ac_dispatcher Posted August 19, 2004 Report Share Posted August 19, 2004 (edited) (Edit to add Warning from bvc and notes from sellis) Ever look at your directory tree and wonder - What is that /proc directory for? Well have a seat and get ready for "/proc for beginners". First what is the /proc? The /proc or "processes" directory describes currently running processes. They provide views into a running kernel and have special properties. Almost all these files appear to be 0 (zero) in size: $ ls -l /proc/version -r--r--r-- 1 root root 0 Aug 19 06:34 /proc/version But when you read the file it has data!! $ cat /proc/version Linux version 2.6.8-gentoo (root@arora) (gcc version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6)) #1 Mon Aug 16 04:58:37 EDT 2004 Wow a zero byte file having data. No two computers /proc directories are the same. Everything in the directory is made at boot up and continues on the fly as you use your Linux system. Ever boot to a "live" cd and check out your /proc directory of you hard drive installed Linux system? It will be empty(in a pure udev system). Thats why you never back up your /proc directory. Now you can find out some good info from your /dev directory but you can find out EVEN MORE WITH /proc. Some processes are so important they have their own directory - /proc/pci > this is its own directory that has all info on devices connected to the PCI bus. I have a Laptop running acpi so I have - /proc/acpi Now finding out data on your system requires the cat. What a cat you say? well not the purrr type of cat, the command cat! The cat command views files in their entirety. open a terminal (konsole, gnome-terminal, Eterm) any one will do. type: $ cat /etc/fstab Did you get the whole file listed? OK lets use it in the /proc directory- I want to know about my cpu so- $ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name : Intel(R) Pentium(R) 4 CPU 2.40GHz stepping : 7 cpu MHz : 2400.426 cache size : 512 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe cid bogomips : 4751.36 WARNING cat'ing /proc/sys/ especially /proc/sys/kernel can lock your computer up. Be carefull (ref: bvc) By now you probably have seen all those directories with numbers right? What are they? They are your currently running processes on your system. Have you ever used the program "top"? Its something like a Window$ task manager. Go back to your terminal program and type top - $top top - 07:32:02 up 45 min, 3 users, load average: 1.36, 2.06, 1.88 Tasks: 112 total, 1 running, 111 sleeping, 0 stopped, 0 zombie Cpu(s): 52.6% us, 13.7% sy, 0.2% ni, 27.4% id, 5.7% wa, 0.4% hi, 0.0% si Mem: 512176k total, 448880k used, 63296k free, 34196k buffers Swap: 578332k total, 8k used, 578324k free, 234888k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 2052 acdispat 15 0 36884 22m 20m S 2.0 4.5 0:24.70 python 1 root 16 0 1348 484 1192 S 0.0 0.1 0:04.07 init 2 root 34 19 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/0 3 root 5 -10 0 0 0 S 0.0 0.0 0:00.09 events/0 4 root 14 -10 0 0 0 S 0.0 0.0 0:00.00 khelper 5 root 5 -10 0 0 0 S 0.0 0.0 0:02.37 kacpid 24 root 5 -10 0 0 0 S 0.0 0.0 0:00.17 kblockd/0 25 root 15 0 0 0 0 S 0.0 0.0 0:00.03 khubd 45 root 15 0 0 0 0 S 0.0 0.0 0:00.00 pdflush 46 root 15 0 0 0 0 S 0.0 0.0 0:00.46 pdflush 48 root 6 -10 0 0 0 S 0.0 0.0 0:00.00 aio/0 47 root 15 0 0 0 0 S 0.0 0.0 0:00.23 kswapd0 49 root 15 0 0 0 0 S 0.0 0.0 0:00.00 cifsoplockd 50 root 16 0 0 0 0 S 0.0 0.0 0:00.00 jfsIO 51 root 16 0 0 0 0 S 0.0 0.0 0:00.00 jfsCommit 52 root 16 0 0 0 0 S 0.0 0.0 0:00.00 jfsSync >>CTRL+Z will stop top, but does not actually kill it. Pressing q (for quit) will kill it properly. Also: The top command also only shows the most active processes. To list all the processes currently running, use ps -A (ref: sellis) See those "PID" numbers? those are the processes found in the /proc directory. Last note before I let you explore your system. Do you see a /proc/kcore ? How big is it? Mine says 510mb. What is it? Well this file is unusually sensitive. Its set as owned by root with 400 permissions (read only for root, no access for others) Even root can not change the permissions! Now why on mine does it say 510mb? Well the size of kcore is dependent on the amount of ram you have. the file is usually 60KB less than your ram (sometimes more). Why is it so secure? It contains all your data - passwords, sensitive data files, and more. If an unauthorized person were to gain access your data would not be safe. Now go out and explore /proc Note: Mods/Admins I placed this in Everything Linux, not sure if its the best place or not. Move as you see fit. Edited October 17, 2004 by ac_dispatcher Quote Link to comment Share on other sites More sharing options...
spinynorman Posted August 19, 2004 Report Share Posted August 19, 2004 Thanks, ac. I've moved it to Tips & Tricks. :) Quote Link to comment Share on other sites More sharing options...
Jet2k5 Posted October 3, 2004 Report Share Posted October 3, 2004 yeah nicely done -Luis Quote Link to comment Share on other sites More sharing options...
bvc Posted October 3, 2004 Report Share Posted October 3, 2004 Just want to give a WARNING! Becareful in /proc/sys/ especially /proc/sys/kernel I've locked the puter a few times cat'n stuff in there :unsure: Quote Link to comment Share on other sites More sharing options...
Guest z-vet Posted October 6, 2004 Report Share Posted October 6, 2004 Thanks, it added me a little more knowledge about my system. :) Quote Link to comment Share on other sites More sharing options...
mtaylor57 Posted October 7, 2004 Report Share Posted October 7, 2004 Good info. I've often wondered what /proc was (I knew it meant processes), but never explored it. This little tip helped out a bunch. Quote Link to comment Share on other sites More sharing options...
sellis Posted October 7, 2004 Report Share Posted October 7, 2004 Quick correction - CTRL+Z will stop top, but does not actually kill it. Pressing q (for quit) will kill it properly. The top command also only shows the most active processes. To list all the processes currently running, use ps -A Quote Link to comment Share on other sites More sharing options...
ac_dispatcher Posted October 17, 2004 Author Report Share Posted October 17, 2004 Thanks sellis Updated Thread source Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.