Pages

Saturday, September 15, 2012

Resource Management : Pmap


pmap command can be used to understand virtual memory mapping of an UNIX process, memory usage, and attributes of memory area etc.

View the memory map of a process
[root@vx111a test]# pmap 4226
4226:   /bin/bash ./top.sh
006db000    108K r-x--  /lib/ld-2.5.so
006f6000      4K r-x--  /lib/ld-2.5.so
006f7000      4K rwx--  /lib/ld-2.5.so
006fa000   1356K r-x--  /lib/libc-2.5.so
0084d000      8K r-x--  /lib/libc-2.5.so
0084f000      4K rwx--  /lib/libc-2.5.so
00850000     12K rwx--    [ anon ]
00880000     12K r-x--  /lib/libdl-2.5.so
00883000      4K r-x--  /lib/libdl-2.5.so
00884000      4K rwx--  /lib/libdl-2.5.so
008b7000     12K r-x--  /lib/libtermcap.so.2.0.8
008ba000      4K rwx--  /lib/libtermcap.so.2.0.8
00faf000      4K r-x--  &an>
b7f61000      8K rw---    [ anon ]
b7f6c000     28K r--s-  /usr/lib/gconv/gconv-modules.cache
bfe07000     84K rw---    [ stack ] 0971a000    132K rw---    [ anon ]
b7d61000   2048K r----  /usr/lib/locale/locale-archive
b7f61000      8K rw---    [ anon ]
b7f6c000     28K r--s-  /usr/lib/gconv/gconv-modules.cache
bfe07000     84K rw---    [ stack ]
 total     4572K

When we see the output of this command, it will give details as follows
1.First column will show memory location
2.second column will show RAM use of each file opened by this process
3.Third column will show rw permission.
4.Last one will show what are the files opened by this process
5.And last line of this output will show total size used, here it is 4572K

Show Extended Format

[root@vx111a test]# pmap -x 4226
4226:   /bin/bash ./top.sh
Address   Kbytes     RSS   Dirty Mode   Mapping
006db000     108      84       0 r-x--  ld-2.5.so
006f6000       4       4       4 r-x--  ld-2.5.so
006f7000       4       4       4 rwx--  ld-2.5.so
006fa000    1356     404       0 r-x--  libc-2.5.so
0084d000       8       8       4 r-x--  libc-2.5.so
0084f000       4       4       4 rwx--  libc-2.5.so
00850000      12      12      12 rwx--    [ anon ]
00880000      12       8       0 r-x--  libdl-2.5.so
00883000       4       4       4 r-x--  libdl-2.5.so
00884000       4       4       4 rwx--  libdl-2.5.so
008b7000      12       8       0 r-x--  libtermcap.so.2.0.8
008ba000       4       4       4 rwx--  libtero:p>
0971a000   &nbsbsp;      4       4       0 r-x--    [ anon ]
08047000     696    yle="color: #002060; font-family: "Verdana","sans-serif"; font-size: 9.0pt; line-height: 115%; mso-bidi-font-size: 11.0pt;">0971a000    132K rw---    [ anon ]
b7d61000   2048K r----  /usr/lib/locale/locale-archive
b7f61000      8K rw---    [ anon ]
b7fp; 132      20      20 rw---    [ anon ]
b7d61000    2048      44       0 r----  locale-archive
b7f61000       8       8       8 rw---    [ anon ]
b7f6c000      28      24       0 r--s-  gconv-modules.cache
bfe07000      84      16      16 rw---    [ stack ]
.
.
.
------- ------- ------- ------- -------
total kB    641180   99088   89424

Total virtual memory mapped by this process is 641180 KB.
Read More

Friday, September 14, 2012

Magic SysRq


On A System that is very slow but not dead, there is a way in linux to send commands to the kernel directlty.This can be done using the SysRq.This means even if you cant login , you can either recover from the system or either re-boot in such way that causes less risk.

The magic SysRq key is a key combination in the Linux kernel which allows the user to perform various low level commands regardless of the system’s state.

The SysRq(usually PrintScreen) usually is not enabled by default. To Find out whether it is enabled or not use

[root@vx111a usr]# cat /proc/sys/kernel/sysrq
0

This is not enabled, since '0'.To enable this we can use

[root@vx111a usr]# echo 1 > /proc/sys/kernel/sysrq
[root@vx111a usr]# cat /proc/sys/kernel/sysrq
1

There are 2 ways to use this,

From Console: We can hold 'Alt + SysRq' key along with one of the letters to make SysRq request (in the next section).

From Remote Machine : we can echo letters to the /proc/sysrq-trigger to make SysRq requests (in the next section),but instead of seeing output on the screen we see them in /var/log/message file.

Some Examples

For SysRq Help

[root@vx111a usr]# echo h > /proc/sysrq-trigger
[root@vx111a usr]# cat /var/log/messages

Sep 14 15:40:41 vx111a kernel: SysRq : HELP : loglevel0-8 reBoot Crashdump tErm Full kIll thaw-filesystems(J) saK showMem Nice powerOff showPc unRaw Sync showTasks Unmount shoWcpus

Echoing a letter to the /proc/sysrq-trigger is a good way if we dont want to see the out put on the screen.they go to the /var/log/messages.

See all the Process Running In kernel

[root@vx111a usr]# echo t > /proc/sysrq-trigger

When we check the /var/log/messages, you can see all the process details that are running in the kernel.

See all the Memory related Information

[root@vx111a usr]# echo m > /proc/sysrq-trigger

List of SysRq Command Keys

Here are the list command keys available for SysRq

  • ‘k’ – Kills all the process running on the current virtual console.
  • ‘s’ – This will attempt to sync all the mounted file system.
  • ‘b’ – Immediately reboot the system, without un mounting partitions or syncing.
  • ‘e’ – Sends SIGTERM to all process except init.
  • ‘m’ – Output current memory information to the console.
  • ‘i’ – Send the SIGKILL signal to all processes except init
  • ‘r’ – Switch the keyboard from raw mode (the mode used by programs such as X11),
  •  ‘s’ – sync all mounted file system.
  • ‘t’ – Output a list of current tasks and their information to the console.
  • ‘u’ – Remount all mounted filesystems in readonly mode.
  • ‘o’ – Shutdown the system immediately.
  • ‘p’ – Print the current registers and flags to the console.
  • ’0-9′ – Sets the console log level, controlling which kernel messages will be printed to your console.
  • ‘f’ – Will call oom_kill to kill process which takes more memory.
  • ‘h’ – Used to display the help. But any other keys than the above listed will print help.



Happy Learning , More To Come
Read More

Resource Management : Strace

Strace is a command available in linux which helps in debugging and troubleshooting the execution of a executable ( command or a process).Strace also tells you what is going with a program at this point. It can tell you what system calls the program is using and whether they pass or fail.
Strace monitors the system calls and signal of a Specific program. This command is mainly helpful when we don't have a Source code and would like to debug the execution of a program.
Strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process
Basic Example
When you run the strace on the ls (executable) we can see
Dev:vx1379:djbs002-~ $ strace ls
execve("/bin/ls", ["ls"], [/* 39 vars */]) = 0
brk(0) = 0x192d7000
****
****
****

Trace a Specific System calls
We can also use strace to find specific system calls that were made like,

Dev:vx1379:djbs002-~ $ strace -e open ls
open("/software/jboss/ews32/1.0/lib/tls/x86_64/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)

Only Open system calls are shown.

Trace Multiple System Calls
if we want to trace multiple system call we can use,

strace -e trace=open,read ls

A few other Calls include
strace -e trace=set
strace -e trace=open
strace -e trace=read
strace -e trace=file
strace -e trace=process
strace -e trace=network
strace -e trace=signal
strace -e trace=ipc
strace -e trace=desc //descriptors
strace -e read=set
We can also use strace to find the input activity like,
To see all input activity on file descriptors 3 and 5 use
-e read=3,5
To see all output activity on file descriptors 3 and 5 use
-e write=3,5

Number of Calls and Time
We can also use strace to find how many system calls were done and how much time they took like,

Dev:vx1379:djbs002-~ $ strace -c ls
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
nan 0.000000 0 13 read
nan 0.000000 0 6 write
nan 0.000000 0 56 43 open
nan 0.000000 0 14 close
nan 0.000000 0 4 3 stat
nan 0.000000 0 13 fstat
nan 0.000000 0 31 mmap
nan 0.000000 0 13 mprotect
nan 0.000000 0 4 munmap
nan 0.000000 0 3 brk
nan 0.000000 0 2 rt_sigaction
nan 0.000000 0 1 rt_sigprocmask
nan 0.000000 0 2 ioctl
nan 0.000000 0 2 1 access
nan 0.000000 0 1 execve
nan 0.000000 0 1 fcntl
nan 0.000000 0 2 getdents
nan 0.000000 0 1 getrlimit
nan 0.000000 0 1 arch_prctl
nan 0.000000 0 1 futex
nan 0.000000 0 1 set_tid_address
nan 0.000000 0 1 set_robust_list
------ ----------- ----------- --------- --------- ----------------
100.00 0.000000 173 47 total

A Total of 173 calls were done in which were divided according to the type of calls they were made.

Strace with Time of Day
We can use strace to generate the output along with the Time of the Day also like,

Dev:vx1379:djbs002-~ $ strace -t ls
02:41:10 execve("/bin/ls", ["ls"], [/* 39 vars */]) = 0
02:41:10 brk(0) = 0xa457000

Time Spent
We can also use Strace to find how much time every system call took in executing like,

Dev:vx1379:djbs002-~ $ strace -T ls
execve("/bin/ls", ["ls"], [/* 39 vars */]) = 0 <0.001015>
brk(0) = 0x1a33f000 <0.000053>

What Does a Process Doing at This Point
We can also see what a process is doing at this point like what system calls were being made , time they took etc like,

Dev:vx1379:djbs002-~ $ strace -p 4487 -o ./jhas.txt
Process 4487 attached - interrupt to quit
[ Process PID=4487 runs in 32 bit mode. ]

Now you can open another console to tail the jhas.txt file to see what exactly happening. When you see the txt file we can see

futex(0x7f5ee28c49d0, FUTEX_WAIT, 3039, NULL

This is Just a Tomcat Process waiting for the requests. FuTEX is alocking mechanism in the linux kernel.
Some Other Ways Like,
Find out what Calls were being made to the Catalina file

[root@vx111a bin]# strace ./startup.sh 2>&1 | grep catalina
read(255, "EXECUTABLE=catalina.sh\n\n# Check "..., 1961) = 541
stat("./catalina.sh", {st_mode=S_IFREG|0755, st_size=19877, ...}) = 0
access("./catalina.sh", X_OK) = 0
execve("/soa/apache-tomcat-7.0.42/bin/catalina.sh", ["./catalina.sh", "start"], [/* 45 vars */]) = 0
open("/soa/apache-tomcat-7.0.42/bin/catalina.sh", O_RDONLY) = 3
lstat("/soa/apache-tomcat-7.0.42/bin/catalina.sh", {st_mode=S_IFREG|0755, st_size=19877, ...}) = 0
open("/soa/apache-tomcat-7.0.42/logs/catalina.out", O_WRONLY|O_CREAT|O_APPEND, 0666) = 3

catalina.sh was read from the Current location.

Find out the Specific Calls that we made on the Catalina File

[root@vx111a bin]# strace -e open,access ./startup.sh 2>&1 | grep catalina
access("./catalina.sh", X_OK) = 0
open("/soa/apache-tomcat-7.0.42/bin/catalina.sh", O_RDONLY) = 3
open("/soa/apache-tomcat-7.0.42/logs/catalina.out", O_WRONLY|O_CREAT|O_APPEND, 0666) = 3

The above tip can be used when Ever we Run into a case where a file was opened or not and cant find how to handle this thing.

Network Tracing
We can also use the Strace for network tracing like,

strace -o /tmp/ping -s 512 ping www.google.com > /dev/null 2>&1

[root@vx111a bin]# grep connect /tmp/ping
connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)

To find the Network calls for a Process
strace -e trace=network -p <PID>

Why does this program not open my file?
$ strace -e open,access 2>&1 | grep your-filename

Look for an open() or access() syscall that fails

What is taking time?
strace -c -p 11084

Can't I connect to that server?
strace -e poll,select,connect,recvfrom,sendto nc www.yahoo.com 80

More To Come , Happy learning :-)
Read More

Resource Management : Lsof

lsof stands for 'List of Open Files’. This command is used to report all the open files and the process that currently opened them. Open files include disk files, pipes, network sockets and devices opened by all processes.

This can be very use full when we see issue which unmouting a file system. We can trace out which files are being open and can kill them to unmount.

A Basic execution of lsof gives ,

[root@vx111a test]# lsof | head
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
init 1 root cwd DIR 8,8 4096 2 /
init 1 root rtd DIR 8,8 4096 2 /
init 1 root txt REG 8,8 38652 11370583 /sbin/init
init 1 root mem REG 8,8 245376 918515 /lib/libsepol.so.1
init 1 root mem REG 8,8 129900 918498 /lib/ld-2.5.so
init 1 root mem REG 8,8 1693796 918499 /lib/libc-2.5.so
FD – Represents the file descriptor. Some of the values of FDs are,

* cwd – Current Working Directory
* txt – Text file


The out put explains most of the columns , but we FD and TYPE requires some more info

FD – Represents the file descriptor. Some of the values of FDs are,

* cwd – Current Working Directory
* txt – Text file
* mem – Memory mapped file
* mmap – Memory mapped device
* NUMBER – Represent the actual file descriptor. The character after the number i.e t;; font-size: 9.0pt; line-height: 115%; mso-bidi-font-size: 11.0pt;"> * DIR – write

TYPE – Specifies the type of the file. Some of the values of TYPEs are,

* REG – Regular File
* DIR – Directory
* FIFO – First In First Out
* CHR – Character special file

To find all the open files in the current directory

[root@vx111a test]# lsof $PWD
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
bash 4132 root cwd DIR 8,8 4096 6127709 /root/test
sleep 4159 root cwd DIR 8,8 4096 6127709 /root/test
top.sh 4226 root cwd DIR 8,8 4096 6127709 /root/test
bash 4234 root cwd DIR 8,8 4096 6127709 /root/test
vi 4258 root cwd DIR 8,8 4096 6127709 /root/test
lsof 4929 root cwd DIR 8,8 4096 6127709 /root/test

List all Process that opened a specific file

[root@vx111a test]# lsof top.sh
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
top.sh 4226 root 255r REG 8,8 40 6128296 top.sh

List opened files under a directory

If we need to find the files that are opened under a directory including the subdirectories we can use +D like

[root@vx111a test]# lsof +D $PWD
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
bash 4132 root cwd DIR 8,8 4096 6127709 /root/test
sleep 4159 root cwd DIR 8,8 4096 6127709 /root/test
bash 4161 root cwd DIR 8,8 4096 6127709 /root/test
top.sh 4226 root cwd DIR 8,8 4096 6127709 /root/test
top.sh 4226 root 255r REG 8,8 40 6128296 /root/test/top.sh

List opened files based on process names starting with

Lsof allows us to see the files that are opened by process that is starting with a specific name. This can be achieved using -c option,

Dev:vx1423:djbs001-~ $ lsof -c java | head
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 17077 root cwd DIR 253,9 4096 369127 /software/jboss/jon-server- /jbossas/bin

To find all the open files in the current File System

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
init 1 root cwd DIR 8,8 4096 2 /
init 1 root rtd DIR 8,8 4096 2 /
init 1 root txt REG 8,8 38652 11370583 /sbin/init
init 1 root mem REG 8,8 245376 918515 /lib/libsepol.so.1
migration 2 root cwd DIR 8,8 4096 2 /

List files opened by a specific user

Dev:vx1423:djbs002-~ $ lsof -u root | head
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
bash 12698 root cwd DIR 253,7 4096 229381 /logs/jboss/ews/1.0/domains/jas
bash 12698 root rtd DIR 253,0 4096 2 /
bash 12698 root txt REG 253,0 801528 131130 /bin/bash

You can use Negation too, if you want to see all files opened by user leaving root you can use

lsof -u ^root

List all open files by a specific processtop.sh 4226 root txt REG 8,8 735004 10780705 /bin/bash
top.sh 4226 root mem REG 8,8 129900 918498 /lib/ld-2.5.so
top.sh 4226 root cwd DIR 8,8 4096 6127709 /root/test
top.sh 4226 root rtd DIR 8,8 4096 2 /
top.sh 4226 root txt REG 8,8 735004 10780705 /bin/bash
top.sh 4226 root mem REG 8,8 129900 918498 /lib/ld-2.5.so
top.sh 4226 root mem REG 8,8 1693796 918499 /lib/libc-2.5.so
top.sh 4226 root mem REG 8,8 20668 918500 /lib/libdl-2.5.so
top.sh 4226 root mem REG 8,8 13276 918521 /lib/libtermcap.so.2.0.8
top.sh 4226 root mem REG 8,9 56479264 459245 /usr/lib/locale/locale-archive
top.sh 4226 root mem REG 8,9 25462 522496 /usr/lib/gconv/gconv-modules.cache
top.sh 4226 root 0u CHR 136,1 3 /dev/pts/1
top.sh 4226 root 1u CHR 136,1 3 /dev/pts/1
top.sh 4226 root 2u CHR 136,1 3 /dev/pts/1
top.sh 4226 root 255r REG 8,8 40 6128296 /root/test/top.sh


Kill all process that belongs to a particular user

We can use lsof to kill process that belong to a user much like,

kill -9 `lsof -t -u root`

list process id of a process which opened a specific file

[root@vx111a test]# lsof -t /var/log/messages
7390

Execute lsof in repeat mode

lsof also support Repeat mode. It will first list files based on the given parameters, and delay for specified seconds and again list files based on the given parameters. It can be interrupted by a signal.

Repeat mode can be enabled by using ‘-r’ or ‘+r’. If ‘+r’ is used then, the repeat mode will end when no open files are found. ‘-r’ will continue to list,delay,list until a interrupt is given irrespective of files are opened or not.

Each cycle output will be separated by using ‘=======’. You also also specify the time delay as ‘-r’ | ‘+r’.

lsof -u root -c java -a -r5

Finding Network Information

List all network connections

[root@vx111a test]# lsof -i (use ‘-i4′ or ‘-i6′ to list only ‘IPV4′ or ‘IPV6‘ )
rpc.statd 2382 root 3u IPv4 6100 UDP *:865
dhclient 2178 root 4u IPv4 5593 UDP *:bootpc
rpc.statd 2382 root 6u IPv4 6091 UDP *:862
rpc.statd 2382 root 7u IPv4 6110 TCP *:868 (LISTEN)
hpiod 2593 root 0u IPv4 7887 TCP localhost.localdomain:2208 (LISTEN)
-family: "Verdana","sans-serif"; font-size: 9.0pt; line-height: 115%; mso-bidi-font-size: 11.0pt;">rpc.statd 2382 root 6u IPv4 6091 UDP *:862
rpc.statd 2382 root 7u IPv4 6110 TCP *:868 (LISTEN)
hpiod 2593 root 0u IPv4 7887 TCP localhost.localdomain:2208 (LISTEN)
hpssd.py 2598 root 4u IPv4 7905 TCP localhost.localdomain:2207 (LISTEN)


List all network files in use by a specific process
localhost:root-~ $ lsof -i -a -p 17077 | head
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 17077 root 101u IPv4 728449 0t0 TCP *:9093 (LISTEN)
.
.

List processes which are listening on a particular port
[root@vx111a test]# lsof -nPi tcp:80


or

[root@vx111a test]# lsof -i :7080
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 17077 root 141u IPv4 728528 0t0 TCP *:7080 (LISTEN)

Some Examples ,


Determine if port is open or not
[root@vx111a test]#lsof -i :22


Kill a Process on the Port
[root@vx111a test]#kill -9 `lsof -t -i :port_number`

Show apps that use internet connection at the moment Or Lists all listening ports together with the PID of the associated process
[root@vx111a test]# lsof -P -i -n
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
dhclient 2178 root 4u IPv4 5593 UDP *:68
rpc.statd 2382 root 6u IPv4 630 UDP *:111
portmap 2347 rpc 4u IPv4 5931 TCP *:111 (LISTEN)
rpc.statd 2382 root 3u IPv4 6100 UDP *:865
rpc.statd 2382 root 6u IPv4 6091 UDP *:862


List all files opened by a particular command
lsof -c java

check open ports
lsof -Pni4 | grep LISTEN

Display who is accessing a device
lsof /dev/tty1

View details of network activity
lsof -i :7000-8000

List all the files that have been deleted while they were still open.
lsof | egrep "^COMMAND|deleted"
If you delete a file that is still in use by a process, that space does not get freed up (will not show up in df) until that process either closes the file on its own, or is killed.

show the working directories of running processes
lsof -bw -d cwd -a -c java

find the delete file ,which is in use
lsof -n |grep delete

Grep from Open Files
lsof | grep "stuff"

View Open File Descriptors for a Process
lsof -p | wc -l

Find The Command Line Of the Process Using Specific Port
cat /proc/$(lsof -ti:631)/cmdline

More To Come , happy learning :-)
Read More

Thursday, September 13, 2012

Resource Management : Fuser

Fuser is a utility available in Linux which shows what processes are using a file ,file system and socket. The output of "fuser" may be useful in diagnosing "resource busy" messages arising when attempting to unmount file systems.

Check Process That are currently using the Current Directory

[root@vx111a test]# fuser .
.: 3394c 3806c 3807c

[root@vx111a test]# ps ux | grep vi
root 3540 0.0 0.5 63080 17732 ? Sl 15:44 0:00 /usr/lib/nspluginwrapper/npviewer.bin --plugin /usr/lib/mozilla/plugins/libflashplayer.so --connection /org/wrapper/NSPlugins/libflashplayer.so/3468-1
root 3806 0.0 0.0 5032 1460 pts/1 S+ 15:57 0:00 vi test
root 3825 0.0 0.0 4016 684 pts/2 S+ 15:57 0:00 grep vi

It gives us all the process ID that are currently using the current directory. You can see the 'vi test' for the current directory is opened. Hence the Pid 3806.

But when we observe that every process given in the output contains c after them (3806c).These characters indicate the type of access. The type of access can be any one of the following:

* c current directory (Uses the file as the current directory)
* e executable being run (Uses the file as a program's executable object)

Detailed Report

[root@vx111a test]# fuser -v .

omhq196f:dwls977-~ $ /sbin/fuser -v .
USER PID ACCESS COMMAND
.: root001 6227 ..c.. bash
root001 9839 ..c.. syslog


Fuser On Executable

If we need to find details of who is using an executable, we can use

[root@vx111a test]# fuser -v top.sh

USER PID ACCESS COMMAND
top.sh: root 3942 f.... top.sh


The Access Says it is 'f' (open File) , if you are running a executable program you can see the access will change (Access to 'e').

Process Using TCP/IP sockets

One of the another advantage of using fuser is it can find which process are using Tcp/Ip scokets like ,

localhost:root-~ $ fuser -v -n tcp 7080

USER PID ACCESS COMMAND
7080/tcp: root 17077 F.... java

Check For Process Currently using the File System

[root@vx111a soa]# fuser -m /dev/sda7
/dev/sda7: 3807c 4060c 4061c

Find Owner of the Process

[root@vx111a test]# fuser -uv top.sh

USER PID ACCESS COMMAND
top.sh: root 4226 f.... (root)top.sh

Kill All process that are currently using a program

Fuser allows to kill all the process that are currently using a specific program. We can use

[root@vx111a test]# fuser top.sh
top.sh: 4158

[root@vx111a test]# ps ux | grep top
root 4158 0.0 0.0 4576 1000 pts/1 S+ 16:30 0:00 /bin/bash ./top.sh
root 4180 0.0 0.0 4016 688 pts/2 S+ 16:31 0:00 grep top

There is another top.sh process running

USER interactively kill the process. This can be done by using

fuser -v -k -i top.sh

This will show all the process that are currently using the top.sh and asks whether to kill that process or not.

fuser -v -k -i top.sh

This will show all the process that are currently using the top.sh and asks whether to kill that process or not.

The '-k' with fuser sends a SIGKILL signal to the processes using that particular file or executable. We can use the option -SIGNAL to send any other signal. The list of signals supported by fuser is given by:

$ fuser -l
HUP INT QUIT ILL TRAP ABRT IOT BUS FPE KILL USR1 SEGV USR2 PIPE ALRM TERM
To list the process numbers of local processes using the /etc/passwd file, enter:
fuser /etc/passwd

To list the process numbers and user login names of processes usdana","sans-serif"; font-size: 9.0pt; line-height: 115%; mso-bidi-font-size: 11.0pt;">$ fuser -v -k -STOP -i ./

Some More Examples

To list the process numbers of local processes using the /etc/passwd file, enter:
fuser /etc/passwd

To list the process numbers and user login names of processes using the /etc/filesystems file, enter:
fuser -u /etc/filesystems


To list all processes that are using a file which has been deleted from a given file system, enter:
fuser -d /usr
fuser -kxuc /home

Either command lists the process number and user name, and then terminates each process that is using the /dev/hd1 (/home) file system. Only the root user can terminate processes that belong to another user. You might want to use this command if you are trying to unmount the /dev/hd1 file system and a process that is accessing the /dev/hd1 file system prevents this.

To list all processes that are using a file which has been deleted from a given file system, enter:
fuser -d /usr

Display Information about multiple files
fuser -a top.sh sam

Show what PID is listening on the Specified Port
fuser -v 7080/tcp

kill a process when knowing only the port where the process is running
fuser -k

Display which user run process from given port name
localhost:root-~ $ /sbin/fuser -nu tcp 7080
7080/tcp: 13077(root)


Find out what is listening on a series of ports
localhost:root-~ $ /sbin/fuser -n tcp {7000..8000}
7080/tcp: 13077
7443/tcp: 13077
7444/tcp: 13077
7445/tcp: 13077

list and kill any processes currently using a File System
fuser -vmk /sam

determine if tcp port is open
fuser -n tcp -s 7080 && echo "open"


More To Come , Happy learning :-)
Read More