🏠 Back to Blog
- A running program
- Executable binary (ELF File)
- A set of data structures in the kernel
- This is the process itself
- Helps the kernel keep track of resources used by the process (open files, mmap, etc.)
- Unit to which the kernel allocates resources
- Parts of a process:
- PID
- PPID
- Open files
- Array of file descriptors in task struct (0 is stdin, 1 is stdout, 2 is stderr, and so on…)
- TTY (pseudo tty nowadays)
- UID (a signed integer)
- a process can change its UID by using setuid
- GUID (a signed integer)
- Priority (can be set with nice value (renice for already running processes))
- limits (rlimit)
- timestamps / counters
- processes are defined as task_struct in sched.h of the source
- What can you do with a process?
- Create
- Send a signal (kill)
- Get information about (ps, pidof, etc.)
- Heap grows up
- Stack grows down
- Data section for initialized variables and data
malloc to allocate memory on the heapfree to free memory from the heap- You can see the mmap of a running process using
pmap <pid>
- rlimits or ulimits (shell)
getrlimit() or setrlimit()ulimit -a to view limits- Use to control users, processes
- Usage is not common these days
- Default limits exist
- stored in
/etc/security/limits.conf
- Set nice value with
nice command
- nice() system call
- a regular user can only increase the nice value (decreasing its priority)
- in all cases, higher number means lower priority
top and ps -eo can be used to view the nice value- Default value for nice is 0
- How processes talk to each other
- Also available but used left often, FIFO, semaphores, shared memory
- Sockets, pipes, signals
- Pipes exist entirely in memory, no files or disk IO are involved
- Pipes can only exist between members of the same family in the process tree
- If you want a pipe between processes that are not in the same process family tree, you can use FIFO, which are a file on the disk
mkfifo
- View all signals with the
kill command