Deep System Discovery on your Linux Server With /proc
Live Processes
/proc is a virtual filesystem generated at boot and updated regularly by the kernel. With /proc you can investigate exactly what hardware your Linux kernel sees, what processes it is running, boot options, and also manipulate kernel events. |
/proc (short for "process filesystem") isn't 'real'; it's a virtual filesystem, generated at boot and updated regularly by the kernel. Instead of storing information on disk, when you look at something in /proc, it fetches the information from the kernel to output as a file. This is great both for system communication (utilities can operate in userspace, rather than in kernel space), and for investigating your system's innards.
/proc and processes
If you type ls /proc, you'll see a set of numbered directories. These are your processes: one directory per process ID. Look at your process list with ps -A, and pick one to investigate. (Note that unless you have root/sudo access, you're best off choosing a process that you own.) Here's a sample process from my ps output:
juliet 25175 0.0 0.0 18044 1552 pts/31 Ss Jul14 0:00 /bin/bash
Digg
del.icio.us
Slashdot
DZone
Reddit
StumbleUpon
Facebook
FriendFeed
Furl
Newsvine
Google
LinkedIn
MySpace
Technorati
Twitter
Windows Live
YahooBuzzLook at the proc directory of this process with ls -l /proc/25175/, then use cat or less to look at the file contents. Some files are binary, but they usually have at least some human-readable text. Here are some of the files and directories you'll see; for more info, check the very comprehensive proc manpage. Note that often these files will be links, so ls -l is useful.
- cmdline: the command used to launch this process. Useful if you're debugging a launch problem, or to check which options were passed in.
- environ: the command environment.
- exe: the original executable file.
- fd/: filehandle links to files in use by the process.
- task: hard links to any other processes started by this process, including itself.
- cwd: the process' working directory.
- root: the root path, almost always /, unless the process is being run in a chroot jail.
- maps: memory maps to executables and library files. For each such file, it shows the memory address, permissions (r/w/x, s(hared), and p(rivate - copy on write)), offset into the file, and device and inode.
- stat, status: status information. status has better formatting.
- Skip Ahead
- 1. Live Processes
- 2. Live Processes
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
