Skip to main content
HashnodeAman Pathak

Command Palette

Search for a command to run...

Mastering System Internals: Processes, Resources, and Permissions

Updated
7 min read
A
Aman Vajradev Pathak

I am a Student, who finds beauty in simple things. I like to teach sometimes.

Part of seriesAll about computers

Understanding and managing a Linux system requires familiarity with its core components: how processes operate, how resources are consumed, and how user privileges are structured. This document provides a technical overview of essential commands and concepts for effective system administration.

Process and System Monitoring

System administrators frequently need to inspect and control running processes and monitor resource utilization. Several command-line utilities facilitate these tasks.

Viewing Running Processes: top, htop, ps

The ps (process status) command provides a snapshot of the currently running processes. Its output is highly customizable. For instance, ps aux displays all processes (a) including those without a controlling terminal (x) in a user-oriented format (u). The output typically includes the User ID (UID), Process ID (PID), parent PID (PPID), CPU utilization, memory usage, start time, and the command that initiated the process.

Bash

ps aux
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root           1  0.0  0.1 169324 13188 ?        Ss   May16   0:02 /sbin/init
root           2  0.0  0.0      0     0 ?        S    May16   0:00 [kthreadd]
user1       1234  0.5  2.3 123456 45678 ?        Sl   10:30   0:05 /usr/bin/example-app

For a dynamic, real-time view of system processes, top is the traditional utility. It displays a continuously updated list of processes, ordered by CPU usage by default. top also provides a summary of system state, including uptime, load average, task counts (total, running, sleeping, stopped, zombie), CPU states (user, system, nice, idle, wait, hardware interrupt, software interrupt, steal time), and memory/swap usage. Users can interact with top using single-key commands to sort processes, kill processes, or change display options.

htop is an interactive process viewer and system monitor that offers a more user-friendly interface compared to top. It presents a colorized display, allows scrolling through the process list vertically and horizontally, and enables actions like killing or renicing processes directly from the interface using function keys or mouse clicks (if supported by the terminal). htop also provides a clearer visual representation of CPU and memory usage, often including per-CPU core utilization graphs.

Killing or Pausing Tasks

To terminate a process, the kill command is used. It sends a signal to a specified process ID (PID). The most common signals are SIGTERM (15), which requests a graceful shutdown, and SIGKILL (9), which forces immediate termination.

Bash

kill 1234       # Sends SIGTERM to PID 1234
kill -9 1234    # Sends SIGKILL to PID 1234
kill -s SIGKILL 1234 # Alternative syntax for SIGKILL

The pkill command can terminate processes based on name or other attributes. For example, pkill example-app would send SIGTERM to all processes whose names match "example-app".

To pause a process (suspend its execution), the SIGSTOP signal is used. The SIGCONT signal resumes a stopped process.

Bash

kill -STOP 1234   # Pauses PID 1234
kill -CONT 1234  # Resumes PID 1234

Alternatively, while a process is running in the foreground of a terminal, Ctrl+Z will send SIGTSTP (a terminal stop signal, similar to SIGSTOP but can be ignored by the process) to pause it. The fg command resumes it in the foreground, and bg resumes it in the background.

Checking System Resources: free, df, du

The free command displays the amount of free and used physical memory (RAM) and swap space on the system. Options like -h (human-readable), -m (megabytes), or -g (gigabytes) format the output for easier interpretation.

Bash

free -h
              total        used        free      shared  buff/cache   available
Mem:           7.7Gi       3.1Gi       1.2Gi       215Mi       3.4Gi       4.2Gi
Swap:          2.0Gi       512Mi       1.5Gi

The "buff/cache" column represents memory used by the kernel for buffers and page cache. The "available" column provides an estimate of memory available for starting new applications without swapping.

To check disk space usage, the df (disk free) command is employed. df -h shows disk space usage for all mounted filesystems in a human-readable format. It lists the filesystem, its total size, used space, available space, percentage used, and mount point.

Bash

df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1        50G   20G   28G  42% /
tmpfs           3.9G     0  3.9G   0% /dev/shm
/dev/sdb1       100G   50G   50G  50% /mnt/data

The du (disk usage) command estimates file and directory space usage. du -sh /path/to/directory will display the total size of the specified directory in a human-readable format (-s for summary, -h for human-readable). Without -s, du lists the sizes of subdirectories.

Bash

du -sh /var/log
1.2G    /var/log

Users and Permissions

Linux is a multi-user operating system, and managing users and their permissions is fundamental to system security and organization.

Root vs. Regular User

The root user (also known as the superuser) has unrestricted access to the entire system. It can perform any operation, including modifying system files, managing users, and controlling hardware. The root user has a User ID (UID) of 0. Operating as root continuously is generally discouraged due to the risk of accidental damage or security vulnerabilities if compromised.

A regular user has limited privileges. Regular users can typically only modify files within their own home directory and execute commands for which they have explicit permission. This constrained environment enhances system security by preventing unintentional system-wide changes.

Groups and User Roles

Users in Linux can be members of one or more groups. Groups provide a mechanism for organizing users and managing permissions collectively. For example, files or directories can have permissions set for a specific group, allowing all members of that group to access them according to those permissions, without granting access to all users on the system.

Primary group: Each user has a primary group, usually assigned when the user account is created. Files created by the user will, by default, belong to this group.

Supplementary groups: Users can also be members of additional (supplementary) groups, granting them privileges associated with those groups.

Commands like groups <username> list the groups a user belongs to. The /etc/group file contains information about all defined groups on the system.

User roles are often implemented through group memberships. For instance, a developers group might have write access to specific source code repositories, while a webadmins group might have permissions to manage web server configuration files.

Sudo and Administrative Privileges

sudo (superuser do) is a command that allows permitted users to execute a command as the superuser or another user, as specified by the security1 policy (typically configured in the /etc/sudoers file). When a user prepends sudo to a command, they are prompted for their own password. If authenticated and authorized by the sudoers policy, the command is executed with elevated privileges.

The sudoers file defines which users or groups can run which commands, on which hosts, and as which users. It supports fine-grained control over administrative privileges. Editing this file should always be done using the visudo command, which locks the sudoers file and checks for syntax errors before saving, preventing lockout situations.

Example /etc/sudoers entry:

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow user 'jdoe' to run the 'apt update' command
jdoe    ALL=(ALL) /usr/bin/apt update

Alternatives to Sudo (doas, sudo-rs)

While sudo is widely adopted, alternatives exist, often with a focus on simplicity or security.

doas (do as) is a utility originating from OpenBSD. It aims to be a simpler and more lightweight alternative to sudo. Its configuration file, doas.conf (typically in /etc/doas.conf), is known for its straightforward syntax.

Example doas.conf entry:

permit nopass userx as root cmd /sbin/reboot
permit :wheel

The first line allows userx to run /sbin/reboot as root without a password. The second line permits all users in the wheel group to execute commands as root (they will be prompted for their password).

sudo-rs is a more recent project, written in Rust, with a focus on memory safety and security. It aims to be a drop-in replacement for sudo in many common use cases while providing a more secure implementation due to Rust's language features that prevent common vulnerabilities like buffer overflows. It also reads the standard /etc/sudoers file. The primary motivation behind sudo-rs is to reduce the attack surface associated with a setuid root binary like sudo.

The choice between sudo and its alternatives often depends on specific security requirements, desired configuration complexity, and system philosophy.

Comments

Join the discussion

No comments yet. Be the first to comment.

All about computers

Part 15 of 26

A step-by-step series for absolute beginners to learn how computers work, how to install and use an operating system, and how to start programming.

Up next

Users and Permissions in Unix-like Systems

In Unix-like operating systems, the management of users and their permissions is a fundamental aspect of system security and administration. This structure dictates who can access what resources and what actions they can perform. The Root User Versus...

More from this blog

Aman Pathak

58 posts

Things I would speak if the person in front of me is me