From e830fa716bedecbff8c3a572d1d20061342ec4c7 Mon Sep 17 00:00:00 2001
From: Johannes Stoelp <johannes.stoelp@gmail.com>
Date: Tue, 27 Aug 2024 23:05:39 +0200
Subject: mv monitor -> process

---
 src/process/README.md  |  8 ++++++
 src/process/lsof.md    | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++
 src/process/pgrep.md   | 16 +++++++++++
 src/process/pidstat.md | 31 +++++++++++++++++++++
 src/process/pmap.md    | 10 +++++++
 src/process/ps.md      | 61 +++++++++++++++++++++++++++++++++++++++++
 src/process/pstack.md  |  6 ++++
 7 files changed, 206 insertions(+)
 create mode 100644 src/process/README.md
 create mode 100644 src/process/lsof.md
 create mode 100644 src/process/pgrep.md
 create mode 100644 src/process/pidstat.md
 create mode 100644 src/process/pmap.md
 create mode 100644 src/process/ps.md
 create mode 100644 src/process/pstack.md

(limited to 'src/process')

diff --git a/src/process/README.md b/src/process/README.md
new file mode 100644
index 0000000..5b07038
--- /dev/null
+++ b/src/process/README.md
@@ -0,0 +1,8 @@
+# Process management & inspection
+
+- [lsof](./lsof.md)
+- [pidstat](./pidstat.md)
+- [pgrep](./pgrep.md)
+- [ps](./ps.md)
+- [pmap](./pmap.md)
+- [pstack](./pstack.md)
diff --git a/src/process/lsof.md b/src/process/lsof.md
new file mode 100644
index 0000000..562c8fc
--- /dev/null
+++ b/src/process/lsof.md
@@ -0,0 +1,74 @@
+# lsof(8)
+
+```markdown
+lsof
+  -r <s> ..... repeatedly execute command ervery <s> seconds
+  -a ......... AND slection filters instead ORing (OR: default)
+  -p <pid> ... filter by <pid>
+  +fg ........ show file flags for file descripros
+  -n ......... don't convert network addr to hostnames
+  -P ......... don't convert network port to service names
+  -i <@h[:p]>. show connections to h (hostname|ip addr) with optional port p
+  -s <p:s> ... in conjunction with '-i' filter for protocol <p> in state <s>
+  -U ......... show unix domain sockets ('@' indicates abstract sock name, see unix(7))
+```
+
+```markdown
+file flags:
+  R/W/RW ..... read/write/read-write
+  CR ......... create
+  AP ......... append
+  TR ......... truncate
+```
+
+```markdown
+-s protocols
+  TCP, UDP
+
+-s states (TCP)
+  CLOSED, IDLE, BOUND, LISTEN, ESTABLISHED, SYN_SENT, SYN_RCDV, ESTABLISHED,
+  CLOSE_WAIT, FIN_WAIT1, CLOSING, LAST_ACK, FIN_WAIT_2, TIME_WAIT
+
+-s states (UDP)
+  Unbound, Idle
+```
+
+# Examples
+
+## File flags
+Show open files with file flags for process:
+```markdown
+lsof +fg -p <pid>
+```
+
+## Open TCP connections
+Show open tcp connections for `$USER`:
+```markdown
+lsof -a -u $USER -i TCP
+```
+**Note**: `-a` _ands_ the results. If `-a` is not given all open files matching
+`$USER` and all tcp connections are listed (_ored_).
+
+## Open connection to specific host
+Show open connections to `localhost` for `$USER`:
+```markdown
+lsof -a -u $USER -i @localhost
+```
+
+## Open connection to specific port
+Show open connections to port `:1234` for `$USER`:
+```markdown
+lsof -a -u $USER -i :1234
+```
+
+## IPv4 TCP connections in `ESTABLISHED` state
+```markdown
+lsof -i 4TCP -s TCP:ESTABLISHED
+```
+## List open files in a mounted directory.
+This may help to find which processes keep devices busy when trying to unmount
+and the device is currently busy.
+```markdown
+# Assuming /proc is a mount point.
+lsof /proc
+```
diff --git a/src/process/pgrep.md b/src/process/pgrep.md
new file mode 100644
index 0000000..b2cf466
--- /dev/null
+++ b/src/process/pgrep.md
@@ -0,0 +1,16 @@
+# pgrep(1)
+
+```markdown
+pgrep [opts] <pattern>
+  -n         only list newest matching process
+  -u <usr>   only show matching for user <usr>
+  -l         additionally list command
+  -a         additionally list command + arguments
+  -x         match exactly
+```
+
+## Debug newest process
+For example attach gdb to newest zsh process from `$USER`.
+```markdown
+gdb -p $(pgrep -n -u $USER zsh)
+```
diff --git a/src/process/pidstat.md b/src/process/pidstat.md
new file mode 100644
index 0000000..b57f231
--- /dev/null
+++ b/src/process/pidstat.md
@@ -0,0 +1,31 @@
+# pidstat(1)
+
+```markdown
+pidstat [opt] [interval] [cont]
+  -U [user]     show username instead UID, optionally only show for user
+  -r            memory statistics
+  -d            I/O statistics
+  -h            single line per process and no lines with average
+```
+
+# Page fault and memory utilization
+```markdown
+pidstat -r -p <pid> [interval] [count]
+```
+
+```markdown
+minor_pagefault: Happens when the page needed is already in memory but not
+                 allocated to the faulting process, in that case the kernel
+                 only has to create a new page-table entry pointing to the
+                 shared physical page (not required to load a memory page from
+                 disk).
+
+major_pagefault: Happens when the page needed is NOT in memory, the kernel
+                 has to create a new page-table entry and populate the
+                 physical page (required to load a memory page from disk).
+```
+
+# I/O statistics
+```markdown
+pidstat -d -p <pid> [interval] [count]
+```
diff --git a/src/process/pmap.md b/src/process/pmap.md
new file mode 100644
index 0000000..531ae99
--- /dev/null
+++ b/src/process/pmap.md
@@ -0,0 +1,10 @@
+# pmap(1)
+
+```markdown
+pmap [opts] <pid>
+    Dump virtual memory map of process.
+    Compared to /proc/<pid>/maps it shows the size of the mappings.
+opts:
+  -p         show full path in the mapping
+  -x         show details (eg RSS usage of each segment)
+```
diff --git a/src/process/ps.md b/src/process/ps.md
new file mode 100644
index 0000000..d7ddf95
--- /dev/null
+++ b/src/process/ps.md
@@ -0,0 +1,61 @@
+# ps(1)
+
+```
+ps [opt]
+  opt:
+    --no-header .... do not print column header
+    -o <OUT> ....... comma separated list of output columns
+    -p <PID> ....... only show pid
+    -C <name> ...... only show processes matching name
+    -T ............. list threads
+    --signames ..... use short signames instead bitmasks
+```
+> Set `PS_FORMAT` env variable to setup default output columns.
+
+Frequently used output columns
+```
+pid        process id
+ppid       parent process id
+pgid       process group id
+tid        thread id
+
+comm       name of process
+cmd        name of process + args (full)
+
+etime      elapsed time (since process started)
+user       user owning process
+thcount    thread count of process
+nice       nice value (-20 highest priority to 19 lowest)
+
+pcpu       cpu utilization (percent)
+pmem       physical resident set (rss) (percent)
+rss        physical memory (in kb)
+vsz        virtual memory (in kb)
+
+sig        mask of pending signals
+sigcatch   mask of caught signals
+sigignore  mask of ignored signals
+sigmask    mask of blocked signals
+```
+
+## Example: Use output for scripting
+```sh
+# Print the cpu affinity for each thread of process 31084.
+for tid in $(ps -o tid --no-header -T -p 31084); do
+    taskset -c -p $tid;
+done
+```
+
+## Example: Watch processes by name
+```sh
+watch -n1 ps -o pid,pcpu,pmem,rss,vsz,state,user,comm -C fish
+```
+
+## Example: Show signal information
+```sh
+# With signal masks.
+ps -o pid,user,sig,sigcatch,sigignore,sigmask,comm -p 66570
+
+# With signal names.
+ps --signames -o pid,user,sig,sigcatch,sigignore,sigmask,comm -p 66570
+```
diff --git a/src/process/pstack.md b/src/process/pstack.md
new file mode 100644
index 0000000..c135844
--- /dev/null
+++ b/src/process/pstack.md
@@ -0,0 +1,6 @@
+# pstack(1)
+
+```markdown
+pstack <pid>
+    Dump stack for all threads of process.
+```
-- 
cgit v1.2.3