed to keep track of the program. Processes are managed by the kernel (unlike jobs, which are managed by the shell). A process ID as a unique number, assigned by the kernel, that identifies a particular process. The abbreviation is PID ("P-I-D"). When a process that starts another process, the original process is the parent process; the new process is the child process. fork is the name of a system call that creates a copy of a process; exec is a system call that changes the program that a process is running. The terms "fork" and "exec" are also used as verbs. Review Question #2: What is a job? What part of the operating system manages jobs? What is job control? What is the difference between running a job in the foreground and running a job in the background? How do you run a job in the foreground? How do you run a job in the background? How do you move a job from the foreground to the background? Answer A job is the internal representation of a command that is currently running or suspended. In most cases, a job corresponds to a single process. However, with a pipeline or a compound command, a job corresponds to multiple processes. Jobs are managed by the shell (unlike processes, which are managed by the kernel). Job control is a facility, supported by the kernel and implemented by the shell, that makes it possible to run multiple processes, one in the foreground, the rest in the background. Job control also enables a user to move processes between the foreground and background, suspend (pause) them, and display their status. When the shell waits for a job to finish before prompting you to enter a new command, we say the process is running in the foreground. When the shell leaves a job to run on its own, we say the process is running in the background. To run a job in the foreground, you enter it at the command line in the regular manner. To run a job in the background, you type a & (ampersand) character at end of the command line. To move a foreground job to the background, suspend the job by pressing ^Z and then use the bg command to move the job into the background. To move a background job to the foreground, use the fg command. Type fg followed by the process ID or job number. Review Question #3: The ps (process status) program is used to display information about processes. What are the two types of options you can use with this program? For each type of option, which commands would you use to display information about:
• Your current processes
Answer The ps program has two types of options: UNIX options and BSD options. To display the information specified above, use the following commands:
Review Question #4: You are a system administrator. One of your systems seems to be bogging down and your job is to figure out why. To start, you want to take a look at various processes running on the system and how they are changing from moment to moment. Which program will you use? Specify the command that will run this program with an automatic update every 5 seconds. Answer To check out the various processes running on the system and how they are changing from moment to moment, use top. With Solaris, use prstat. To display an automatic update every 5 seconds use:
top -d 5
With prstat, the default is 5 seconds so, in this case, you can leave out the number if you want. Review Question #5: What is the difference between killing a process and stopping a process? How do you kill a process? How do you stop a process? Answer When you kill a process, you terminate it permanently. When you stop a process, you pause (suspend) it. A killed process is gone for good; a stopped process can be restarted. To kill a foreground process, press ^C to send the intr signal to the process. If the process doesn't respond, use the kill command. To kill a background process, use the kill command. To pause (stop) a foreground process, press ^Z to send the stop signal to the process. To pause a background process, move it to the foreground, then press ^Z. Review Question #6: You have started a program named foobar that is running amok. What steps would you take to kill it? If foobar does not respond, what do you do? Answer To kill the foobar program, press ^C. If that doesn't work, press ^Z to suspend the program. Use ps to find out the process ID of foobar . Then try: kill pid If that doesn't work, use: kill -9 pid Applying Your Knowledge #1: Enter a command line that pauses for 5 seconds and then displays the message "I am smart." Wait for 5 seconds to make sure it works. Now change the delay to 30 seconds, and re- enter the command line. This time, before the 30 seconds are up, press ^C. What happens? Why? Answer The commands to use are:
sleep 5; echo 'I am smart.'
After you press ^C, what you see depends on which shell you are using. With Bash and the FreeBSD shell, pressing ^C will kill the sleep process. The echo command program will then execute, and you will see: I am smart. With the Korn Shell, Tcsh and C-Shell, pressing ^C will kill the enter command line, and you won't see any output. Applying Your Knowledge #2: You have just logged into a Unix system over the Internet using your userid, which is weedly. You enter the command ps -f command and see:
UID PID PPID C STIME TTY TIME CMD
Everything looks fine. Just out of curiosity, you decide to check on the rest of the system, so you enter the command ps -af. Among the output lines, you see: weedly 2522 2436 0 16:09 pts/4 00:00:00 vim secret Someone else is logged in using your userid! What do you do? Answer When you suspect someone is using your userid, follow these steps:
1. Secure
First, secure your account by changing your password. Do this immediately: passwd Second, confirm that your userid is logged in more than once: users Third, if your userid is listed more than once, display all the processes associated with your userid: ps -u weedly Within the output, you see:
2282 pts/3 00:00:00 bash
Clean up by killing the processes that are not running from your terminal, in this case, #2436 and #2522. Use kill -9 to make sure you kill the login shell: kill -9 2436 2522 Once the login shell is killed (process #2436) the intruder is disconnected. Since you have changed your password, he won't be able to log in again. Finally, inform the system administrator immediately that someone has been using your userid. If possible, tell him or her in person or on the phone. In this case, once all this is done, you might want to check out the file secret to see what the intruder was editing. Applying Your Knowledge #3: Create a pipeline to count the number of daemons on your system. Then create a second pipeline to display a sorted list of all the daemons. You should display the names of the daemons only and nothing else. Answer To display a list of all the daemons on your system, you can use either of the following commands:
ps -t -
The second command is better because it will not display the headings. To count the number of daemons: ps -e | grep '?' | wc -l To display a list of daemons: As we discussed in the chapter, ps writes its output in columns. In this case, we are only interested in the last column, the one with the name of the command. Take a careful look at the output. On most systems, the name will start in position #25. All you have to do is use colrm to remove the first 24 characters of output, then pipe the result to sort: ps -e | grep '?' | colrm 1 24 | sort If your system does not have colrm, you can use cut to extract the characters you want: ps -e | grep '?' | cut -c 25- | sort Note: The specification 25- will select from position #25 to the end of the line. A more generalized solution does not depend on the fact that the column we want starts at a specific position. Instead, we observe the columns of data are separated by one or more spaces. Thus, if we replace one or more spaces by a delimiter, we can use cut -f to select the field we want (the 4th field). To create the pipeline, we pipe the output of ps to sed (Chapter 19) to perform two tasks. First we remove leading spaces. Then for all the remaining spaces, we change every instance of one or more spaces to a delimiter (say, a # character). The output of sed is then piped to cut to extract the field we want. That output is piped to sort:
ps -e | grep '?' | sed \
For Further Thought #1: Using the kill command to kill processes is more complicated than it needs to be. Describe a simpler way to provide the same functionality. Answer GUI-based systems list the processes within a window. Typicially, you can use your mouse to select one or more processes and then kill them by clicking on a button. A text-based system might work as follows. First, it would make it easy to list all the processes in which you are interested. Within the list, each process would be given an ID number starting from 1. You could then type one or more ID numbers to kill whichever processes you want. For Further Thought #2: Why are there two different types of options for ps? Is this good or bad? Answer One set of ps options comes from the BSD tradition; the other comes from the AT&T UNIX tradition. Maintaining two sets of options has the advantage of backwards compatibility, especially for existing shell scripts. However, in no other way can such a situation be considered good. Having two such complex sets of options, for what is essentially the same program, creates unnecessary confusion (especially for beginners). It also makes it difficult to write portable shell scripts that use ps.
© All contents Copyright 2024, Harley Hahn
|
SEARCH
