FSU

Root and Administrator Tasks: Process Management

Root and Administrator Tasks: Process Management

Root and Administrator Tasks: Process Management

Root and Administrator Tasks: Process Management

Root and Administrator Tasks: Process Management

Root and Administrator Limitations: Process Management

Root and Administrator Limitations: Process Management

Privilege escalation for the privileged

sudo: pseudo su, or how to set up safer su

sudo: pseudo su, or how to set up safer su

System Load Average

``load average'' == average size of ready queue over sample period

System Load Average

Idle Time

Idle Time

$ iostat -c 1
Linux 3.13.0-37-generic (langley) 	09/28/2015 	_x86_64_	(8 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           1.49    0.00    0.28    0.07    0.00   98.16

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.88    0.00    0.13    0.00    0.00   99.00

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           1.12    0.00    0.25    0.00    0.00   98.63

Process Monitoring: ps

Process Monitoring: ps

Process Manipulation:

As a system administrator, you can adjust the priority of a process with renice:

renice +19 PID    ##  lowest priority (nice)
renice -19 PID    ## highest priority (not nice)

Example ps output from long, long ago

USER       PID %CPU %MEM   SZ  RSS TT STAT START   TIME COMMAND
-----------------------------------------------------------------------
kuncick   7467 40.1 1.3   124  364 pc D <  09:32   0:15 find / -name foo
kuncick   7419 16.6 1.3   124  364 pc D N  09:28   0:11 find ... 
kuncick   7529 39.4 1.2   100  320 pc R    09:35   0:01 find / -name foo 
kuncick   7528 35.8 1.2   112  324 pc R    09:35   0:15 find / -name foo 
root         1  0.0 0.0    52    0 ?  IW   Dec 18  0:24 /sbin/init - 
root         2  0.0 0.0     0    0 ?  D    Dec 18  0:08 pagedaemon 
root        75  0.0 0.4    48  108 ?  S    Dec 18 12:09 in.routed 
bynum     7328  0.0 0.1    48   24 pb S    09:24   0:00 rlogin

Example ps output from the more recent past

F S UID        PID  PPID  C PRI  NI ADDR SZ WCHAN  STIME TTY          TIME CMD
0 S langley   2845  2395  0  80   0 - 56972 poll_s 12:44 ?        00:00:00 /usr/lib/policykit-1-gnome/polkit-gnome-authentication-ag
0 S langley   2856     1  0  80   0 - 44576 poll_s 12:44 ?        00:00:00 /usr/lib/dconf/dconf-service
0 S langley   2865     1  0  80   0 - 13757 poll_s 12:44 ?        00:00:00 /usr/lib/x86_64-linux-gnu/gconf/gconfd-2
0 S langley   2872     1  0  80   0 - 30945 poll_s 12:44 ?        00:00:00 /usr/lib/gvfs/gvfsd-metadata

Example ps output from the more recent past

 2923 pts/0    Ss     0:00 bash XDG_CONFIG_DIRS=/etc/xdg/xdg-default:/etc/xdg CINNAMON_VERSION=2.4.8 LANG=en_US.UTF-8 DISPLAY=:0 XDG_VTNR=8 LOGNAME=langley PWD=/home/langley MANDATORY_PATH=/usr/share/gconf/default.mandatory.path GNOME_KEYRING_PID=2318 XAUTHORITY=/home/langley/.Xauthority GTK_IM_MODULE=ibus COLORTERM=gnome-terminal XDG_SESSION_ID=c1 MDM_LANG=en_US.UTF-8 DESKTOP_SESSION=default MDMSESSION=default XDG_SESSION_DESKTOP=default DEFAULTS_PATH=/usr/share/gconf/default.default.path GNOME_KEYRING_CONTROL=/run/user/1000/keyring-k1os6L USERNAME=langley WINDOWPATH=8 TEXTDOMAINDIR=/usr/share/locale/ TEXTDOMAIN=im-config GDMSESSION=default MDM_XSERVER_LOCATION=local DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-kjtCg2QJAE,guid=fa8d924c1e1f2feda030e8bf56096e84 GNOME_DESKTOP_SESSION_ID=this-is-deprecated VTE_VERSION=3409 GDM_XSERVER_LOCATION=local XDG_DATA_DIRS=/usr/share/default:/usr/share/gnome:/usr/local/share/:/usr/share/:/usr/share/mdm/ QT4_IM_MODULE=ibus CLUTTER_IM_MODULE=ibus GJS_DEBUG_TOPICS=JS ERROR;JS LOG XDG_SESSION_COOKIE=d918c2cb442f53f72de3308a549875bc-1443458692.616780-370329147 SHELL=/bin/bash QT_IM_MODULE=ibus GJS_DEBUG_OUTPUT=stderr WINDOWID=31457287 SSH_AGENT_PID=2466 SESSION_MANAGER=local/langley:@/tmp/.ICE-unix/2395,unix/langley:/tmp/.ICE-unix/2395 SSH_AUTH_SOCK=/run/user/1000/keyring-k1os6L/ssh XDG_CURRENT_DESKTOP=X-Cinnamon PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games TERM=xterm HOME=/home/langley XDG_SEAT=seat0 XMODIFIERS=@im=ibus XDG_RUNTIME_DIR=/run/user/1000 GPG_AGENT_INFO=/run/user/1000/keyring-k1os6L/gpg:0:1 USER=langley

Many more features to ps

Many more features to ps

Some favorite ps variations:

ps itself can also act a bit like pstree

$ ps f
  PID TTY      STAT   TIME COMMAND
21915 pts/1    Ss     0:00 bash
22976 pts/1    S+     0:05  \_ emacs -nw 05-rootadmins.tex
27844 pts/2    Ss     0:00      \_ /bin/bash --noediting -i
17182 pts/2    R+     0:00          \_ ps f
18985 pts/0    Ss     0:00 bash
19153 pts/0    S+     0:00  \_ ssh langley@diablo.cs.fsu.edu

Making ps ultra-flexible

If you need to tailor ps output to arbitrary columns, you can use the -o option to specify exactly which columns you would like to display, and -k option to specify order:
$ ps k pid o pid,comm
  PID COMMAND
18985 bash
19153 ssh
21915 bash
22976 emacs
24527 ps
27844 bash

Making ps ultra-flexible

$ ps k comm o pid,comm
  PID COMMAND
18985 bash
21915 bash
27844 bash
22976 emacs
24729 ps
19153 ssh

Other process viewing tools

top example

[root@smtpin MailScanner]# top -b -n 1
top - 07:09:25 up 42 days, 20:18,  2 users,  load average: 1.34, 1.56, 1.79
Tasks: 166 total,   1 running, 165 sleeping,   0 stopped,   0 zombie
Cpu(s): 12.7% us,  1.6% sy,  0.0% ni, 84.3% id,  1.3% wa,  0.0% hi,  0.0% si
Mem:   4149124k total,  3794188k used,   354936k free,   202476k buffers
Swap:  4192956k total,     4960k used,  4187996k free,  2677940k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 5675 root      15   0 68888  58m 2788 S    4  1.4   0:03.08 MailScanner
 5686 root      15   0  3520  900  676 R    2  0.0   0:00.01 top
26663 root      16   0 38616  29m 3464 S    2  0.7   0:29.90 MailScanner
    1 root      16   0  1980  548  468 S    0  0.0   0:45.81 init

pstree example

init-+-MailScanner
     |-MailScanner-+-16*[MailScanner]
     |             `-4*[MailScanner---MailScanner]
     +-acpid
     +-atd
     +-clamd
     +-crond
     +-cups-config-dae
     +-cupsd

The future?

Administrators, by definition, have much more access to systems than ordinary users — this came into the public's consciousness most strongly recently with the Snowden situation

Permissions have not generally been enforced for privileged processes. However, with systems such as capabilities(7) SeLinux and TOMOYO, we are now seeing enforcement of security policies even for privileged processes -- this can be disconcerting to system administrators who are used to privileged processes having free rein.