aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/process
diff options
context:
space:
mode:
Diffstat (limited to 'src/process')
-rw-r--r--src/process/README.md8
-rw-r--r--src/process/lsof.md74
-rw-r--r--src/process/pgrep.md16
-rw-r--r--src/process/pidstat.md31
-rw-r--r--src/process/pmap.md10
-rw-r--r--src/process/ps.md61
-rw-r--r--src/process/pstack.md6
7 files changed, 206 insertions, 0 deletions
diff --git a/src/process/README.md b/src/process/README.md
new file mode 100644
index 0000000..5b07038
--- /dev/null
+++ b/src/process/README.md
@@ -0,0 +1,8 @@
+# Process management & inspection
+
+- [lsof](./lsof.md)
+- [pidstat](./pidstat.md)
+- [pgrep](./pgrep.md)
+- [ps](./ps.md)
+- [pmap](./pmap.md)
+- [pstack](./pstack.md)
diff --git a/src/process/lsof.md b/src/process/lsof.md
new file mode 100644
index 0000000..562c8fc
--- /dev/null
+++ b/src/process/lsof.md
@@ -0,0 +1,74 @@
+# lsof(8)
+
+```markdown
+lsof
+ -r <s> ..... repeatedly execute command ervery <s> seconds
+ -a ......... AND slection filters instead ORing (OR: default)
+ -p <pid> ... filter by <pid>
+ +fg ........ show file flags for file descripros
+ -n ......... don't convert network addr to hostnames
+ -P ......... don't convert network port to service names
+ -i <@h[:p]>. show connections to h (hostname|ip addr) with optional port p
+ -s <p:s> ... in conjunction with '-i' filter for protocol <p> in state <s>
+ -U ......... show unix domain sockets ('@' indicates abstract sock name, see unix(7))
+```
+
+```markdown
+file flags:
+ R/W/RW ..... read/write/read-write
+ CR ......... create
+ AP ......... append
+ TR ......... truncate
+```
+
+```markdown
+-s protocols
+ TCP, UDP
+
+-s states (TCP)
+ CLOSED, IDLE, BOUND, LISTEN, ESTABLISHED, SYN_SENT, SYN_RCDV, ESTABLISHED,
+ CLOSE_WAIT, FIN_WAIT1, CLOSING, LAST_ACK, FIN_WAIT_2, TIME_WAIT
+
+-s states (UDP)
+ Unbound, Idle
+```
+
+# Examples
+
+## File flags
+Show open files with file flags for process:
+```markdown
+lsof +fg -p <pid>
+```
+
+## Open TCP connections
+Show open tcp connections for `$USER`:
+```markdown
+lsof -a -u $USER -i TCP
+```
+**Note**: `-a` _ands_ the results. If `-a` is not given all open files matching
+`$USER` and all tcp connections are listed (_ored_).
+
+## Open connection to specific host
+Show open connections to `localhost` for `$USER`:
+```markdown
+lsof -a -u $USER -i @localhost
+```
+
+## Open connection to specific port
+Show open connections to port `:1234` for `$USER`:
+```markdown
+lsof -a -u $USER -i :1234
+```
+
+## IPv4 TCP connections in `ESTABLISHED` state
+```markdown
+lsof -i 4TCP -s TCP:ESTABLISHED
+```
+## List open files in a mounted directory.
+This may help to find which processes keep devices busy when trying to unmount
+and the device is currently busy.
+```markdown
+# Assuming /proc is a mount point.
+lsof /proc
+```
diff --git a/src/process/pgrep.md b/src/process/pgrep.md
new file mode 100644
index 0000000..b2cf466
--- /dev/null
+++ b/src/process/pgrep.md
@@ -0,0 +1,16 @@
+# pgrep(1)
+
+```markdown
+pgrep [opts] <pattern>
+ -n only list newest matching process
+ -u <usr> only show matching for user <usr>
+ -l additionally list command
+ -a additionally list command + arguments
+ -x match exactly
+```
+
+## Debug newest process
+For example attach gdb to newest zsh process from `$USER`.
+```markdown
+gdb -p $(pgrep -n -u $USER zsh)
+```
diff --git a/src/process/pidstat.md b/src/process/pidstat.md
new file mode 100644
index 0000000..b57f231
--- /dev/null
+++ b/src/process/pidstat.md
@@ -0,0 +1,31 @@
+# pidstat(1)
+
+```markdown
+pidstat [opt] [interval] [cont]
+ -U [user] show username instead UID, optionally only show for user
+ -r memory statistics
+ -d I/O statistics
+ -h single line per process and no lines with average
+```
+
+# Page fault and memory utilization
+```markdown
+pidstat -r -p <pid> [interval] [count]
+```
+
+```markdown
+minor_pagefault: Happens when the page needed is already in memory but not
+ allocated to the faulting process, in that case the kernel
+ only has to create a new page-table entry pointing to the
+ shared physical page (not required to load a memory page from
+ disk).
+
+major_pagefault: Happens when the page needed is NOT in memory, the kernel
+ has to create a new page-table entry and populate the
+ physical page (required to load a memory page from disk).
+```
+
+# I/O statistics
+```markdown
+pidstat -d -p <pid> [interval] [count]
+```
diff --git a/src/process/pmap.md b/src/process/pmap.md
new file mode 100644
index 0000000..531ae99
--- /dev/null
+++ b/src/process/pmap.md
@@ -0,0 +1,10 @@
+# pmap(1)
+
+```markdown
+pmap [opts] <pid>
+ Dump virtual memory map of process.
+ Compared to /proc/<pid>/maps it shows the size of the mappings.
+opts:
+ -p show full path in the mapping
+ -x show details (eg RSS usage of each segment)
+```
diff --git a/src/process/ps.md b/src/process/ps.md
new file mode 100644
index 0000000..d7ddf95
--- /dev/null
+++ b/src/process/ps.md
@@ -0,0 +1,61 @@
+# ps(1)
+
+```
+ps [opt]
+ opt:
+ --no-header .... do not print column header
+ -o <OUT> ....... comma separated list of output columns
+ -p <PID> ....... only show pid
+ -C <name> ...... only show processes matching name
+ -T ............. list threads
+ --signames ..... use short signames instead bitmasks
+```
+> Set `PS_FORMAT` env variable to setup default output columns.
+
+Frequently used output columns
+```
+pid process id
+ppid parent process id
+pgid process group id
+tid thread id
+
+comm name of process
+cmd name of process + args (full)
+
+etime elapsed time (since process started)
+user user owning process
+thcount thread count of process
+nice nice value (-20 highest priority to 19 lowest)
+
+pcpu cpu utilization (percent)
+pmem physical resident set (rss) (percent)
+rss physical memory (in kb)
+vsz virtual memory (in kb)
+
+sig mask of pending signals
+sigcatch mask of caught signals
+sigignore mask of ignored signals
+sigmask mask of blocked signals
+```
+
+## Example: Use output for scripting
+```sh
+# Print the cpu affinity for each thread of process 31084.
+for tid in $(ps -o tid --no-header -T -p 31084); do
+ taskset -c -p $tid;
+done
+```
+
+## Example: Watch processes by name
+```sh
+watch -n1 ps -o pid,pcpu,pmem,rss,vsz,state,user,comm -C fish
+```
+
+## Example: Show signal information
+```sh
+# With signal masks.
+ps -o pid,user,sig,sigcatch,sigignore,sigmask,comm -p 66570
+
+# With signal names.
+ps --signames -o pid,user,sig,sigcatch,sigignore,sigmask,comm -p 66570
+```
diff --git a/src/process/pstack.md b/src/process/pstack.md
new file mode 100644
index 0000000..c135844
--- /dev/null
+++ b/src/process/pstack.md
@@ -0,0 +1,6 @@
+# pstack(1)
+
+```markdown
+pstack <pid>
+ Dump stack for all threads of process.
+```
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 04:59:46 +0000