A pseudo filesystem that acts as an interface to the kernel. It gives us real-time access to stats as well as the abality to change some tuneables.
# watch stat /proc/cpuinfo
We all stand on the shoulders of giants.https://www.kernel.org/doc/Documentation/filesystems/proc.txt
Lets find out about it.
/proc/cmdline shows us arguments passed to the kernel at boot time.
/proc/cpuinfo can show you the cpu(s) on the system.
Useful When: You need to see the flags your CPU offers up i.e. Can we do virtualization?
For each process there is a directory under /proc that corresponds to the processes PID.
This file contains the command line for the process.
Useful When: A process looks suspicious in the output of common tools.
This file contains the processes environment variables.
Useful When: You think environment variables might not be passed or available.
This directory contains symbolic links to open files.
Useful When: You need to see if a file is being used or need to attempt to recover a file.
These files report on a processes memory usage.
Both stat and status give the status of the process with status being a bit more human readable.
These files determine how likely it is a process will be killed off by OOM-Killer (Out-of-Memory Killer)
oom_adj is one of the files we can adjust per-process from the range of -1000 to 1000 with the lower numbers being the lest likely to be killed off.
# pgrep -uroot httpd
# pidof httpd
# cat /proc/self/cmdline
# cat /proc/$$/cmdline
Files under /proc/sys are unique because they expose the kernel variables which are tunable
# sysctl -a kernel.sched_child_runs_first = 0 kernel.sched_min_granularity_ns = 1000000 kernel.sched_latency_ns = 5000000 kernel.sched_wakeup_granularity_ns = 1000000 kernel.sched_tunable_scaling = 1 kernel.sched_features = 3183 kernel.sched_migration_cost = 500000 kernel.sched_nr_migrate = 32 kernel.sched_time_avg = 1000 kernel.sched_shares_window = 10000000 kernel.timer_migration = 1 kernel.sched_rt_period_us = 1000000 kernel.sched_rt_runtime_us = 950000 kernel.sched_compat_yield = 0 kernel.sched_rr_timeslice_ms = 100 kernel.sched_autogroup_enabled = 0 kernel.sched_cfs_bandwidth_slice_us = 5000 kernel.panic = 0 ...
A kernel tunable
net.ipv4.icmp_echo_ignore_all = 1
A kernel tunable
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
sysctl -a | grep icmp_echo_ignore_all >> /etc/sysctl.conf
You are working away on a configuration and accidently delete a number of open log files currently in use.
Idea: Use strace to deconstruct common programs reading from /proc. Use the information to re-build common tools.
Alex Juarez is a Principal Engineer at Rackspace, touting 8 years with the company. Alex enjoys all things Linux, especially training and mentoring others, and is incredibly qualified to do so as an RHCA/RHCI. When Alex isn't helping others he's crafting killer cocktails and finding the best spots to grub in San Antonio.Thanks @jilljubs