获取进程信息相关命令

任务ID:

  • pid: 进程ID
  • tid:线程ID
  • tgid:主线程ID

显示线程需要增加 L参数

ps -eLo pid,tid,tgid,pgrp,args

 

任务状态:

进程状态描述:

D uninterruptible sleep (usually IO)
R running or runnable (on run queue)
S interruptible sleep (waiting for an event to complete)
T stopped by job control signal
t stopped by debugger during the tracing
W paging (not valid since the 2.6.xx kernel)
X dead (should never be seen)
Z defunct (“zombie”) process, terminated but not reaped by
its parent

ps -eLo pid,tid,tgid,pgrp,s,args|more

 

亲缘关系:

 

ppid: 父进程ID, real parent

1. ps -eLo pid,ppid,args|more
2. pstree

 

优先级相关:

优先执行序 prority,PRI, 值越小优先级越高

通过ps可以查看,PRI(new) = PRI(old) + nice

通过nice,renice可以进行调整。普通用户仅能调打NI (0~19)

root调整范围(-20~19)

1. ps -eLo pid,ni,policy,args|more
2. nice [-n number] command
3. renice [number] PID

 

调度相关:

调度相关策略

– not reported
TS SCHED_OTHER
FF SCHED_FIFO
RR SCHED_RR
B SCHED_BATCH
ISO SCHED_ISO
IDL SCHED_IDLE
? unknown value

scheduling policy of the process.

SCHED_OTHER (SCHED_NORMAL),
SCHED_FIFO,SCHED_RR, SCHED_BATCH, SCHED_ISO, and SCHED_IDLE are respectively

displayed as 0, 1, 2, 3, 4, and 5.

ps -eo pid,policy,sched,args|more

 

信号相关:

  • caught: 捕捉信号的掩码
  • ignored:忽略信号的掩码
  • pending:未决信号掩码
ps -eo pid,caught,ignored,pending,args|more

 

进程权限:

	kuid_t		uid;		/* real UID of the task */
	kgid_t		gid;		/* real GID of the task */
	kuid_t		suid;		/* saved UID of the task */
	kgid_t		sgid;		/* saved GID of the task */
	kuid_t		euid;		/* effective UID of the task */
	kgid_t		egid;		/* effective GID of the task */
	kuid_t		fsuid;		/* UID for VFS ops */
	kgid_t		fsgid;		/* GID for VFS ops */

  ps -eo pid,uid,egid,suid,sgid,euid,egid,fuid,fgid,fgroup,args

 

内存相关:

  • VSZ:  process 使用虚拟内存
  • RSS:process使用的固定内存
  • TRS:代码段
  • DRS:数据段       

SIZE和RSS字段不计算进程的某些部分,包括页表,内核堆栈,
struct thread_info和struct task_struct。 这通常至少是20 KiB的内存。SIZE是进程的虚拟大小(代码+数据+堆栈)。

VSZ = TRS+DRS+1?

1. ps -eo pid,%mem,drs,rss,trs,vsz,args|more
2. ps v

 

文件与文件系统:

可以通过fuser,lsof 查看相关文件相关的进程

1. fuser -mvu /proc 
2. lsof

 

运行时间统计

ps -eo bsdstart,start,lstart,stime,start_time,etime,etimes,args|more

 

capabilities设置及查看

  • getcap [pid]
  • setcap
[weida@centosgpt ~]$ cat /proc/sys/kernel/cap_last_cap
37

[weida@centosgpt ~]$ capsh --print
Current: =
Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,35,36,37
Securebits: 00/0x0/1'b0
secure-noroot: no (unlocked)
secure-no-suid-fixup: no (unlocked)
secure-keep-caps: no (unlocked)
uid=1000(weida)
gid=1000(weida)
groups=1000(weida),1007(myquotagrp)

[weida@centosgpt ~]$ ps
PID TTY TIME CMD
17394 pts/1 00:00:00 bash
17921 pts/1 00:00:00 ps
[weida@centosgpt ~]$ cat /proc/17394/status|grep Cap
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: 0000003fffffffff
CapAmb: 0000000000000000

[weida@centosgpt ~]$ capsh --decode=0000003fffffffff
0x0000003fffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,35,36,37

 

参考

Linux ps 命令查看进程启动及运行时间

Linux capabilities 101

man ps

 

 

Be First to Comment

发表回复