Finding running processes - use the right tool for the job!

Wednesday, September 23 2009 @ 05:50 PM BST

Contributed by: robin

So, you want a list of sshd processes you have running? Chances are, most people would do this:

# ps -ef | grep sshd
root      3223     1  0 Sep18 ?        00:00:00 /usr/sbin/sshd
root      9771  3223  0 17:27 ?        00:00:00 sshd: root@pts/2 
root      9837  9773  0 17:28 pts/2    00:00:00 grep sshd

You might even be clever enough to lose the grep process by doing something like:

# ps -ef | grep '[s]shd'
root      3223     1  0 Sep18 ?        00:00:00 /usr/sbin/sshd
root      9771  3223  0 17:27 ?        00:00:00 sshd: root@pts/2

Suppose you're only interested in child processes, ie. you want to ignore the /usr/bin/sshd process spawned by init. Hmmm, gets a bit tricky... Something like this should do it:

# ps -ef | grep '[s]shd' | grep @pts
root      9771  3223  0 17:27 ?        00:00:00 sshd: root@pts/2

Now, let's reduce that to a list of process Ids so we can send a signal to them:

# ps -ef | grep '[s]shd' | grep @pts | awk '{print $2}'
9771

But, this is all getting a bit long-winded. You're using the wrong tool for the job. Enter: pgrep

# pgrep -f sshd:
9771

What if you want a full process listing? Simple: pass the list of process Ids from pgrep to ps:

ps -fp $(pgrep -d, -f sshd:)
UID        PID  PPID  C STIME TTY          TIME CMD
root      9771  3223  0 17:27 ?        00:00:00 sshd: root@pts/2

For the full process listing it's arguable which is the best approach, but that's sort of the point I'm making. You can use either approach depending on the job in hand.

Comments (0)


robinbowes.com
http://robinbowes.com/article.php/20090923175056633