Lab: Rootly Powers
Step 4: Processes
- To do this step
- You should have a running version of the RootlyPowers virtual machine, set up.
- You should understand the basics of becoming other users.
- If you have not completed the first two steps, please return to this step after you have done so.
- To start
- Log in as bob (password bob).
- Open two terminals.
- In one terminal su to Alice (
su - alice, password alice).
- Change to Alice's code directory (
- When a program is running it is called a process.
- On a *nix system, each process has a unique number or id called the process id.
- Processes can be manipulated using the process id.
- Examining the running processes on a system
- The command
top shows the most active processes on the system.
- Notice processes are associated with users.
- There are many processes running started by root.
- These are manifestations of the kernel
- Or are daemons.
- Top is nice as you can change the interface and interact with it.
- Stopping these processes can deny access to the system
- The command
ps reports processes as well.
- This command is nice as it can be used with other tools.
- There are many options.
- To see all of Bob's processes type
ps -ef | grep bob
- Since Bob is logged in, this user is running many processes associated with the graphical display.
- Find all of Alice's processes.
- Notice Alice is just running a shell (bash).
- Start a process as Alice and find it as Bob
- In the terminal where you are user alice
- Start the process longRunner (
- Notice, this will tell you the process id.
- In the terminal as Bob, find this process using ps
- Terminating or killing a process
- A process can terminate naturally by exiting.
- Or it can be terminated by sending it a signal.
- Signals are beyond the scope of this lab.
- You can learn more about process and signals in System Programming (csci 311)
- Read the man page for the
- It will send a signal to a process.
- You will need to find the pid for the process longRunner, assume it is 1245
- As Bob try
kill pid where pid is the process id of longRunner
- Notice Bob does not have permission to send a signal to Alice's process.
- Become Alice and try to kill the process again.
- Alice does have permission to kill her own process.
- Exit as alice
- Start a new longRunner in the Alice window.
- Try to kill this new process as root.
- A third rootly power, is that root can send a signal to any process.
- A little more on kill
- Processes can "catch" signals.
- In Alice's code directory is an executable called
sigCatcher, run this program.
- As root try to kill this
- This program catches the terminate signal that kill sends by default.
- This is signal 15.
- You can see a list of signals by typing
- You can send other signals with kill with
kill -n pid
- Where n is either the signal number, or a symbolic name.
kill -1 pid
kill -hup pid
- Try killing sigCatcher with a few low level signals (1-8)
- Programs frequently catch signals such as HUP (hangup) or TERM (terminate) so that they can properly shut down.
- An editor can close the file and save modifications.
- A terminal can properly shut down any running client.
- Be aware, there is no "order" to the signals, and signals change between *nix implementations.
- But hup, term and kill stay the same.
- When killing processes, it is normal to start with a TERM or HUP
kill -9 pid
- SIGKILL can not be caught or ignored.
- This means if you kill a process with a 9, it will be killed.
- With a -9 you can kill the sigCatcher process started by Alice.