Special File Types   «Prev  Next»
Lesson 1

What are Unix Processes

Let us change our focus from the way UNIX handles files and devices to the way UNIX handles running programs, also known as  processes.
By the end of this module, you will be able to:
  1. Define what a process is
  2. Identify the various types of processes you may encounter on a UNIX system
  3. Know the basic process attributes and their role in access control
  4. Understand how new processes come into being
  5. Determine related families of processes
  6. Create, schedule, and run a periodic process

Unix Processes

On Unix, if you are not working on or with files, you are probably working with processes. A process, simply put, is a program running on the system. More precisely, it is an instance of a running program. That is, each time you or someone else using the system runs that program, another process is created.
In many ways, processes are similar to files: Every process is owned by a user, every process has a name, and every process has a number. Processes are owned by the user who ran the program, although suid programs are owned by the setuid file's owner. The name of a process is always the name of the command that the system is executing. Processes also have a size, although this is space in memory, whereas files occupy space on disk. The system provides the process number. The first process, which controls the execution of all other processes, is init. The process ID (also known as the PID) for init is always 1[1] .

Process Numbers

Process numbers don’t just go up and up forever; they’re generally of a fixed length, usually 15 bits. (A 15-bit number is a two-byte number with one of those bits reserved to indicate whether that number is positive or negative.) Some systems have PIDs of 16 bits or more, but there are always a fixed number of possible processes.The reason for this is simply that when a program is written, a fixed amount of space must be allocated for process numbers, and that number must be the same throughout any given system. Process IDs are doled out sequentially: after process 15321 is created, the next process is always 15322, even if process 15320 is no longer running. After the top process number has been used, the system rolls back to the bottom and then starts handing out process numbers all over again. If a given process is still running, the system skips that one and moves on to the next, not returning again until it has reached the top.
Each process has a parent process, much as each file is within a directory.The consequence of this is that the list of processes on a system can be thought of much like a directory structure. init creates several other processes. Each of these can parent many more processes, each of which can in turn also create any number of processes.

How does Unix run Programs?

To execute a program, you only need to type its name. You may need to type ./ before the name.
Ctrl c - This command will cancel a program that is running or will not automatically quit.
It will return you to the command line after execution so you can run additional programs.

Life Cycle of Process

A new process is created in the following manner. An existing process makes an exact copy of itself, a procedure known as forking. The new process, called the child process, has the same environment as its parent process, although it is assigned a different process ID. This image in the child process's address space is overwritten by the one the child will run. This is done via the exec system call. Hence, the often-used phrase fork-and-exec. The new program (or command) completely replaces the one duplicated from the parent. However, the environment of the parent still remains, including the values of environment variables; the assignments of standard input, standard output, and standard error; and its execution priority.
What happens when a user runs a command like grep? First, the user's shell process forks, creating a new shell process to run the command. Then, the new shell process execs grep, which overlays the shell's executable image in memory with grep's, which begins executing. When the grep command finishes, the process dies.
This is the way that all Unix processes are created. The ultimate ancestor for every process on a Unix system is the process with PID 1, init, created during the boot process . init creates many other processes (all by fork-and-exec). Among them are usually one or more executing the getty[2] program. The gettys are each assigned to a different serial line and display the login prompt and wait for someone to respond to it. When someone does, the getty process execs the login program, which validates user logins, among other activities.
Once the username and password are verified, login execs the user's shell. Forking is not always required to run a new program, and login does not fork in this case. After logging in, the user's shell is the same process as the getty that was watching the unused serial line. That process changed programs twice by execing a new executable, and it will go on to create new processes to execute the commands that the user types. Figure5-1 illustrates Unix process creation in the context of initial user login.
Unix process creation: fork and exec
Figure 5-1. Unix process creation: fork and exec

When any process exits, it sends a signal to inform its parent process that is has completed. When a user logs out, her login shell sends a signal to its parent, init, as it dies, letting init know that it is time to create a new getty process for the terminal. init forks again and starts the getty, and the whole cycle repeats itself again and again as different users use that terminal.

[1] PID: Most programming languages have an array initialized to counting with 0 and the system administrator's UID is always zero. Sometimes, however, they seem to forget to begin at 0 and begin counting at 1, like everyone else. When people say that Unix is inconsistent, they often are thinking about things like this or about the different arguments taken by commands.To me, though, this is part of what makes Unix more like a human language: It’s as though there are different verb endings and different sentence constructions. Unix comes from many sources, like a language, and there was simply some natural variation in those sources.
[2]fork: The fork process is the mechanism by which the system starts a new process, waits for it to finish, then generates a new output prompt and waits for the next command.
[3]exec system call:The exec system call is used to execute a file which is residing in an active process. When exec is called the previous executable file is replaced and new file is executed.
[4]getty program: A program that presents the login prompt and passes the user name to the authentication routines.

SEMrush Software1