Exploring /proc
Exploring /proc
By Trevor Warren <trevorwarren@yahoo.com>
Posted: ( 2000-12-12 10:03:00 EST by )
The Proc psuedo file system is a real time, memory resident file system
that tracks the processes running on your machine and the state of your
system. Read on to learn how to get the most out of the /proc file system.
The most striking factor about the /proc file system is the fact that the
file system doesn't exist on any particular media. The /proc File System
is a pseudo file system residing in the virtual memory and
maintains highly dynamic data on the state of your operating system. Most
of the information in the /proc file system is updated to match the
current state of the operating system. The contents of the /proc file
system can be read by anyone who has the requisite permissions. However,
certain parts of the /proc file system can be read only by the owner of
the process and of course root. The contents of the /proc filesystem are
used by many utilities which grab the data from the particular /proc
directory and display it.
Under Linux, we have utilities like lscpi, scanpci and pnpdump which help
us detect the various PCI, ISA hardware chipsets and help us make the best
choices as far as the io, dma and irq values are concerned. Similarly by
looking at the values of the various parameters in the /proc file system,
one can determine a lot about the current state of the kernel and the
processes under way. For example, we have the dmesg command.
bash# dmesg
Dmesg helps us determine the devices that have been detected and
initialized by the Linux kernel. We have utilities like "ps" and "top"
which give an accurate snapshot about the status of the processes running
on the machine and a list of awake and sleeping processes currently
running on the machine. Have you ever wondered where exactly the
information dished out to you by the "ps" and the "top" process comes
from? The information for these processes come from the /proc file system
which is updated on the fly as changes take place in the processes.
Lets take a look at a snapshot of the directory listing of the root (/)
directory of a Linux machine.
drwxr-xr-x 14 root root 291 Oct 25 18:47 opt
dr-xr-xr-x 86 root root 0 Nov 30 2000 proc <--
drwx--x--x 16 root root 841 Nov 20 00:10 root
drwxr-xr-x 5 root root 4627 Oct 15 11:42 sbin
Since the /proc file system is a virtual file system and resides in
memory, a new /proc file system is created every time your Linux machine
reboots. Take a look at the snapshot of the root directory shown above.
The size of the proc directory is 0 and the last time of modification is
the current date.
Using the /proc/sys file system to parse kernel parameters.
Another very important part of the /proc file system is the /proc/sys
directory. Making changes in this directory enables you to make real time
changes to certain kernel parameters. One fine example that can illustrate
this is as follows.
/proc/sys/net/ipv4/ip_forward
The above file ip_forward has a default value of "0" which you can see
when you cat the contents of this file. This means that IP forwarding by
this machine isn't allowed by the kernel. But this configuration can be
changed in real time by just changing the value stored in this file from
"0" to "1". Thus we have enabled IP forwarding on our Linux machine.
Contents of the /proc File System
The output of the directory listing of the /proc directory is as follows.
The actual listing was really lengthy. What's given below is a much
shorter version.
1 114 1210 1211 1212 1227 133 137 148 160 161 163 167 168 169
170 171 172 173 174 186 190 193 194 195 203 206 207 208 209
210 211 220 221 222 223 224 225 226 227 229 230 234 246 253 279
296 3 4 5 500 501 6 667 668 669 683 684 685 7 711 712 713 737 763
764 765 766 773 774 775 782 79 88 92 asound bus cmdline config.gz
cpuinfo devices dma fb filesystems fs ide interrupts ioports
kcore kcore_elf kmsg ksyms loadavg locks lvm mdstat meminfo
memstat misc modules mounts net partitions pci rtc scsi self
slabinfo stat swaps sys tty uptime version
Every number and word that you see in the above snapshot are the contents of
the /proc directory. Lets learn a little more about the contents of the
directories with the numerical naming scheme.
The numerical named directories
1 114 1210 1211 1212 1227 133 137 148 160 161 163 167 168 169
170 171 172 173 174 186 190 193 194 195 203 206 207 208 209
210 211 220 221 222 223 224 225 226 227 229 230 234 246 253 279
296 3 4 5 500 501 6 667 668 669 683 684 685 7 711 712 713 737 763
764 765 766 773 774 775 782 79 88 92
The various directories that you see out here are the processes that were
running on our machine at the instant we took a snapshot of the /proc
file system. Let's look at the contents of one of these directories.
freeos:~ # cd /proc
freeos:/proc # ls -la 114
total 0
dr-xr-xr-x 3 named named 0 Nov 30 12:20 .
dr-xr-xr-x 89 root root 0 Nov 30 2000 ..
-r--r--r-- 1 root root 0 Nov 30 12:20 cmdline
lrwx------ 1 root root 0 Nov 30 12:20 cwd -> /var/named
-r-------- 1 root root 0 Nov 30 12:20 environ
lrwx------ 1 root root 0 Nov 30 12:20 exe -> /usr/sbin/named
dr-x------ 2 root root 0 Nov 30 12:20 fd
pr--r--r-- 1 root root 0 Nov 30 12:20 maps
-rw------- 1 root root 0 Nov 30 12:20 mem
lrwx------ 1 root root 0 Nov 30 12:20 root -> /
-r--r--r-- 1 root root 0 Nov 30 12:20 stat
-r--r--r-- 1 root root 0 Nov 30 12:20 statm
-r--r--r-- 1 root root 0 Nov 30 12:20 status
Before executing this command you need to log in as root because the
various processes running on the system may be owned by various other
users. As usual you have access only to the processes that you have
started. After having logged in as root just execute the above command for
any of the directories and compare the output to what is listed above.
Did you notice any similarity in the output you got and the one listed
above? Yes, the contents of all the directories are the same irrespective
of the directory you choose to view as these directories contain the
various parameters and the status of the process whose PID is the name of
the current directory that you are in. The values of the various
parameters and status information would of course vary from process to
process.
Look at the first line of the output as viewed above.
-r--r--r-- 1 root root 0 Nov30 12:20 cmdline
"cmdline", this file contains the whole command line used to invoke the
process. The contents of this file are the command line arguments with all
the parameters that one has passed to start the particular process. All
the information contained in the file is without any formatting and any
space between the command line arguments and various arguments.
lrwx------ 1 root root 0 Nov 30 12:20 cwd -> /var/named
"cwd", as is visible from above this is a symbolic link to the current
working directory of that particular process.
-r-------- 1 root root 0 Nov 30 12:20 environ
"environ" contains all the environment variables defined for this
particular process in the form VARIABLE=value. As with cmdline, all the
information contained in the file is without any formatting or space
between the command line arguments and various arguments.
lrwx------ 1 root root 0 Nov 30 12:20 exe -> /usr/sbin/named
"exe", this is a symbolic link to the executable file that the current
process is linked to.
dr-x------ 2 root root 0 Nov 30 12:20 fd
"fd", this directory contains the list file descriptors as opened by the
particular process.
pr--r--r-- 1 root root 0 Nov 30 12:20 maps
"maps", when you print the contents of this named pipe, you can see the
parts of the process' address space which are currently mapped to a file.
The fields, from left to right, are: the address space associated to this
mapping, the permissions associated to this mapping, the offset from the
beginning of the file where the mapping starts, the device on which the
mapped file is located, the inode number of the file and finally, the name
of the file itself.
lrwx------ 1 root root 0 Nov 30 12:20 root -> /
"root", this is a symbolic link pointing to the directory which is the
root file system for the particular process.
-r--r--r-- 1 root root 0 Nov 30 12:20 status
"status", this file gives information regarding the name of the process,
its current status, i.e sleeping or awake, its PID, its UID, its PPID and
a lot of other general information. This information can be viewed in a
simpler and structured manner by using tools like, "ps" and "top".
Generic information about the various /proc/* directories
This information has been sourced from the LASG, Chapter 3
The /proc filesystem
/proc/cpuinfo
Information about the processor, such as its type, make, model, and
performance.
/proc/devices
List of device drivers configured into the currently running kernel.
/proc/dma
Shows which DMA channels are being used at the moment.
/proc/filesystems
Filesystems configured into the kernel.
/proc/interrupts
Shows which interrupts are in use, and how many of each there have been.
/proc/ioports
Which I/O ports are in use at the moment.
Hope this article has been informative guide to the /proc File system.
By Trevor Warren <trevorwarren@yahoo.com>
Posted: ( 2000-12-12 10:03:00 EST by )
The Proc psuedo file system is a real time, memory resident file system
that tracks the processes running on your machine and the state of your
system. Read on to learn how to get the most out of the /proc file system.
The most striking factor about the /proc file system is the fact that the
file system doesn't exist on any particular media. The /proc File System
is a pseudo file system residing in the virtual memory and
maintains highly dynamic data on the state of your operating system. Most
of the information in the /proc file system is updated to match the
current state of the operating system. The contents of the /proc file
system can be read by anyone who has the requisite permissions. However,
certain parts of the /proc file system can be read only by the owner of
the process and of course root. The contents of the /proc filesystem are
used by many utilities which grab the data from the particular /proc
directory and display it.
Under Linux, we have utilities like lscpi, scanpci and pnpdump which help
us detect the various PCI, ISA hardware chipsets and help us make the best
choices as far as the io, dma and irq values are concerned. Similarly by
looking at the values of the various parameters in the /proc file system,
one can determine a lot about the current state of the kernel and the
processes under way. For example, we have the dmesg command.
bash# dmesg
Dmesg helps us determine the devices that have been detected and
initialized by the Linux kernel. We have utilities like "ps" and "top"
which give an accurate snapshot about the status of the processes running
on the machine and a list of awake and sleeping processes currently
running on the machine. Have you ever wondered where exactly the
information dished out to you by the "ps" and the "top" process comes
from? The information for these processes come from the /proc file system
which is updated on the fly as changes take place in the processes.
Lets take a look at a snapshot of the directory listing of the root (/)
directory of a Linux machine.
drwxr-xr-x 14 root root 291 Oct 25 18:47 opt
dr-xr-xr-x 86 root root 0 Nov 30 2000 proc <--
drwx--x--x 16 root root 841 Nov 20 00:10 root
drwxr-xr-x 5 root root 4627 Oct 15 11:42 sbin
Since the /proc file system is a virtual file system and resides in
memory, a new /proc file system is created every time your Linux machine
reboots. Take a look at the snapshot of the root directory shown above.
The size of the proc directory is 0 and the last time of modification is
the current date.
Using the /proc/sys file system to parse kernel parameters.
Another very important part of the /proc file system is the /proc/sys
directory. Making changes in this directory enables you to make real time
changes to certain kernel parameters. One fine example that can illustrate
this is as follows.
/proc/sys/net/ipv4/ip_forward
The above file ip_forward has a default value of "0" which you can see
when you cat the contents of this file. This means that IP forwarding by
this machine isn't allowed by the kernel. But this configuration can be
changed in real time by just changing the value stored in this file from
"0" to "1". Thus we have enabled IP forwarding on our Linux machine.
Contents of the /proc File System
The output of the directory listing of the /proc directory is as follows.
The actual listing was really lengthy. What's given below is a much
shorter version.
1 114 1210 1211 1212 1227 133 137 148 160 161 163 167 168 169
170 171 172 173 174 186 190 193 194 195 203 206 207 208 209
210 211 220 221 222 223 224 225 226 227 229 230 234 246 253 279
296 3 4 5 500 501 6 667 668 669 683 684 685 7 711 712 713 737 763
764 765 766 773 774 775 782 79 88 92 asound bus cmdline config.gz
cpuinfo devices dma fb filesystems fs ide interrupts ioports
kcore kcore_elf kmsg ksyms loadavg locks lvm mdstat meminfo
memstat misc modules mounts net partitions pci rtc scsi self
slabinfo stat swaps sys tty uptime version
Every number and word that you see in the above snapshot are the contents of
the /proc directory. Lets learn a little more about the contents of the
directories with the numerical naming scheme.
The numerical named directories
1 114 1210 1211 1212 1227 133 137 148 160 161 163 167 168 169
170 171 172 173 174 186 190 193 194 195 203 206 207 208 209
210 211 220 221 222 223 224 225 226 227 229 230 234 246 253 279
296 3 4 5 500 501 6 667 668 669 683 684 685 7 711 712 713 737 763
764 765 766 773 774 775 782 79 88 92
The various directories that you see out here are the processes that were
running on our machine at the instant we took a snapshot of the /proc
file system. Let's look at the contents of one of these directories.
freeos:~ # cd /proc
freeos:/proc # ls -la 114
total 0
dr-xr-xr-x 3 named named 0 Nov 30 12:20 .
dr-xr-xr-x 89 root root 0 Nov 30 2000 ..
-r--r--r-- 1 root root 0 Nov 30 12:20 cmdline
lrwx------ 1 root root 0 Nov 30 12:20 cwd -> /var/named
-r-------- 1 root root 0 Nov 30 12:20 environ
lrwx------ 1 root root 0 Nov 30 12:20 exe -> /usr/sbin/named
dr-x------ 2 root root 0 Nov 30 12:20 fd
pr--r--r-- 1 root root 0 Nov 30 12:20 maps
-rw------- 1 root root 0 Nov 30 12:20 mem
lrwx------ 1 root root 0 Nov 30 12:20 root -> /
-r--r--r-- 1 root root 0 Nov 30 12:20 stat
-r--r--r-- 1 root root 0 Nov 30 12:20 statm
-r--r--r-- 1 root root 0 Nov 30 12:20 status
Before executing this command you need to log in as root because the
various processes running on the system may be owned by various other
users. As usual you have access only to the processes that you have
started. After having logged in as root just execute the above command for
any of the directories and compare the output to what is listed above.
Did you notice any similarity in the output you got and the one listed
above? Yes, the contents of all the directories are the same irrespective
of the directory you choose to view as these directories contain the
various parameters and the status of the process whose PID is the name of
the current directory that you are in. The values of the various
parameters and status information would of course vary from process to
process.
Look at the first line of the output as viewed above.
-r--r--r-- 1 root root 0 Nov30 12:20 cmdline
"cmdline", this file contains the whole command line used to invoke the
process. The contents of this file are the command line arguments with all
the parameters that one has passed to start the particular process. All
the information contained in the file is without any formatting and any
space between the command line arguments and various arguments.
lrwx------ 1 root root 0 Nov 30 12:20 cwd -> /var/named
"cwd", as is visible from above this is a symbolic link to the current
working directory of that particular process.
-r-------- 1 root root 0 Nov 30 12:20 environ
"environ" contains all the environment variables defined for this
particular process in the form VARIABLE=value. As with cmdline, all the
information contained in the file is without any formatting or space
between the command line arguments and various arguments.
lrwx------ 1 root root 0 Nov 30 12:20 exe -> /usr/sbin/named
"exe", this is a symbolic link to the executable file that the current
process is linked to.
dr-x------ 2 root root 0 Nov 30 12:20 fd
"fd", this directory contains the list file descriptors as opened by the
particular process.
pr--r--r-- 1 root root 0 Nov 30 12:20 maps
"maps", when you print the contents of this named pipe, you can see the
parts of the process' address space which are currently mapped to a file.
The fields, from left to right, are: the address space associated to this
mapping, the permissions associated to this mapping, the offset from the
beginning of the file where the mapping starts, the device on which the
mapped file is located, the inode number of the file and finally, the name
of the file itself.
lrwx------ 1 root root 0 Nov 30 12:20 root -> /
"root", this is a symbolic link pointing to the directory which is the
root file system for the particular process.
-r--r--r-- 1 root root 0 Nov 30 12:20 status
"status", this file gives information regarding the name of the process,
its current status, i.e sleeping or awake, its PID, its UID, its PPID and
a lot of other general information. This information can be viewed in a
simpler and structured manner by using tools like, "ps" and "top".
Generic information about the various /proc/* directories
This information has been sourced from the LASG, Chapter 3
The /proc filesystem
/proc/cpuinfo
Information about the processor, such as its type, make, model, and
performance.
/proc/devices
List of device drivers configured into the currently running kernel.
/proc/dma
Shows which DMA channels are being used at the moment.
/proc/filesystems
Filesystems configured into the kernel.
/proc/interrupts
Shows which interrupts are in use, and how many of each there have been.
/proc/ioports
Which I/O ports are in use at the moment.
Hope this article has been informative guide to the /proc File system.