How to Manage Processes from the Linux Terminal : Commands You Need to Know


The top command is the traditional way to view your system’s resource usage and see the processes that are taking up the most system resources. Top displays a list of processes, with the ones using the most CPU at the top.

To exit top or htop, use the Ctrl-C keyboard shortcut. This keyboard shortcut usually kills the currently running process in the terminal.


The htop command is an improved top. It’s not installed by default on most Linux distributions — here’s the command you’ll need to install it on Centos:

root@justgeek~]# Yum Install htop

htop displays the same information with an easier-to-understand layout. It also lets you select processes with the arrow keys and perform actions, such as killing them or changing their priority, with the F keys.


The ps command lists running processes. The following command lists all processes running on your system:

root@justgeek~]# ps -A

Press q to exit when you’re done.

You could also pipe the output through grep to search for a specific process without using any other commands. The following command would search for the Firefox process:

You could also pipe the output through grep to search for a specific process without using any other commands. The following command would search for the Firefox process:

root@justgeek~]# ps -A | grep sshd


The pstree command is another way of visualizing processes. It displays them in tree format. So, for example, your X server and graphical environment would appear under the display manager that spawned them.


The kill command can kill a process, given its process ID. You can get this information from theps -A, top or pgrep commands.

root@justgeek~]# kill -9 PID

Technically speaking, the kill command can send any signal to a process. You can use kill -KILLor kill -9 instead to kill a stubborn process.


Given a search term, pgrep returns the process IDs that match it. For example, you could use the following command to find Firefox’s PID:

root@justgeek~]# pgrep sshd

To kill the particular process you can also use

<pre>root@justgeek~]# kill -9  $(pgrep sshd)</pre>

pkill & killall

The pkill and killall commands can kill a process, given its name. Use either command to kill Firefox:

root@justgeek~]# pkill firefox
root@justgeek~]# killall firefox


The renice command changes the nice value of an already running process. The nice value determines what priority the process runs with. A value of -19 is very high priority, while a value of 19 is very low priority. A value of 0 is the default priority.

The renice command requires a process’s PID. The following command makes a process run with very low priority:

root@justgeek~]# renice 19 PID



Read More

6 Stages of Linux Boot Process (Startup Sequence)

Press the power button on your system, and after few moments you see the Linux login prompt. Have you ever wondered what happens behind the scenes from the time you press the power button until the Linux login prompt appears?

The following are the 6 high level stages of a typical Linux boot process.




  • BIOS stands for Basic Input/Output System
  • Performs some system integrity checks
  • Searches, loads, and executes the boot loader program.
  • It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.
  • Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.
  • So, in simple terms BIOS loads and executes the MBR boot loader.

2. MBR

  • MBR stands for Master Boot Record.
  • It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda
  • MBR is less than 512 bytes in size. This has three components 1) primary boot loader info in 1st 446 bytes 2) partition table info in next 64 bytes 3) mbr validation check in last 2 bytes.
  • It contains information about GRUB (or LILO in old systems).
  • So, in simple terms MBR loads and executes the GRUB boot loader.


  • GRUB stands for Grand Unified Bootloader.
  • If you have multiple kernel images installed on your system, you can choose which one to be executed.
  • GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.
  • GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).
  • Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is sample grub.conf of CentOS.
title CentOS (2.6.18-194.el5PAE)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
initrd /boot/initrd-2.6.18-194.el5PAE.img

As you notice from the above info, it contains kernel and initrd image.
So, in simple terms GRUB just loads and executes Kernel and initrd images.

4. Kernel

  • Mounts the root file system as specified in the “root=” in grub.conf
  • Kernel executes the /sbin/init program
  • Since init was the 1st program to be executed by Linux Kernel, it has the process id (PID) of 1. Do a ‘ps -ef | grep init’ and check the pid.
  • initrd stands for Initial RAM Disk.
  • initrd is used by kernel as temporary root file system until kernel is booted and the real root file system is mounted. It also contains necessary drivers compiled inside, which helps it to access the hard drive partitions, and other hardware.

5. Init

Looks at the /etc/inittab file to decide the Linux run level.

Following are the available run levels

0 – halt
1 – Single user mode
2 – Multiuser, without NFS
3 – Full multiuser mode
4 – unused
5 – X11
6 – reboot

  • Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.
  • Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level
  • If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.
    Typically you would set the default run level to either 3 or 5.

6. Runlevel programs

When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.

Depending on your default init level setting, the system will execute the programs from one of the following directories.

Run level 0 – /etc/rc.d/rc0.d/
Run level 1 – /etc/rc.d/rc1.d/
Run level 2 – /etc/rc.d/rc2.d/
Run level 3 – /etc/rc.d/rc3.d/
Run level 4 – /etc/rc.d/rc4.d/
Run level 5 – /etc/rc.d/rc5.d/
Run level 6 – /etc/rc.d/rc6.d/

  • Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.
  • Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.
  • Programs starts with S are used during startup. S for startup.
  • Programs starts with K are used during shutdown. K for kill.
  • There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.
  • For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.

There you have it. That is what happens during the Linux boot process.



Read More

Check Memory Usage in Linux

Linux comes with different set of commands to check memory usage. The free command displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel. The vmstat command reports information about processes, memory, paging, block IO, traps, and cpu activity. Finally, you can use the top, and/or atop/htop commands which provides a dynamic real-time view of a running system. top and friends can display system summary information as well as a list of tasks currently being managed by the Linux kernel.


The /proc/meminfo file stores statistics about memory usage on the Linux based system. The same file is used by free and other utilities to report the amount of free and used memory (both physical and swap) on the system as well as the shared memory and buffers used by the kernel.


root@justgeek~]# egrep --color 'Mem|Cache|Swap' /proc/meminfo
MemTotal: 5968036 kB
MemFree: 827692 kB
Cached: 3173028 kB
SwapCached: 119504 kB
SwapTotal: 8388604 kB
SwapFree: 7913900 kB

free command

By default free command shows values in KB. To display free memory size in MB (megabytes):

root@justgeek~]# free -m
total used free shared buffers cached
Mem: 5828 4958 869 1 320 3124
-/+ buffers/cache: 1513 4314
Swap: 8191 463 7728

So how much free ram I have?

Type the following command:

root@justgeek~]# free -m

Sample Output:


In this above output, my server has used 2825 MB ram, and 9083 MB is available for other users and programs.

A list of free command options

-b,-k,-m,-g show output in bytes, KB, MB, or GB
-l show detailed low and high memory statistics
-o use old format (no -/+buffers/cache line)
-t display total for RAM + swap
-s update every [delay] seconds
-c update [count] times


Read More