the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work;
   moral rights retained by the original author(s) and/or performer(s);
   publicity and privacy rights pertaining to a person's image or likeness depicted in a Work;
   rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below;
   rights protecting the extraction, dissemination, use and reuse of data in a Work;
   database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and
   other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof.

   No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.
   Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law.
   Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
   Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work.

Linux processes and services

Linux processes and services are essential components of the operating system that help manage the execution of tasks and the availability of system resources.

Understanding processes

In Linux, a process is an instance of a running program or application. Each process has a unique Process ID (PID) and is managed by the operating system. Understanding processes can help you monitor and manage your system effectively, optimize performance, and troubleshoot issues.

'Process States:

Processes can have different states, which indicate their current status in the system:

Running: The process is either executing on the CPU or waiting for its turn to execute.

Sleeping: The process is waiting for an event to occur, such as user input or the completion of another process.

Stopped: The process has been paused, usually by a user command or a debugger.

Zombie: The process has terminated, but its entry still exists in the process table to provide its exit status to its parent process.

Process Hierarchy:

Processes in Linux have a hierarchical relationship, with parent and child processes. When a process creates another process, the original process is the parent, and the new process is the child. The parent process typically waits for the child process to complete before resuming execution. The first process in the hierarchy is the "init" process, which has a PID of 1 and is responsible for starting other processes during system boot.

Process Attributes:

Each process has a set of attributes associated with it, including:

• Process ID (PID): A unique identifier for the process.
• Parent Process ID (PPID): The PID of the process's parent.
• User ID (UID): The user who owns the process.
• Group ID (GID): The group to which the user belongs.
• Nice value: A priority value that affects the process's scheduling priority. Lower nice values correspond to higher priority.
• Environment variables: A set of key-value pairs that provide configuration information to the process.

Process management commands (ps, top, htop, kill)

1. ps:

The ps command displays information about currently running processes. By default, it shows processes associated with the current terminal session. The command has various options to filter and format the output.

Examples:

• ps: Lists processes running in the current terminal session.
• ps -e: Lists all processes running on the system.
• ps -u <username>: Lists processes owned by a specific user.
• ps -ef: Provides a detailed, full-format listing of all processes.
• ps -ef | grep <process_name>: Searches for processes with a specific name.

2. top:

top is a real-time, dynamic process monitoring tool that provides an overview of system performance, resource usage, and process information. It displays a live, scrolling list of processes, sorted by their CPU usage.

Examples:

• top: Starts the top command with default settings.
• Press u and enter a username to filter processes by a specific user.
• Press M to sort processes by memory usage.
• Press P to sort processes by CPU usage.
• Press k followed by the PID to send a signal (e.g., SIGTERM) to a process.

3. htop:

htop is an enhanced version of top, providing a more user-friendly interface and additional features, such as process tree view, easier navigation, and color-coding. It needs to be installed separately on some systems.

Examples:

• htop: Starts the htop command with default settings.
• Use the arrow keys to navigate through the process list.
• Press F6 to sort processes by different criteria.
• Press F9 to send a signal (e.g., SIGTERM) to a selected process.

4. kill:

The kill command sends a signal to a specified process, typically to terminate it. The most common signals are SIGTERM (15) and SIGKILL (9).

Examples:

• kill -15 <PID>: Sends the SIGTERM signal to a process with a specific PID, allowing it to perform cleanup operations before terminating.
• kill -9 <PID>: Sends the SIGKILL signal to a process with a specific PID, forcefully terminating it without any cleanup.

===Finding and Force Stopping a Buggy Program===:

( Identify the buggy program by using top, htop, or ps. You can spot a problematic process by observing high CPU or memory usage, unresponsive behavior, or other unusual activity.

• Note the PID (Process ID) of the buggy program.

• Use the kill command to send a signal to the process. Start with SIGTERM (15) to allow the process to perform cleanup operations:

kill -15 <PID>

If the process does not respond to SIGTERM or if it is necessary to forcefully stop it, use SIGKILL (9):

kill -9 <PID>

Verify that the process has been terminated by checking the process list again with top, htop, or ps.

By using these process management commands, you can effectively monitor, manage, and troubleshoot processes on your Linux system.

What a process did and if it spawned another process

To find what a process did and if it spawned another process, you can use various tools and methods. Here are some approaches to trace process behavior and examine process relationships:

1. pstree:

pstree displays the processes running on the system as a tree, showing parent-child relationships. By examining this tree, you can identify if a process has spawned other processes.

Example:

• pstree: Displays the process tree for the entire system.
• pstree -p <PID>: Shows the process tree starting from a specific process ID.

2. ps with --forest option:

Using the ps command with the --forest option shows the process hierarchy as a tree structure.

Example:

ps -ef --forest: Provides a detailed, full-format listing of all processes, displayed as a tree.

3. Tracing process activity with strace:

strace is a powerful utility that allows you to trace system calls and signals for a specific process. It can help you understand what a process did and its interactions with the system.

Example:

strace -f -p <PID>: Attaches to a running process and traces its system calls, including those of any child processes (-f flag).

Please note that strace can generate a lot of output, and you might need to redirect it to a file for further analysis.

4. Auditd:

auditd is the Linux Audit Daemon, which can monitor and log system activity. By configuring auditd to watch specific system calls, you can trace what a process did and if it spawned any new processes.

To set up auditd for process monitoring, you can create rules in /etc/audit/rules.d/audit.rules (or a separate file in that directory) to define the system calls you want to monitor. For example, to monitor process creation, you can add:

-a always,exit -F arch=b64 -S clone,fork,vfork -k process_creation

After configuring the rules, restart the auditd service, and then you can use the ausearch utility to search the audit logs for process-related events:

ausearch -k process_creation

These methods will help you investigate what a process did, including whether it spawned other processes, and gain insight into its behavior.

Background and foreground processes

Processes can run in the background or foreground. Understanding the difference between background and foreground processes is essential for effectively managing tasks and system resources.

• Foreground Processes

Foreground processes are those that run interactively in the same terminal session where they were started. When a foreground process is running, the terminal session is blocked, meaning you cannot enter any new commands until the process is complete or paused. For example, if you open a text editor from the command line, it runs in the foreground, and you won't be able to use the terminal for other tasks until you close the text editor.

• Background Processes:

Background processes, on the other hand, run independently of the terminal session where they were started, allowing you to continue using the terminal for other tasks. Background processes are particularly useful for long-running tasks, such as downloading large files or running a web server, which do not require user interaction.

Managing Background and Foreground Processes:

• To start a process in the background, add an ampersand (&) at the end of the command:

command &

• For example, to start a download in the background, you might use:

wget http://example.com/large-file.zip &

If a foreground process is running and you want to move it to the background, press Ctrl + Z to pause the process and then enter the bg command to resume it in the background.

• To bring a background process to the foreground, use the fg command followed by the job number:

fg %jobnumber

You can find the job number by using the jobs command, which lists all background processes associated with the current terminal session.

To list all running processes, use the ps command. You can use various options, such as ps aux, to show more detailed information about the processes.

Remember that closing the terminal session will terminate any associated background processes. To avoid this, you can use the nohup command or run the process in a terminal multiplexer like tmux or screen.

Example

Let's say you've started a large file download using the wget command in the terminal, and you realize that it's running in the foreground, preventing you from entering any new commands in the terminal:

wget http://example.com/large-file.zip

While the download is in progress, you can't use the terminal to perform other tasks. To move the running foreground process to the background:

Press Ctrl + Z to pause the process. The terminal will display a message like:

[1]+  Stopped                 wget http://example.com/large-file.zip

Here, [1] is the job number, which you'll need to reference the process later.

Enter the bg command to resume the paused process in the background:

bg %1

The %1 refers to the job number, which was displayed when you paused the process. You can also use the jobs command to list the job numbers of all background processes associated with the current terminal session.

Now the wget process is running in the background, and you can continue using the terminal for other tasks. If you want to bring the background process back to the foreground, use the fg command with the job number:

fg %1

This will bring the wget process back to the foreground, and you'll be able to see its progress in the terminal.

System services and daemons

System services and daemons are background processes that run on a Linux system to provide essential functionality or perform specific tasks. These processes typically start at boot time and run continuously until the system is shut down. They're not associated with a specific user or terminal session and usually run with root or a dedicated system user's privileges.

System services are programs that provide various functionalities required for the smooth operation of a Linux system. Examples of system services include:

SSH server (sshd): Allows secure remote access to the system.

Web server (Apache, Nginx): Serves web pages and handles HTTP requests.

Database server (MySQL, PostgreSQL): Manages and serves databases for various applications.

Print server (CUPS): Handles print jobs and manages printers.

Daemons are specialized services that run in the background and perform specific tasks without user intervention. They usually have a name ending in "d" (for daemon). Examples of daemons include:

cron: Executes scheduled tasks (known as cron jobs) at specified intervals.

syslogd: Collects and manages system logs.

NetworkManager: Handles network connections and configurations.

systemd and systemctl

systemd is a system and service manager for Linux operating systems. It is designed to provide better performance and more advanced features compared to traditional init systems like System V init and Upstart. systemd is the default init system in most modern Linux distributions, such as Fedora, Debian, Ubuntu, and CentOS.

systemd uses units to manage resources and services. Units are defined by unit files, which are text files with a specific structure and syntax. There are several types of units, including service, socket, device, mount, and target.

systemctl is the primary command-line tool for interacting with systemd. It allows you to manage and control the state of units, as well as the system itself.

Here are some common systemctl commands and their explanations:

• List all units: systemctl list-units

This command displays a list of all currently loaded units, their states, and descriptions.

• List all services: systemctl list-unit-files --type=service

This command shows a list of all available service unit files and their statuses (enabled, disabled, or static).

• Start a service: sudo systemctl start service_name

This command starts the specified service (replace service_name with the actual service name).

• Stop a service: sudo systemctl stop service_name

This command stops the specified service.

• Restart a service: sudo systemctl restart service_name

This command restarts the specified service.

• Reload a service: sudo systemctl reload service_name

This command reloads the configuration of the specified service without restarting it (if the service supports this feature).

• Enable a service: sudo systemctl enable service_name

This command enables the specified service to start automatically at boot time.

• Disable a service: sudo systemctl disable service_name

This command disables the specified service from starting automatically at boot time.

• Check the status of a service: systemctl status service_name

This command displays detailed information about the specified service, including its current state, main process ID, and recent log entries.

• Reboot the system: sudo systemctl reboot

This command reboots the system immediately.

Example:

Let's say you want to manage the Nginx web server on your Linux system. You can use systemctl to start, stop, and check its status:

• Start Nginx: sudo systemctl start nginx
• Stop Nginx: sudo systemctl stop nginx
• Check the status of Nginx: systemctl status nginx

By understanding how to use systemd and systemctl, you can effectively manage services and resources on your Linux system.

Example

Creating a systemd service to start ipfs daemon at startup.

$EDITOR /etc/systemd/system/ipfs.service

[Unit]
Description =Start ipfs daemon

[Service]
Type=simple
ExecStart=/usr/local/bin/ipfs daemon

[Install]
WantedBy=multi-user.target

systemctl enable ipfs.service

systemctl start ipfs

To create a systemd service, you need to create a unit file with a .service extension in the /etc/systemd/system/ directory.

Here's a breakdown of the example unit file you provided for the IPFS service:

[Unit]
Description = Start ipfs daemon

• [Unit]: This section provides general information about the service, such as its description, dependencies, and behavior in case of a failure.
• Description: A brief description of the service.

[Service]
Type=simple
ExecStart=/usr/local/bin/ipfs daemon

• [Service]: This section specifies how the service should be started, stopped, and its behavior during runtime.
• Type=simple: The service type. In this case, simple means that the process started by ExecStart is the main process of the service.
• ExecStart: The command to start the service. Here, it is starting the IPFS daemon using the ipfs binary located in /usr/local/bin.

[Install]
WantedBy=multi-user.target

• [Install]: This section provides information about how the service should be installed and enabled.
• WantedBy: Specifies the target (a collection of systemd units) that this service should be a part of when it is enabled. In this case, it's the multi-user.target, which means the service should be started when the system reaches the multi-user mode.

To enable and start the service, you run the following commands:

systemctl enable ipfs.service
systemctl start ipfs

• systemctl enable: Enables the service so that it starts automatically at boot.
• systemctl start: Starts the service immediately.

Keep in mind that you need root privileges to create and manage systemd services. Use sudo when necessary.