Linux System Process


LinuxSystem Process



LinuxSystem Process

Aprocess is defined as a running instance of a program (William,2009). However, when there are two or more terminal windows showingon the screen, it is likely that the machine is running the sameterminal programs twice the two terminal processes. Every widowprobably running a given shell then each running shell can be termedas another process. In cases where someone invokes a command from agiven shell the corresponding program is normally executed with a newprocess (William, 2009). Later, the shell process resumes when thegiven process completes. Multiple cooperating processes are normallyused by the advanced programmers under a single application towardsenabling the application to multitask or what can be termed asenabling the application to execute more than a single thing henceincreasing application robustness plus also making use of the alreadyexisting programs. There is also the danger of blocking otherprocesses indefinitely as they wait to read the data. However,through the respective precautions, it is evident that such cases canbe averted hence minimizing or limiting any damages which may occurinto the system (IntelCorporation, 2002).

Theproffered brief preview offers a clear insight on what a process isunder Linux system. Based on the offered analysis, it is evident thatas an individual runs a computer or uses a computer there areprocesses running. This is backed up by the fact that programs useone or more processes which originates from a given process. With theoffered analysis, it offers an easier approach on how to perform ananalysis on a process called “mysterious4” which has been runningon a company’s server. This is aimed at offering a clear insight onhow to remove from the company servicer and analysis executed outelsewhere. The offered intriguing analogy indicates the essence oftaking various steps involved in the process towards effectivelyanalyzing and removing the process from the company server. Althoughthere are benefits of removing the “mysterious4” process runningon the given company’s server, there are dangers associated withthe process (IntelCorporation, 2002).The preceding analysis offers a clear insight on the respective stepsanalyzing the process and how to remove the process and also offeringa clear evaluation on the danger that the process poses. The studyuses the respective Linux system to offer a more suitable platform onhow to execute the process.


Inthe availed concept above, a clear scenario on an identified process“mysterious4” having identified on a company’s server, thedefinition of a process and the respective concept with terms such asshell and processes was offered. The preceding steps outlines therespective steps that can be used to analyze the identified process“mysterious4” and remove it from the company’s server whilealso assessing the danger of the process.

Step1: Process IDs

Underevery process in a Linux system should be identified by its uniqueprocess ID, which is also referred to as a pid (William, 2009). Underthis case, the “mysteraious4 “process should be able to beidentified by its unique process ID. The process IDs are mainly16-bit which are assigned sequentially via Linux as new processes arecreated. The step also entails examining every process which isestimated to have a parent process apart from the special initprocess normally termed as “Zombie Processes” (Gomes,1991).The identified “mysterious4” process should have an arrangementin form of a tree with the init process as its root. The analogyattached to this entity is vital based on the fact that parentprocess ID or what is termed as ppid is simply the process ID of theprocess’s parent hence easy to remove the system as offered laterin the analysis. The process IDs can be identified in a C or C++program which is normally uses the pid_t typedef normally typed ordefined as &ltsys/types.h&gt (Faulkneretal,1991).

Step2: Viewing Active Process

Itis evident that the discovered “mysterious4” process can bediscovered through the ps command displays where processes that arerunning on the system can be identified. Under the GNU/Linux versionof ps, it offers various options based on the fact that it tries tobe compatible with different versions f ps on several other UNIXvariants. The options attached to the availed consent and theinformation likely to be generated or displayed ranges based on ps orPID TTY difference with TIME CMD. Using the display and the attachedinformation, it is easily by default to involve ps displays theprocesses based on the fact that they are controlled by the terminalor terminal widow that is ps invoked. Such as the availed examplebelow that can be used in the availed situation (IntelCorporation, 2002).



21693 pts/8

00:00:00 bash

21694 pts/8

00:00:00 ps

Figure:Viewing Active Process (Source: secondary)

Theavailed analysis depicts some of the ways of viewing active processesthe shown invocations of ps depicts two processes. This can be usedto identify “mysterious4” process hence making it easier to beeliminated. Initial bash indicates the shell running on thisterminal. On the other hand, the second is the instance of the psprogram itself. The initial column which is labeled as PID depictsthe process ID of each. To be able to show “mysterious4” processmore clearly, running the company’s sever under GNU/ Linux system,the activity involved invoking % ps –e-o pid,ppid,command. Undersuch invocation, –e instructs ps to display all the processes whichare running on the system. On the other hand, -o pid,ppid,commandoption telling ps on what information that should be show on eachprocess under this case the process ID, the parent process ID, andthe command running the process.

Basedon the availed analysis under the step above, it is evident that nowit is easier to identify the process through executing some of therespective activities proffered in the availed analysis. Theassumption attached to the concept indicates how it is easier to beable to analyze the “mysterious4” process hence making therespective changes in relation to the generated information.Generating the process ID, the parent process ID, and also thecommand running the process provides an effective approach based onthe vast information generated on the new process. After gatheringthe availed information, the next step is conducted which involvesremoving or what is commonly termed as killing a process. The abilityto effectively generate the respective information under the availedstep above largely defines the effectiveness of the killing orremoving the program (IntelCorporation, 2002).There is also the danger of blocking other processes indefinitely asthey wait to read the data. However, through the respectiveprecautions, it is evident that such cases can be averted henceminimizing or limiting any damages which may occur into the system.

Step3: Killing or removing a process

Themain objective of the concept offered under the proffered issue underthe study was analyzing and removing the “mysterious4” processthat has been found to be running on a company’s server. Theproffered analysis indicates the respective steps and the informationgenerated which is vital to ensure that the identified process isremoved or killed to stop running from the company’s server. Thekilling or removing a process such as “mysterious4” from thecompany’s server entails using kill command concept. This involvessimply specifying on the command line the process ID of the processto be killed. The essence of specifically identifying the commandline of the “mysterious4” process s based on the need to ensurethat the required process is the one which is killed or removed fromthe server. The essence of specifying on the command is also based onthe need to avert the danger of killing another process which couldbe supporting the company’s server hence causing breakdown on thesystem.

Thekill command normally works through sending the process a SIGTERM orwhat some calls the termination signal. This later causes the processto basically terminate unless the respective program explicitly ormainly handles or masks the SIGTERM signal (William, 2009). However,in case of such exception, the kill command can work hence removing“mysterious4” process from the company’s server. The processrequires specific activities as proffered above, this is aimed atensuring that the killed process is the intended one to avert otherdamages that can be caused into the system through killing orremoving other essential.


Theoffered analysis above provides a detailed analysis on a process suchas the discovered “mysterious4” process. The steps offered aclear approach on how to execute the respective step, throughidentifying process IDS, the parent process ID, and also the commandrunning the process provides a clear platform on how to kill theprocess. Removing or killing the process involves the respectiveproffered steps which entail using the Kill command hence removingthe process. The offered analysis offers quick and easy step toanalyze “mysterious4” process and how to remove it.

However,there are some dangers involved in the process based on the role orother processes that could be running with the “mysterious4”process while removing it from the company’s server. Some of thesedangers include causing some problems especially incase otherprocesses are interacting with the identified process (William,2009). This is likely to cause a stuck waiting on the server with theclient’s timeouts also likely to occur. There is also the danger ofblocking other processes indefinitely as they wait to read the data.However, through the respective precautions, it is evident that suchcases can be averted hence minimizing or limiting any damages whichmay occur into the system. Short


IntelCorporation, 2002. Using the RDTSC Instruction for PerformanceMonitoring, 8 May2002, Reference Manual, Section 4, proc.

Gomes,R. 1991. The Process File System and Process Model in UNIX System V”,USENIXConferenceProceedings,Dallas, Texas, January 1991.

Faulkner,R. Pike, K., Thompson, and H. Trickey, 1990. “Plan 9 from BellLabs”, Summer 1990 UK Unix Users Group Conference, Summer 1990.

Solaris5 Reference Manual, Section 4, proc.

WilliamS. 2009. Operating System: Internals and Design Principles, Sixthedition, Prentice Hall