A process is a running instance of a program. Each has its own virtual address space, set of file descriptors, working directory, environment variables, and other execution context. Processes are isolated from each other by the kernel: one process cannot read another's memory or files without explicit permission. They communicate through files, pipes, sockets, signals, and shared memory.
Every process has a numeric PID (process identifier), a PPID (parent PID), real and effective UIDs and GIDs, and a state (running, sleeping, stopped, zombie). The init process (PID 1) is the ancestor of all others; any process whose parent dies is reparented to init (or a subreaper).
ps aux # all processes
ps -ef # alternative format
pstree # tree view
top # live view
htop # friendlier live view
pgrep nginx # find by name
kill $(pgrep nginx) # signal them
Processes are created by fork (which duplicates the current process) and exec (which replaces the current program with a new one); daemons typically fork and then exec a new program. This two-step design is peculiarly Unix and gives the shell its flexibility: it can manipulate file descriptors between fork and exec to set up pipelines and redirections.
Discussed in:
- Chapter 10: Processes and Job Control — What a Process Is
Also defined in: Textbook of Linux