Lab: Rootly Powers

Step 4: Processes

• To do this step
  • You should have a running version of the RootlyPowers virtual machine, set up.
  • You should understand the basics of becoming other users.
  • If you have not completed the first two steps, please return to this step after you have done so.
• To start
  • Log in as bob (password bob).
  • Open two terminals.
  • In one terminal su to Alice ( su - alice, password alice).
  • Change to Alice's code directory ( cd ~/code)
• When a program is running it is called a process.
  • On a *nix system, each process has a unique number or id called the process id.
  • Processes can be manipulated using the process id.
• Examining the running processes on a system
  • The command top shows the most active processes on the system.
  • run top
    • Notice processes are associated with users.
    • There are many processes running started by root.
      • These are manifestations of the kernel
      • Or are daemons.
    • Top is nice as you can change the interface and interact with it.
    • Stopping these processes can deny access to the system
  • The command ps reports processes as well.
    • This command is nice as it can be used with other tools.
    • There are many options.
  • To see all of Bob's processes type ps -ef | grep bob
    • Since Bob is logged in, this user is running many processes associated with the graphical display.
  • Find all of Alice's processes.
    • Notice Alice is just running a shell (bash).
• Start a process as Alice and find it as Bob
  • In the terminal where you are user alice
    • Start the process longRunner (./longRunner)
    • Notice, this will tell you the process id.
  • In the terminal as Bob, find this process using ps
• Terminating or killing a process
  • A process can terminate naturally by exiting.
  • Or it can be terminated by sending it a signal.
    • Signals are beyond the scope of this lab.
    • You can learn more about process and signals in System Programming (csci 311)
• kill
  • Read the man page for the kill command.
  • It will send a signal to a process.
  • You will need to find the pid for the process longRunner, assume it is 1245
  • As Bob try kill pid where pid is the process id of longRunner
    • Notice Bob does not have permission to send a signal to Alice's process.
  • Become Alice and try to kill the process again.
    • Alice does have permission to kill her own process.
    • Exit as alice
  • Start a new longRunner in the Alice window.
  • Try to kill this new process as root.
• A third rootly power, is that root can send a signal to any process.
• A little more on kill
  • Processes can "catch" signals.
  • In Alice's code directory is an executable called sigCatcher, run this program.
  • As root try to kill this
    • This program catches the terminate signal that kill sends by default.
    • This is signal 15.
  • You can see a list of signals by typing kill -l
  • You can send other signals with kill with kill -n pid
    • Where n is either the signal number, or a symbolic name.
    • kill -1 pid
    • kill -hup pid
  • Try killing sigCatcher with a few low level signals (1-8)
  • Programs frequently catch signals such as HUP (hangup) or TERM (terminate) so that they can properly shut down.
    • An editor can close the file and save modifications.
    • A terminal can properly shut down any running client.
  • Be aware, there is no "order" to the signals, and signals change between *nix implementations.
  • But hup, term and kill stay the same.
  • When killing processes, it is normal to start with a TERM or HUP
• kill -9 pid
  • SIGKILL can not be caught or ignored.
  • This means if you kill a process with a 9, it will be killed.
  • With a -9 you can kill the sigCatcher process started by Alice.