# 08-D.9: Process Troubleshooting

EXAM OBJECTIVES COVERED
2.4 Given a scenario, manage services.
2.6 Given a scenario, automate and schedule jobs.
4.2 Given a scenario, analyze system processes in order to optimize performance.

Everything that happens in Linux is a process. Some software actually creates numerous processes during the execution of the code. Processes can get stuck. Referred to as a hung process, they can die unexpectedly, they can not terminate when they should, they can consume or cause other processes to wait while they complete...there are numerous issues that can occur with a process that impacts the overall system.

## Process States

A process goes through a lifecycle from "new" to "terminated." It is important to know what state a process is in so that you, as the system administrator, know what actions to take.

As a process executes it changes state according to its circumstances. Linux processes are in one the following states:

• Running - The process is either running (it is the current process in the system) or it is ready to run (it is waiting to be assigned to one of the system's CPUs).
• Waiting - The process is waiting for an event or for a resource.
• Linux differentiates between two types of waiting processes:
• Interruptible waiting processes can be interrupted by signals, such as input from the terminal.
• Uninterruptible waiting processes are waiting directly on hardware conditions and cannot be interrupted under any circumstances.
• Stopped - The process has been stopped, usually by receiving a signal. A process that is being debugged can be in a stopped state.
• Zombie - This is a halted process which, for some reason, still has a task_struct data structure in the task vector. It is what it sounds like, a dead process.

## Process ID's

A program/command when executed, a special instance is provided by the system to the process. This instance consists of all the services/resources that may be utilized by the process under execution.

• Whenever a command is issued in Linux it creates/starts a new process. For example, when the command pwd is issued, which is used to list the current directory location the user is in, a process starts.
• Through a five digit ID number, Linux keeps account of the processes. This number is called process ID or PID. Each process in the system has a unique PID.
• Used up PID's can be used again for a newer process since all the possible combinations are used.
• At any point in time, no two processes with the same PID exist in the system because it is the PID that Unix uses to track each process.

To find the PID of a process there are several commands that can be used. The most common is the ps command.

pbmac@pbmac-server $ps PID TTY TIME CMD 7582 pts/1 00:00:00 ps 11845 pts/1 00:00:00 bash  This outputs the PID, the terminal session it is associated with, the CPU time consumed by the command, and the command itself. The most common ps options are ps -ef, or ps-ax. In order to troubleshoot process issues it is imperative to be able to find the process ID. With the PID you can then perform process management commands, or if necessary, the process can be terminated by the use of the PID. ## The pgrep Command When using the pgrep command, it looks through the currently running processes and lists the PIDs which matches the selection criteria to stdout. All the criteria have to match. For example, pgrep -u root sshd will only list the processes called sshd AND owned by root. On the other hand, pgrep -u root,daemon will list the processes owned by root OR daemon. Syntax: pgrep [ OPTIONS ] {pattern}  If you needed to find the process ID of a certain command that is running you can simply use the command name. Or perhaps you need all of the processes being run by a specific user, which you can do. pbmac@pbmac-server$ pgrep sshd
1064
pbmac@pbmac-server $psgrep chrome 30773 pbmac@pbmac-server$ ps -ef | grep 30773
pbmac    30773  3106  0 Sep10 tty2     00:00:01 /opt/google/chrome/chrome
pbmac@pbmac-server \$