Monthly Archives: December 2016

Parent and Child Processes

Leave a reply

Processes have strange terminology, we can talk about a parent and child process and isn’t that weird? We’re talking about processes, not cats!

A process can start another process. Your bash shell starts another process anytime you run a command. Your command was started by that bash process. That bash shell is the parent process to any process you create. And any process you create is the child process of that bash shell.

I keep typing process over and over. So I just have to say…

…process.

Anyway, processes start processes and are started by processes. The great granddaddy of all processes is called the init process. Your init process has the processes id of 1 since it’s the first thing started when a system boots up and all processes are the child (or grandchild or great grand child or… you get the idea) of that process.

ps, that very useful command, has a combination of flags that lets us see parent and child relationships.

Alpha:~ computerlamp$ ps fa
  PID TTY      STAT   TIME COMMAND
 9767 pts/2    Ss     0:00 -bash
 9775 pts/2    R+     0:00  \_ ps fa

You can see where bash started the command ps fa. For another layer, I typed bash then I did ps fa again.

Alpha:~ computerlamp$ bash
Alpha:~ computerlamp$ ps fa
 PID TTY      STAT   TIME COMMAND
 9767 pts/2    Ss     0:00 -bash
11442 pts/2    S      0:00  \_ bash
11511 pts/2    R+     0:00      \_ ps fa

The bash shell is the parent of the bash shell which is the parent of the ps fa command.

Another way to do this is with ps -ejH. This time, the results look different.

Alpha:~ computerlamp$ ps -ejH
  PID  PGID   SID TTY          TIME CMD
 9767  9767  9767 pts/2    00:00:00 bash
12398 12398  9767 pts/2    00:00:00   ps

It does the same thing, but this version doesn’t have the lines that the first version does.

And in conclusion, process!

 

ps and flags

Leave a reply

Last post we introduced ps, this post we’ll talk about ps and flags. So, brief recap:

Alpha:~ computerlamp$ ps
  PID TTY          TIME CMD
17245 pts/2    00:00:00 bash
17248 pts/2    00:00:00 ps

Tada! ps with no flags.

Let’s start with a simple flag, x. In the first example, we saw every command that has a tty, or a direct connection to a terminal. That’s the default action of ps. What if we want to see every thing even if it doesn’t have a terminal?

Alpha:~ computerlamp$ ps x
12779 pts/2    R+     0:00 ps x
17245 pts/2    Ss     0:00 -bash

Well, that isn’t any different from the first time around, except now I see that I ran ps with a flag.

But wait, something is weird here. Since we started talking about flags, they’ve always started with a aka a dash or a hyphen. That time, I didn’t use one. ps is an interesting command, it has three kinds of flags you can use. From the man page:

      This version of ps accepts several kinds of options:
       1   UNIX options, which may be grouped and must be preceded by a dash.
       2   BSD options, which may be grouped and must not be used with a dash.
       3   GNU long options, which are preceded by two dashes.

This means that there are flags that begin with a dash, flag that don’t begin with a dash and flags that have two dashes. If you use the kind without a dash then you can’t use the kind with a dash. It also means that ps -a and ps a are two different commands. See?

Alpha:~ computerlamp$ ps -a
  PID TTY          TIME CMD
12825 pts/2    00:00:00 ps
Alpha:~ computerlamp$ ps a
  PID TTY      STAT   TIME COMMAND
12832 pts/2    R+     0:00 ps a
13451 pts/2    Ss     0:00 -bash

And isn’t that confusing? It feels like Dr. Strange wandered in and the world went weird.

Next post, we’ll talk about processes again.  Understanding processes is key to understanding ps.

Processes and Running Things

Leave a reply

In one of my first posts I talked about this thing called a process. It happens when you run any program on a Linux® system, you create a process. If these things are running, how do I see them? Well, Linux&reg keeps them a table called a process table. We can see them with the command ps. You run it like:

Alpha:~ computerlamp$ ps

The output is kind of boring. It looks like:

  PID TTY          TIME CMD
17245 pts/2    00:00:00 bash
17248 pts/2    00:00:00 ps

It is just the processes that I’m currently running. bash is a shell and that is a program that gives me my command lines. We’ve been using it all along. There’s many kinds of shells, bash is one of the most common. It stands for Bourne Again Shell and was called that because it was a written as a replacement for a Bourne Shell. Wikipedia says it was first released in 1989. It’s been around a long time and it’s the standard command line interface on most Linux® systems.

The second command is the ps that we ran to get that command. If we had used any flags with ps, we would see those too.

The first column is the process id. Remember, Linux® understands numbers better than strings, so every process gets a number. It uses that id to refer to the process.

The second column is the tty. That stands for teletypewriter, a very very old device. According to Wikipedia it’s a typewriter that can be used to send messages to another typewriter. How’s that for very old school? Linux® took that history and made a tty mean terminal or output device. It’s the output device that that command is hooked up to.

ps is a command with many flags. Many MANY flags. We’ll talk about those in more posts.

Permissions or How to Hide Things

Leave a reply

I promised in the last post that I’d tell you how to fix that little problem where Hydra can see in the Insight directory, also known as a permissions problem. We call that a big ‘oops’ because we don’t want them to see anything in there.

The Insight directory looked like:

drwxr-xr-x  2 computerlamp  shield  68 Nov 13 09:56 Insight/

Our problem has two parts that we need to fix. First, the group permissions on this directory don’t let the shield group write to it. Secondly, the world (that is, anyone!) can see in the directory. Let’s start with the first problem. We want shield to be able to write in that directory.

The command we’re going to use is called chmod. So I want the group permissions to look like rwx. I can do this:

Alpha:~ computerlamp$ chmod g=rwx Insight

That means change the permissions on Insight for the group to read, write and execute. Check out the results in ls -l:

drwxrwxr-x  2 computerlamp  shield  68 Nov 13 09:56 Insight/

I’m halfway there. I want the last three letters, those things that are currently r-x to be . The chmod command for that looks like:

Alpha:~ computerlamp$ chmod o=--- Insight

We’ve done it! Hydra is prevented from seeing in the Insight directory.  We fixed our permissions problem.

drwxrwx---  2 computerlamp  shield  68 Nov 13 09:56 Insight/

Then we have the horrible moment when S.H.I.E.L.D. fell and we discovered that Hydra was part of S.H.I.E.L.D. all along. This means we need to remove that group access from Project Insight, though it’s probably a little late. But we do what we can, which includes blowing up helicarriers. The command to remove all access from the group is:

Alpha:~ computerlamp$ chmod g=--- Insight

Checking things out with ls -l again, we see:

drwx------  2 computerlamp  shield  68 Nov 13 09:56 Insight/

Which means that only I can read what’s in that directory, write to it, or make anything run.