Process Management

Tarih: 2026-06-15 | Kategori: Linux

Etiketler: Linux

In Linux, the term "process" is defined as a program loaded into memory and executing in the processor (CPU). Processes can range from short commands run from the command line to network services running for the duration of the operating system's uptime.

Types of Processes

Foreground Processes

By default, all processes run in the foreground. They take input from the keyboard and display output on the screen. Running the `pwd` command is a good example of a foreground process.

root@hackerbox:~$ pwd


/root

In this example, the process executed by the `pwd` command ran in the foreground, displayed the output, and exited after completing its task. Foreground processes lock the terminal until they finish their tasks and do not allow other operations to be performed in the meantime.

Background Processes

Background processes do not lock the terminal when run; they start running in the background. When background processes are running, multiple processes can run in parallel.

To run a command in the background, append the `&` character to it. For example, let's run the `pwd` command in the background:

root@hackerbox:~$ pwd &


[1] + Done pwd

Unlike the first example, the `pwd` command did not print the path of the current directory as it was run as a background process. Instead, it provided information about the background process it started.

  • `[1]` indicates that the process job number is 1.
  • `Done` indicates that the process successfully completed its task.

    • Let's Do a Different Example

    The `pwd` command, by nature, completes its task immediately and exits. However, some commands run continuously until you send a stop signal. The `ping` command is a good example of this.

    Let's send a ping to `127.0.0.1` with the `ping` command and run it in the background. This will allow us to send ping requests to `127.0.0.1` for as long as our terminal or the running process remains open, while still allowing us to use our terminal for other tasks.

    root@hackerbox:~$ ping 127.0.0.1 &


    [1] 54017
root@hackerbox:~$ 
64 bytes from 127.0.0.1: icmp_seq=100 ttl=64 time=0.081 ms
64 bytes from 127.0.0.1: icmp_seq=101 ttl=64 time=0.164 ms
64 bytes from 127.0.0.1: icmp_seq=102 ttl=64 time=0.075 ms

    *(Output Explanation): The terminal continues to show responses from the ping process running in the background.*

  • `[1]` indicates that the background job number for the process is 1.
  • `54017` is the Process ID (PID) for the background process. The PID is a unique number identifying the process.

    • Some commands, like `ping`, may provide output to the terminal even when running in the background. As seen in the example, although running in the background, the `ping` command prints output to the terminal every second. However, this output does not prevent us from performing other tasks and does not lock the terminal.

    Managing Processes in the Current Terminal Session

    We can easily list the background processes started in our current terminal session using the `jobs` command.

    root@hackerbox:~$ jobs


    [1] running ping 127.0.0.1

    According to the output, we have a `ping 127.0.0.1` command running in the background in our current terminal session, with a job number of 1.

    To bring this background command back to the foreground, we can use the `fg` (foreground) command. We type the job number of the process with a `%` sign next to the `fg` command.

    root@hackerbox:~$ fg %1

    As we can see, the process is running in the foreground again. How do we stop it? We can easily stop a program running in the terminal by pressing the `CTRL+C` shortcut on the keyboard.

    ^C

    Managing System-Wide Processes

    In addition to processes in our current terminal session, there are processes running system-wide. These can be processes used by the operating system, the terminal, service providers, or programs that continuously run in the background. We can view system-wide processes using the `ps` command.

    root@hackerbox:~$ ps


      PID TTY          TIME CMD
   19 pts/1    00:00:00 sh
   24 pts/1    00:00:00 ps

    As seen in the example, there are two processes running system-wide. One is the terminal running the `sh` process, and the other is the `ps` command we just executed. For a more detailed output, we can use the `-f` parameter of the `ps` command.

    root@hackerbox:~$ ps -f


    UID        PID  PPID  C STIME TTY          TIME CMD
1001        19     1  0 07:20 pts/1    00:00:00 sh
1001        25    19  0 08:04 pts/1    00:00:00 ps -f

    The detailed explanations of the columns in the command output are as follows:

  • UID: User ID - The ID number of the user running the process
  • PID: Process ID - The unique identifier for the process
  • PPID: Parent Process ID - The unique identifier for the parent process that started the process
  • C: CPU - The CPU usage of the process
  • STIME: Start Time - The start time of the process
  • TTY: Terminal Type - The type of terminal where the process is running
  • TIME: The total time the process has been running
  • CMD: Command - The command that started the process

    • Stopping a Running Process

    To stop running processes, if the process runs in the foreground, we can easily press the `CTRL+C` shortcut on the keyboard. If it's a background process, we need to know the Process ID (PID) number to stop it.

    First, let's list the processes:

    root@hackerbox:~$ ps

    In the output above, we have the PID for the process `sh` (19). To stop this process, use the `kill` command.

    root@hackerbox:~$ kill 19

    If the process does not terminate with the command above, we can forcefully stop it with the interrupt signal `-9` (SIGKILL).

    root@hackerbox:~$ kill -9 19