OS fundamentals - 7 - processes.pdf

Full Transcript

OS FUNDAMENTALS Processes 1 Phaedra Degreef PROCESSES IN LINUX TERMINOLOGY 3 PROCESS • Multitasking OS has…..multiple tasks running • Each task = process − Application = foreground process − Linux/unix daemon = windows service = background process (no interaction with the user) • Start proc...

OS FUNDAMENTALS Processes 1 Phaedra Degreef PROCESSES IN LINUX TERMINOLOGY 3 PROCESS • Multitasking OS has…..multiple tasks running • Each task = process − Application = foreground process − Linux/unix daemon = windows service = background process (no interaction with the user) • Start process in background: add & behind command httpd & 4 VIEW PROCESSES 5 LINUX: TOP COMMAND 6 WINDOWS: TASK MANAGER 7 PROCESSES SNAPSHOT: PS COMMAND • PID = Process ID • VSZ: virtual size • STAT(us) 8 PROCESS ID Process ID = unique ID for each process • PPID = parent process ID • − Linux has no system call to create new processes − An existing process clones itself to create a new one • Becomes parent process of its child process − 9 pstree command shows process tree PS COMMAND OPTIONS 10 PS COMMAND OPTIONS 11 PS COMMAND OPTIONS 12 USER ID • UID = user ID of the user that created the process − Only root and the owner can change processes • EUID = effective user ID : determines the privileges of the process − runuser –l <username> -c <command> = “Run as…” in windows − Similar to “service account” for windows services − su, sudo : EUID = root − su <username>: Switch User, default = root 13 PROCESS GROUP ID • GID : group ID • EGID : idem to EUID: effective group ID • Why groups? − Determines files and resources processes have access to − Commonalities in behavior (foreground process group can output to tty for example) − Groups belong to sessions − Signalling; see further 14 SIGNALS • Communication between processes • Can be sent by terminal driver − Ctrl-C and ctrl-Z keys to suspend or kill (SIGQUIT) • kill command − kill <process ID> − Get process ID: • • • • 15 pidof firefox (say PID 1025) kill 1025 kill -9 1025 (if it’s really tough) killall firefox NICENESS • The niceness of a process is an indication of its priority (how nice it is to other processes) • Low nice value = high priority • Values from -20 to +19 • Can be set at creation of process − nice –n 5 sometask − renice -2 8829 16 NICENESS • You can always renice to a higher nice value as a regular user − You don’t need privileges to be nice to others ☺ • But you need sudo privileges to renice to a lower nice value − If an admin reniced your process, you can not just reverse that as a regular user • For instance: − renice 10 30533 • Works; you give priority to other processes by changing nice value from 0 (default) to 10 − renice 5 30533 • Will throw an error “permission denied”; needs sudo privileges 17 TOP COMMAND OPTIONS • Sort by field: top –O 18 TOP COMMAND OPTIONS • top –u <username> : display specific user processes • Example: top –u tecmint 19 TOP COMMAND OPTIONS • While running top press…. − − − − − − c : display absolute path d : change screen update interval k : kill a process r : renice a process Shift + W : save the current output to file h : help • top –n 10 − Quit after 10 updates 20 MANAGING PROCESSES 21 MANAGING PROCESSES • You can use the kill and killall commands from the shell prompt to terminate a process. − The killall command kills all processes with an indicated command name; − the kill command kills only the specified process. • The kill command requires the PID of the process. − use ps or top to find the PID of the offending process. • The killall command requires the command name of the process instead of the PID. 22 MANAGING PROCESSES • A process may respond in one of the following ways when receiving a kill signal: − Capture the signal and react to it (if it has a corresponding function available). • For example, an editor may close an open file properly before it terminates. − Ignore the signal if no function exists for handling that signal. 23 MANAGING PROCESSES • However, the process does not have control over how the following signals are handled by the kernel: − kill -SIGKILL or kill -9 − kill -STOP or kill -19 • These signals cause the process to be ended immediately (SIGKILL) or to be stopped (STOP). 24 MANAGING PROCESSES • You should use SIGKILL with caution. − Although the operating system closes all files that are still open, the process’s data buffered in memory is no longer processed. − As a result, some processes might leave the service in an undefined state such that it cannot easily be started again. • NOTE: For a complete list of signals generated by kill and what their numbers stand for, enter kill -l or man 7 signal at the shell prompt. 25 SIGNALS 26 STOP (KILL) PROCESSES 27 KILLING PROCESSES • The following is the recommended procedure for ending a misbehaving process: 1. Send SIGTERM by entering kill <PID>. This is equivalent to kill -SIGTERM <PID> or kill -15 <PID>. You can use killall instead of kill and the command name of the process instead of the PID. If a process has been started from the bash shell, you can also use the job ID (such as kill %4) instead of the process number. 2. Wait a few moments for the process to be cleaned up. 3. If the process is still hung, send a SIGKILL signal by entering one of the following: - kill -SIGKILL <PID> - kill -9 <PID> You can use killall and the command name of the process instead of kill and the PID. Be careful with killall, though, as it will kill all processes by that name if there is more than one. 28 BACKGROUND PROCESSES 29 FOREGROUND/BACKGROUND 30 FOREGROUND/BACKGROUND 31 FOREGROUND/BACKGROUND 32 FOREGROUND/BACKGROUND 33 LINUX SERVICES System V versus systemd SERVICES • Background processes − System processes − Other processes • Web servers • NFS services • …. 35 SERVICES - MANAGEMENT • Services can be started, stopped − Manually − Automatically at boot time − Scheduled 36 AUTOMATIC START OF SERVICES • System V init • systemd concept 37 SYSTEM V (SYSV) • Legacy Linux (old days) • At bootup Linux reads /etc/inittab to read the default runlevel • The init process is started (PID 1) and then all the others 38 SYSTEM V • Shortcomings: • • • • 39 Services started one by one A failed service could hold up others Started services slowly Did not support dependencies SYSTEM V REPLACEMENTS • Upstart (Ubuntu employee) • Today, development has stopped • systemd • • • 40 Has become the standard Includes init system Manages devices, login, network connections and logging INIT PROCESS – SYSTEM V (LEGACY) • The first process to start after booting • PID 1 • At startup, this process goes through a number of “runlevels” (can be different between distro’s) − − − − − − − 41 0 : system halt 1 : single-user 2 : local multi-user 3 : full multi-user with networking 4 : not used 5 : full multi-user with networking and GUI 6 : shutdown and/or reboot INIT PROCESS – SYSTEM V • init process reads file /etc/inittab − Defines which scripts to run for each runlevel − Organised in subdirectories /etc/rc.d/rc.”x” • Where x = runlevel − In these directories, symbolic links exist that are numbered according to the startup priority of the corresponding script/service/application 42 INIT PROCESS - SYSTEMD • target-units provide the same functionality which the run-levels used to provide in the System V init. • To provide backward compatibility with the old System V init run-levels, the systemd uses symbolic links. − It creates a symbolic link for each run-level and maps it with the equivalent target unit 43 SYSTEMD TARGETS Target-unit description Graphical.target Multi user support and graphical environment Multi-user.target Multi User support, no graphical support Halt.target Stops the system Poweroff.target Stops the system Reboot.target Reboots the system Rescue.target Starts a single user system without network environment Default.target Not a real target but used to call the default defined target 44 SYSTEMD UNITS • system objects that store their configuration on disk as a unit file • • • • • 45 Devices Mounted Volumes Network Sockets System timers Targets SYSTEMCTL COMMAND • Manage units − systemctl list-units − systemctl list-unit-files • Manually start and stop processes/services − systemctl start − systemctl stop − systemctl status • Switching between different targets − systemctl isolate 46 SYSTEMCTL COMMAND systemctl list-unit-files –t service (filter) Enabled: starts at boot Disabled: not start at boot Static: not meant to be enabed (can be a dependency) Masked: cannot start or be enabled (unmask it to start or enable) 47 SYSTEMCTL COMMAND • systemctl list-units (-t service) • • 48 Lists units that systemd currently has in memory Units running or were running previously (failed) START/STOP SERVICES • Start a service: − sudo systemctl start application.service • Stop a service: − sudo systemctl stop application.service • Restart a service: − sudo systemctl restart application.service • Reload configuration for a service: − sudo systemctl reload application.service 49 ENABLE/DISABLE SERVICES • Enable = start automatically at boot-up − sudo systemctl enable application.service • Disable = do NOT start automatically − sudo systemctl disable application.service 50 SERVICE STATUS • Check status of a service: − systemctl status application.service • Example for nginx web server service: 51 HANDLING TARGETS • Find the default target − Systemctl get-default • Switch target − Systemctl isolate multi-user.target 52 SCHEDULING TASKS SCHEDULING TASKS • One-time tasks • • AT jobs: runs at a certain point in time batch jobs: add tasks to a queue • Recurring: cron • • user jobs system jobs • Systemd timers 54 AT-JOBS • • Atd service # at <time> Time examples: • • • • • • • 55 4:25am Midnight/noon/teat ime Now +2 hours / now +3 days 3pm tomorrow View the queue of at-jobs … End command with CTRL-D (=EOF) Remove job nr 2 BATCH JOBS • Not on a specific time • Add to a queue − Task will be executed when the average system load is below a given threshold 56 CRON • Linux daemon − Automatically started at bootup • Running commands on a pre-determined schedule − Repeating, not just once • Configuration via a crontab (“cron table”) file 57 CRON JOBS User cronjobs Specific to a user Managed by users Stored in /var/spool/cron/<user> • • • 58 System cronjobs • • • • Systemwide Managed by root Run by operating system Stored in /etc/cron.d CRONTAB • Edited via the crontab command − Notifies the cron daemon of changes − Manually editing the file doesn’t do this…. • Logging: − /var/cron/log typically − Via syslog − Can get pretty large….use logging only when necessary (troubleshooting) 59 CRONTAB • Format: minute hour day_of_month month weekday command 60 CRONTAB • Format: minute hour day_of_month month weekday command • Example 48 22 1,5,10,25,30 * * /bin/backup − Run backup command: • • • • 61 Any day of the week Any month The 1st, 5th, 10th, 25th and 30th of every month At 22h48 CRON REMARKS • Cron does not compensate for system being down − When the moment indicated in the crontab has passed while the system was down, it is not executed • Commands are executed in sh • cron.allow and cron.deny specifies users that can and can not submit crontab files 62 SYSTEMD TIMERS • Successor of cron − Comparable concept • More flexibility − Example: tasks can be started at a specific amount of time after system events • Like system start, boot, completion of previous task • Output and logging in system journal − journalctl command 63 SYSTEMD TIMER EXAMPLE • Based on service unit files in /etc/system/system directory • Example: run free command in myMonitor.service file − Does not need to be executable 64 CHECKING STATUS 65 TIMER TYPES 66 ONCALENDAR 67 WINDOWS WINDOWS SERVICES • What is it? − A program without a user interface − Background process in Linux − Can be run under different account = “service account” When changing service account, don’t forget to restart the service! − Keeps running even if you log out (not shut down!) 69 70 • • In task manager: − Svchost.exe processes − One per service − Because service is a dll − A dll can not run To find corresponding service: − Right-click process − Select “Go to Service(s)” 71 MANAGE SERVICES • Start “services.msc” 72 SERVICE PROPERTIES 73 SERVICE PROPERTIES 74 OTHER LEGIT WINDOWS PROCESSES • • • • • • • • 75 Conhost.exe Csrss.exe Explorer.exe Lsass.exe Lsm.exe Smss.exe System Winlogon.exe AUTHENTIC PROCESSES? • Some malware uses these process names to hide behind − Check process paths (most of them should reside in the Windows/System32 folder) − Check CPU usage − Memory usage − Network usage 76 PROCESS EXPLORER 77 78 WINDOWS TASK SCHEDULER WINDOWS TASK SCHEDULER • Windows 7: − Start -> All programs -> Accessories -> System tools > Task scheduler 80 WINDOWS TASK SCHEDULER • Windows 8: 81 WINDOWS TASK SCHEDULER • Windows 10: 82 WINDOWS TASK SCHEDULER 83 TASK WIZARD 84 TASK WIZARD - WEEKLY 85 TASK WIZARD - WEEKLY 86 MONTHLY 87 ACTION TO EXECUTE 88 89 SUMMARY 90

Use Quizgecko on...
Browser
Browser