linux id命令
linux下用id命令显示为 uid=1001(user) gid=100(users) groups=100(users),16(dialout),33(video)
id命令显示的是当前用户的uid、gid等的相关信息。uid是Linux中对用户的唯一标识,这条命中的
uid=1001(user)标识你当前登陆的用户是user1,它的uid是1001; gid=100(users)表示它的首要组是users组,这个组的gid是100;groups=100(users),16(dialout),33(video) 表示它的附属组是dialout,video。
Linux 的帐号与群组--使用者识别: UID 与 GID
Linux 的帐号与群组
管理员的工作中,相当重要的一环就是‘管理帐号’啦!因为整个系统都是你在 管理的,并且所有的一般用户的申请,都必须要透过你的协助才行!所以你就必须要瞭解一下如何管理好一个网站的帐号管理啦! 在管理 Linux 主机的帐号时,我们必须先来瞭解一下 Linux 到底是如何辨别每一个使用者的!
使用者识别: UID 与 GID
虽然我们登入 Linux 主机的时候,输入的是我们的帐号,但是,其实 Linux 主机并不会直接认识你的‘帐号名称’的,他仅认识 ID 啊~ID 就是一组号码啦~ 主机对于数字比较有概念的,帐号只是为了让人们容易记忆而已。 而您的 ID 与帐号的对应就在 /etc/passwd 当中哩。
Tips:
如果你曾经以 tarball 安装过软体的话,那么应该不难发现,在解压缩之后的档案, 档案拥有者竟然是‘不明的数字’?奇怪吧?这没什么好奇怪的,因为 Linux 说实在话,他真的只认识代表你身份的号码而已!
那么到底有几种 ID 呢?还记得我们在‘档案属性与目录配置’ 那一篇文章的时候有提到每一个档案都具有‘拥有人与拥有群组’的属性吗?没错啦~每个登入的使用者至少都会取得两个 ID ,一个是使用者 ID (User ID ,简称 UID)、 一个是群组 ID (Group ID ,简称 GID)。
那么档案如何判别他的拥有者与群组呢?其实就是利用 UID 与 GID 啦! 每一个档案都会有所谓的拥有者 ID 与拥有群组 ID ,亦即是 UID 与 GID , 然后系统会依据 /etc/passwd 的内容,去将该档案的拥有者与群组名称,使用帐号的形式来秀出来!我们可以作个小实验,你可以以 root 的身份 vi /etc/passwd ,然后将你的一般身份的使用者的 ID 随便改一个号码, 然后再到你的一般身份的目录下看看原先该帐号拥有的档案,你会发现该档案的拥有人变成了 ‘数字了’呵呵!这样可以理解了吗?
[root@linux ~]# vi /etc/passwd
.....(前面省略).....
dmtsai:x:501:501::/home/dmtsai:/bin/bash <==将原本的 501:501 改成 3000:501
[root@linux ~]# ls -ld /home/
drwxr-xr-x 3 501 dmtsai 4096 Aug 30 10:37 dmtsai
# 瞧!这里就能够知道,其实档案记录的是 UID 啦~
你一定要瞭解的是,上面的例子仅是在说明 UID 与帐号的对应性, 在一部正常运作的 Linux 主机环境下,上面的动作不可随便进行,这是因为系统上已经有很多的资料在运行了,随意修改系统上某些帐号的 UID 很可能会导致某些程序无法进行,这将导致系统无法顺利运作的结果。因为权限的问题啊!所以,瞭解了之后,请赶快回到 /etc/passwd 里面,将数字改回来喔!
# 如何登入 Linux 取得 UID/GID
好了,那么我们再来谈一谈,到底我们是怎样登入 Linux 主机的呢?其实也不难啦!当我们在主机前面或者是以 telnet 或者 ssh 登入主机时,系统会出现一个 login 的画面让你输入帐号,这个时候当你输入帐号与密码之后, Linux 会:
1. 先找寻 /etc/passwd 里面是否有这个帐号?如果没有则跳出,如果有的话则将该帐号对应的 UID ( User ID )与 GID ( Group ID )读出来,另外,该帐号的家目录与 shell 设定也一并读出;
2. 再来则是核对密码表啦!这时 Linux 会进入 /etc/shadow 里面找出对应的帐号与 UID,然后核对一下你刚刚输入的密码与里头的密码是否相符?
3. 如果一切都 OK 的话,就进入 Shell 控管的阶段啰!
大致上的情况就像这样,所以呢,当你要登入你的 Linux 主机的时候,那个 /etc/passwd 与 /etc/shadow 就必须要让系统读取啦,(这也是很多攻击者会将特殊帐号写到 /etc/passwd 里头去的缘故!)所以呢,如果你要备份 Linux 的系统的帐号的话, 那么这两个档案就一定需要备份才行呦!
详细介绍Linux /etc/group文件
Linux /etc/group文件是有关用户组管理的一个文件,系统管理员对用户组进行管理时所有的修改都会涉及到这个文件。
AD:
Linux /etc/group文件与/etc/passwd和/etc/shadow文件都是有关于系统管理员对用户和用户组管理时相关的文件,Linux /etc/group文件相对另外两个文件内容相对较少,这里对这一文件进行以下分析。
用户组的所有信息都存放在/etc/group文件中
将用户分组是Linux系统中对用户进行管理及控制访问权限的一种手段。每个用户都属于某个用户组;一个组中可以有多个用户,一个用户也可以属于不 同的组。当一个用户同时是多个组中的成员时,在/etc/passwd文件中记录的是用户所属的主组,也就是登录时所属的默认组,而其他组称为附加组。
用户要访问属于附加组的文件时,必须首先使用newgrp命令使自己成为所要访问的组中的成员。用户组的所有信息都存放在/etc/group文件中。此文件的格式也类似于/etc/passwd文件,由冒号(:)隔开若干个字段,这些字段有:
组名:口令:组标识号:组内用户列表
1)“组名”是用户组的名称,由字母或数字构成。与/etc/passwd中的登录名一样,组名不应重复。
2)“口令”字段存放的是用户组加密后的口令字。一般Linux系统的用户组都没有口令,即这个字段一般为空,或者是*。
3)“组标识号”与用户标识号类似,也是一个整数,被系统内部用来标识组。
4)“组内用户列表”是属于这个组的所有用户的列表/b],不同用户之间用逗号(,)分隔。这个用户组可能是用户的主组,也可能是附加组。
/etc/group文件的一个例子如下:
- #cat/etc/group
- root::0:root
- bin::2:root,bin
- sys::3:root,uucp
- adm::4:root,adm
- daemon::5:root,daemon
- lp::7:root,lp
- users::20:root,sam[/code:1:aca506e246]
【编辑推荐】
详细解析Linux /etc/passwd文件
Linux系统管理员对用户管理可能会涉及到一些文件其中Linux /etc/passwd文件就是经常会接触到的文件,管理员应该弄清楚这个文件。
AD:
在Linux /etc/passwd文件中每个用户都有一个对应的记录行,它记录了这个用户的一些基本属性。系统管理员经常会接触到这个文件的修改以完成对用户的管理工作。这个文件对所有用户都是可读的。但是Linux /etc/passwd文件中都有些什么内容呢?
它的内容类似下面的例子:
#cat/etc/passwd
root:x:0:0:Superuser:/:
daemon:x:1:1:Systemdaemons:/etc:
bin:x:2:2:Ownerofsystemcommands:/bin:
sys:x:3:3:Ownerofsystemfiles:/usr/sys:
adm:x:4:4:Systemaccounting:/usr/adm:
uucp:x:5:5:UUCPadministrator:/usr/lib/uucp:
auth:x:7:21:Authenticationadministrator:/tcb/files/auth:
cron:x:9:16:Crondaemon:/usr/spool/cron:
listen:x:37:4:Networkdaemon:/usr/net/nls:
lp:x:71:18:Printeradministrator:/usr/spool/lp:
sam:x:200:50:Samsan:/usr/sam:/bin/sh
从上面的例子我们可以看到,/etc/passwd中一行记录对应着一个用户,每行记录又被冒号(:)分隔为7个字段,其格式和具体含义如下:
用户名:口令:用户标识号:组标识号:注释性描述:主目录:登录Shell
“用户名”是代表用户账号的字符串。通常长度不超过8个字符,并且由大小写字母和/或数字组成。登录名中不能有冒号(:),因为冒号在这里是分隔符。为了兼容起见,登录名中最好不要包含点字符(.),并且不使用连字符(-)和加号(+)打头。
“口
令”一些系统中,存放着加密后的用户口令字。虽然这个字段存放的只是用户口令的加密串,不是明文,但是由于/etc/passwd文件对所有用户都可读,
所以这仍是一个安全隐患。因此,现在许多Linux系统(如SVR4)都使用了shadow技术,把真正的加密后的用户口令字存放到/etc
/shadow文件中,而在/etc/passwd文件的口令字段中只存放一个特殊的字符,例如“x”或者“*”。
“用户标识号”是一个整数,系统内部用它来标识用户。一般情况下它与用户名是一一对应的。如果几个用户名对应的用户标识号是一样的,系统内部将把它们视为同一个用户,但是它们可以有不同的口令、不同的主目录以及不同的登录Shell等。
通常用户标识号的取值范围是0~65535。0是超级用户root的标识号,1~99由系统保留,作为管理账号,普通用户的标识号从100开始。在Linux系统中,这个界限是500。
“组标识号”字段记录的是用户所属的用户组。它对应着/etc/group文件中的一条记录。
“注释性描述”字段记录着用户的一些个人情况,例如用户的真实姓名、电话、地址等,这个字段并没有什么实际的用途。在不同的Linux系统中,这个字段的格式并没有统一。在许多Linux系统中,这个字段存放的是一段任意的注释性描述文字,用做finger命令的输出。
“主
目录”,也就是用户的起始工作目录,它是用户在登录到系统之后所处的目录。在大多数系统中,各用户的主目录都被组织在同一个特定的目录下,而用户主目录的
名称就是该用户的登录名。各用户对自己的主目录有读、写、执行(搜索)权限,其他用户对此目录的访问权限则根据具体情况设置。
用户登录后,要启动
一个进程,负责将用户的操作传给内核,这个进程是用户登录到系统后运行的命令解释器或某个特定的程序,即Shell。Shell是用户与Linux系统之
间的接口。Linux的Shell有许多种,每种都有不同的特点。常用的有
sh(BourneShell),csh(CShell),ksh(KornShell),tcsh(TENEX/TOPS-
20typeCShell),bash(BourneAgainShell)等。系统管理员可以根据系统情况和用户习惯为用户指定某个Shell。如果不
指定Shell,那么系统使用sh为默认的登录Shell,即这个字段的值为/bin/sh。
用户的登录Shell也可以指定为某个特定的程序(此程序不是一个命令解释器)。利用这一特点,我们可以限制用户只能运行指定的应用程序,在该应用程序运行结束后,用户就自动退出了系统。有些Linux系统要求只有那些在系统中登记了的程序才能出现在这个字段中。
系统中有一类用户称为伪用户(psuedousers),这些用户在Linux /etc/passwd文件中也占有一条记录,但是不能登录,因为它们的登录Shell为空。它们的存在主要是方便系统管理,满足相应的系统进程对文件属主的要求。常见的伪用户如下所示。
伪用户含义
bin拥有可执行的用户命令文件
sys拥有系统文件
adm拥有帐户文件
uucpUUCP使用
lplp或lpd子系统使用
nobodyNFS使用
拥有帐户文件
除了上面列出的伪用户外,还有许多标准的伪用户,例如:audit,cron,mail,usenet等,它们也都各自为相关的进程和文件所需要。
由
于Linux
/etc/passwd文件是所有用户都可读的,如果用户的密码太简单或规律比较明显的话,一台普通的计算机就能够很容易地将它破解,因此对安全性要求较
高的Linux系统都把加密后的口令字分离出来,单独存放在一个文件中,这个文件是/etc/shadow文件。只有超级用户才拥有该文件读权限,这就保
证了用户密码的安全性。
【编辑推荐】
cat /proc/524/status
/proc/pid/status解释
分类: LINUX
State: S (sleeping) /*进程的状态信息,具体参见http://blog.chinaunix.net/u2/73528/showart_1106510.html*/
Tgid: 9744 /*线程组号*/
Pid: 9744 /*进程pid*/
PPid: 7672 /*父进程的pid*/
TracerPid: 0 /*跟踪进程的pid*/
Uid: 1000 1000 1000 1000 /*uid euid suid fsuid*/
Gid: 1000 1000 1000 1000 /*gid egid sgid fsgid*/
FDSize: 256 /*文件描述符的最大个数,file->fds*/
Groups: 0 4 20 24 25 29 30 44 46 107 109 115 124 1000 /*启动该进程的用户所属的组的id*/
VmPeak: 60184 kB /*进程地址空间的大小*/
VmSize: 60180 kB /*进程虚拟地址空间的大小reserved_vm:进程在预留或特殊的内存间的物理页*/
VmLck: 0 kB /*进程已经锁住的物理内存的大小.锁住的物理内存不能交换到硬盘*/
VmHWM: 18020 kB /*文件内存映射和匿名内存映射的大小*/
VmRSS: 18020 kB /*应用程序正在使用的物理内存的大小,就是用ps命令的参数rss的值 (rss)*/
VmData: 12240 kB /*程序数据段的大小(所占虚拟内存的大小),存放初始化了的数据*/
VmStk: 84 kB /*进程在用户态的栈的大小*/
VmExe: 576 kB /*程序所拥有的可执行虚拟内存的大小,代码段,不包括任务使用的库 */
VmLib: 21072 kB /*被映像到任务的虚拟内存空间的库的大小*/
VmPTE: 56 kB /*该进程的所有页表的大小*/
Threads: 1 /*共享使用该信号描述符的任务的个数*/
SigQ: 0/8183 /*待处理信号的个数/目前最大可以处理的信号的个数*/
SigPnd: 0000000000000000 /*屏蔽位,存储了该线程的待处理信号*/
ShdPnd: 0000000000000000 /*屏蔽位,存储了该线程组的待处理信号*/
SigBlk: 0000000000000000 /*存放被阻塞的信号*/
SigIgn: 0000000000001000 /*存放被忽略的信号*/
SigCgt: 0000000180000000 /*存放被俘获到的信号*/
CapInh: 0000000000000000 /*能被当前进程执行的程序的继承的能力*/
CapPrm: 0000000000000000 /*进程能够使用的能力,可以包含CapEff中没有的能力,这些能力是被进程自己临时放弃的*/
CapEff: 0000000000000000 /*是CapPrm的一个子集,进程放弃没有必要的能力有利于提高安全性*/
Cpus_allowed: 01 /*可以执行该进程的CPU掩码集*/
Mems_allowed: 1 /**/
voluntary_ctxt_switches: 1241 /*进程主动切换的次数*/
nonvoluntary_ctxt_switches: 717 /*进程被动切换的次数*/
Name: cat
State: R (running)
SleepAVG: 88%
Tgid: 5783
Pid: 5783
PPid: 5742
TracerPid: 0
Uid: 0 0 0 0
Gid: 0 0 0 0
FDSize: 256
Groups: 0 1 2 3 4 6 10
VmSize: 6588 kB
VmLck: 0 kB
VmRSS: 400 kB
VmData: 144 kB
VmStk: 2040 kB
VmExe: 14 kB
VmLib: 1250 kB
StaBrk: 0804e000 kB
Brk: 088df000 kB
StaStk: bfe03270 kB
ExecLim: 0804c000
Threads: 1
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000000000
SigCgt: 0000000000000000
CapInh: 0000000000000000
CapPrm: 00000000fffffeff
CapEff: 00000000fffffeff
输出解释
参数 解释
Name 应用程序或命令的名字
State 任务的状态,运行/睡眠/僵死/
SleepAVG 任务的平均等待时间(以nanosecond为单位),交互式任务因为休眠次数多、时间长,它们的 sleep_avg 也会相应地更大一些,所以计算出来的优先级也会相应高一些。
Tgid 线程组号
Pid 任务ID
Ppid 父进程ID
TracerPid 接收跟踪该进程信息的进程的ID号
Uid Uid euid suid fsuid
Gid Gid egid sgid fsgid
FDSize 文件描述符的最大个数,file->fds
Groups
VmSize(KB) 任务虚拟地址空间的大小 (total_vm-reserved_vm),其中total_vm为进程的地址空间的大小,reserved_vm:进程在预留或特殊的内存间的物理页
VmLck(KB) 任务已经锁住的物理内存的大小。锁住的物理内存不能交换到硬盘 (locked_vm)
VmRSS(KB) 应用程序正在使用的物理内存的大小,就是用ps命令的参数rss的值 (rss)
VmData(KB) 程序数据段的大小(所占虚拟内存的大小),存放初始化了的数据; (total_vm-shared_vm-stack_vm)
VmStk(KB) 任务在用户态的栈的大小 (stack_vm)
VmExe(KB) 程序所拥有的可执行虚拟内存的大小,代码段,不包括任务使用的库 (end_code-start_code)
VmLib(KB) 被映像到任务的虚拟内存空间的库的大小 (exec_lib)
VmPTE 该进程的所有页表的大小,单位:kb
Threads 共享使用该信号描述符的任务的个数,在POSIX多线程序应用程序中,线程组中的所有线程使用同一个信号描述符。
SigQ 待处理信号的个数
SigPnd 屏蔽位,存储了该线程的待处理信号
ShdPnd 屏蔽位,存储了该线程组的待处理信号
SigBlk 存放被阻塞的信号
SigIgn 存放被忽略的信号
SigCgt 存放被俘获到的信号
CapInh Inheritable,能被当前进程执行的程序的继承的能力
CapPrm Permitted,进程能够使用的能力,可以包含CapEff中没有的能力,这些能力是被进程自己临时放弃的,CapEff是CapPrm的一个子集,进程放弃没有必要的能力有利于提高安全性
CapEff Effective,进程的有效能力
# cat /proc/520/status
Name: otvwebkit
State: S (sleeping)
Tgid: 520
Pid: 520
PPid: 517
TracerPid: 0
Uid: 6707 6707 6707 6707
Gid: 6001 6001 6001 6001
FDSize: 256
Groups: 0 5000 5001 5002 5004 5006 5009 5010 5018 5025 5032 5032 5202 5502 5504
VmPeak: 348064 kB
VmSize: 173748 kB
VmLck: 0 kB
VmPin: 0 kB
VmHWM: 36072 kB
VmRSS: 28364 kB
VmData: 63536 kB
VmStk: 168 kB
VmExe: 60 kB
VmLib: 69464 kB
VmPTE: 312 kB
VmSwap: 0 kB
Threads: 15
SigQ: 0/4732
SigPnd: 00000000000000000000000000000000
ShdPnd: 00000000000000000000000000000000
SigBlk: 040000000000000000000000600046bf
SigIgn: 00000000000000000000000000001000
SigCgt: 00000000000000000000000180004000
CapInh: 00000000012431ea
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: ffffffffff9fcff5
Cpus_allowed: 3
Cpus_allowed_list: 0-1
Mems_allowed: 1
Mems_allowed_list: 0
voluntary_ctxt_switches: 1062
nonvoluntary_ctxt_switches: 8138
Linux下/proc目录简介
1. /proc目录
Linux 内核提供了一种通过 /proc 文件系统,在运行时访问内核内部数据结构、改变内核设置的机制。proc文件系统是一个伪文件系统,它只存在内存当中,而不占用外存空间。它以文件系统的方式为访问系统内核数据的操作提供接口。
用户和应用程序可以通过 proc得到系统的信息,并可以改变内核的某些参数。由于系统的信息,如进程,是动态改变的,所以用户或应用程序读取proc文件时,proc文件系统是 动态从系统内核读出所需信息并提交的。下面列出的这些文件或子文件夹,并不是都是在你的系统中存在,这取决于你的内核配置和装载的模块。另外,在 /proc下还有三个很重要的目录:net,scsi和sys。 Sys目录是可写的,可以通过它来访问或修改内核的参数,而net和scsi则依赖于内核配置。例如,如果系统不支持scsi,则scsi 目录不存在。
除了以上介绍的这些,还有的是一些以数字命名的目录,它们是进程目录。系统中当前运行的每一个进程都有对应的一个目录在/proc下,以进程的 PID号为目录名,它们是读取进程信息的接口。而self目录则是读取进程本身的信息接口,是一个link。
2. 子文件或子文件夹
/proc/buddyinfo 每个内存区中的每个order有多少块可用,和内存碎片问题有关
/proc/cmdline 启动时传递给kernel的参数信息
/proc/cpuinfo cpu的信息
/proc/crypto 内核使用的所有已安装的加密密码及细节
/proc/devices 已经加载的设备并分类
/proc/dma 已注册使用的ISA DMA频道列表
/proc/execdomains Linux内核当前支持的execution domains
/proc/fb 帧缓冲设备列表,包括数量和控制它的驱动
/proc/filesystems 内核当前支持的文件系统类型
/proc/interrupts x86架构中的每个IRQ中断数
/proc/iomem 每个物理设备当前在系统内存中的映射
/proc/ioports 一个设备的输入输出所使用的注册端口范围
/proc/kcore 代表系统的物理内存,存储为核心文件格式,里边显示的是字节数,等于RAM大小加上4kb
/proc/kmsg 记录内核生成的信息,可以通过/sbin/klogd或/bin/dmesg来处理
/proc/loadavg 根据过去一段时间内CPU和IO的状态得出的负载状态,与uptime命令有关
/proc/locks 内核锁住的文件列表
/proc/mdstat 多硬盘,RAID配置信息(md=multiple disks)
/proc/meminfo RAM使用的相关信息
/proc/misc 其他的主要设备(设备号为10)上注册的驱动
/proc/modules 所有加载到内核的模块列表
/proc/mounts 系统中使用的所有挂载
/proc/mtrr 系统使用的Memory Type Range Registers (MTRRs)
/proc/partitions 分区中的块分配信息
/proc/pci 系统中的PCI设备列表
/proc/slabinfo 系统中所有活动的 slab 缓存信息
/proc/stat 所有的CPU活动信息
/proc/sysrq-trigger 使用echo命令来写这个文件的时候,远程root用户可以执行大多数的系统请求关键命令,就好像在本地终端执行一样。要写入这个文件,需要把/proc /sys/kernel/sysrq不能设置为0。这个文件对root也是不可读的
/proc/uptime 系统已经运行了多久
/proc/swaps 交换空间的使用情况
/proc/version Linux内核版本和gcc版本
/proc/bus 系统总线(Bus)信息,例如pci/usb等
/proc/driver 驱动信息
/proc/fs 文件系统信息
/proc/ide ide设备信息
/proc/irq 中断请求设备信息
/proc/net 网卡设备信息
/proc/scsi scsi设备信息
/proc/tty tty设备信息
/proc/net/dev 显示网络适配器及统计信息
/proc/vmstat 虚拟内存统计信息
/proc/vmcore 内核panic时的内存映像
/proc/diskstats 取得磁盘信息
/proc/schedstat kernel调度器的统计信息
/proc/zoneinfo 显示内存空间的统计信息,对分析虚拟内存行为很有用
以下是/proc目录中进程N的信息
/proc/N pid为N的进程信息
/proc/N/cmdline 进程启动命令
/proc/N/cwd 链接到进程当前工作目录
/proc/N/environ 进程环境变量列表
/proc/N/exe 链接到进程的执行命令文件
/proc/N/fd 包含进程相关的所有的文件描述符
/proc/N/maps 与进程相关的内存映射信息
/proc/N/mem 指代进程持有的内存,不可读
/proc/N/root 链接到进程的根目录
/proc/N/stat 进程的状态
/proc/N/statm 进程使用的内存的状态
/proc/N/status 进程状态信息,比stat/statm更具可读性
/proc/self 链接到当前正在运行的进程
3. 例子
3.1 /proc/
yafang@QA:~$ ls /proc/
1 16819 21242 2180 2494 8768 interrupts partitions
116 16820 21244 2181 2524 885 iomem sched_debug
11740 17901 21245 21810 2525 acpi ioports scsi
11742 17903 21247 21812 3 asound irq self
11743 17904 2131 21813 39 buddyinfo kallsyms slabinfo
13452 18362 21319 21923 4 bus kcore stat
13454 18364 2132 2193 41 cgroups key-users swaps
13455 18365 2139 21933 42 cmdline kmsg sys
149 19451 2142 2209 5 cpuinfo kpagecount sysrq-trigger
150 19453 21572 2212 5330 crypto kpageflags sysvipc
151 19454 21574 2219 596 devices loadavg timer_list
152 2 21575 2243 597 diskstats locks timer_stats
15771 2083 2158 2260 6 dma meminfo tty
15773 2092 21625 2261 617 driver misc uptime
15774 2101 21627 2262 619 execdomains modules version
16232 21112 21628 2263 7 fb mounts vmallocinfo
16234 21115 2165 2264 804 filesystems mtrr vmstat
16235 21116 2167 2265 8765 fs net zoneinfo
16811 2112 2177 2338 8767 ide pagetypeinfo
3.2 /proc/sys
系统信息和内核参数
yafang@QA:~$ ls /proc/sys
debug dev fs kernel net vm
3.3 /proc/net
网卡设备信息
yafang@QA:~$ ls /proc/net
anycast6 ip6_flowlabel netfilter raw6 sockstat6 udplite
arp ip6_mr_cache netlink route softnet_stat udplite6
dev ip6_mr_vif netstat rt6_stats stat unix
dev_mcast ip_mr_cache packet rt_acct tcp vlan
dev_snmp6 ip_mr_vif protocols rt_cache tcp6 wireless
if_inet6 ipv6_route psched snmp tr_rif
igmp mcfilter ptype snmp6 udp
igmp6 mcfilter6 raw sockstat udp6
3.4 /proc/scsi
SCSI设备信息
yafang@QA:~$ ls /proc/scsi
device_info scsi
3.5 /proc/modules
所有加载到内核的模块列表
root@BDSP-A-2-1-2:~# cat /proc/modules
bdspboard 8486 2 dspcontrol, Live 0xe134c000
dspcontrol 9575 1 clkmon, Live 0xe135b000
clkmon 6765 1 - Live 0xe136c000
diagint 6635 1 - Live 0xe1379000
bdsprio 10775 2 srioif,tsi577, Live 0xe9389000
tsi577 17998 1 srioif, Live 0xe939e000
srioif 7329 0 - Live 0xe93b2000
linux_kernel_bde 54666 1 linux_user_bde, Live 0xf1417000 (P)
linux_user_bde 17849 0 - Live 0xf1427000 (P)
3.6 /proc/devices
已经加载的设备并分类
root@BCNMB-A:~# cat /proc/devices
Character devices:
1 mem
2 pty
3 ttyp
4 /dev/vc/0
4 tty
4 ttyS
5 /dev/tty
5 /dev/console
5 /dev/ptmx
7 vcs
10 misc
13 input
89 i2c
90 mtd
116 linux-user-bde2
117 linux-kernel-bde2
126 linux-user-bde
127 linux-kernel-bde
128 ptm
136 pts
180 usb
189 usb_device
245 ext_alarm
251 ipmidev
252 usb_endpoint
253 usbmon
254 rtc
Block devices:
1 ramdisk
8 sd
31 mtdblock
65 sd
66 sd
67 sd
68 sd
69 sd
70 sd
71 sd
128 sd
129 sd
130 sd
131 sd
132 sd
133 sd
134 sd
135 sd
root@BCNMB-A:~#
3.7 /proc/partitions
分区中的块分配信息
root@BDSP-A-2-1-2:~# cat /proc/partitions
major minor #blocks name
31 0 512 mtdblock0
31 1 512 mtdblock1
31 2 123904 mtdblock2
31 3 4096 mtdblock3
31 4 1024 mtdblock4
31 5 1024 mtdblock5
31 6 512 mtdblock6
31 7 512 mtdblock7
31 8 123904 mtdblock8
31 9 4096 mtdblock9
31 10 1024 mtdblock10
31 11 1024 mtdblock11
31 12 1048576 mtdblock12
3.8 /proc/version
Linux内核版本和gcc版本
root@BDSP-A-2-1-2:~# cat /proc/version
Linux version 2.6.34.6-WR4.0.0.0_standard (satomi@CharlieBrown) (gcc version 4.4.1 (Wind River Linux Sourcery G++ 4.4-291) ) #1 SMP PREEMPT Fri Nov 26 16:07:47 CST 2010
3.9 /proc/sys/fs/file-max
该文件指定了可以分配的文件句柄的最大数目。如果用户得到的错误消息声明由于打开文件数已经达到了最大值,从而他们不能打开更多文件,则可能需要增加该值。可将这个值设置成有任意多个文件,并且能通过将一个新数字值写入该文件来更改该值。默认设置时4096。
改变内核的参数,用vi编辑或echo参数重定向到文件中。
# cat /proc/sys/fs/file-max
4096
# echo 8192 > /proc/sys/fs/file-max
# cat /proc/sys/fs/file-max
8192
如果优化了参数,则可以把它们写成添加到文件rc.local中,使它在系统启动时自动完成修改。
proc(5) - Linux man page
Name
proc - process information pseudo-file system
Description
The proc file system is a pseudo-file system which is used as an interface to kernel data structures. It is commonly mounted at /proc. Most of it is read-only, but some files allow kernel variables to be changed.
The following outline gives a quick tour through the /proc hierarchy.
- /proc/[pid]
- There is a numerical subdirectory for each running process; the subdirectory is named by the process ID. Each such subdirectory contains the following pseudo-files and directories.
- /proc/[pid]/auxv (since 2.6.0-test7)
- This contains the contents of the ELF interpreter information passed to the process at exec time. The format is one unsigned long ID plus one unsigned long value for each entry. The last entry contains two zeros.
- /proc/[pid]/cgroup (since Linux 2.6.24)
- This file describes control groups to which the process/task belongs. For each cgroup hierarchy there is one entry containing colon-separated fields of the form:
5:cpuacct,cpu,cpuset:/daemons
- The colon-separated fields are, from left to right:
- 1.
hierarchy ID number
2.
set of subsystems bound to the hierarchy
3.
control group in the hierarchy to which the process belongs
- This file is only present if the CONFIG_CGROUPS kernel configuration option is enabled.
- /proc/[pid]/cmdline
- This holds the complete command line for the process, unless the process is a zombie. In the latter case, there is nothing in this file: that is, a read on this file will return 0 characters. The command-line arguments appear in this file as a set of strings separated by null bytes ('\0'), with a further null byte after the last string.
- /proc/[pid]/coredump_filter (since kernel 2.6.23)
- See core(5).
- /proc/[pid]/cpuset (since kernel 2.6.12)
- See cpuset(7).
- /proc/[pid]/cwd
- This is a symbolic link to the current working directory of the process. To find out the current working directory of process 20, for instance, you can do this:
-
$ cd /proc/20/cwd; /bin/pwd
- Note that the pwd command is often a shell built-in, and might not work properly. In bash(1), you may use pwd -P.
In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
- /proc/[pid]/environ
- This file contains the environment for the process. The entries are separated by null bytes ('\0'), and there may be a null byte at the end. Thus, to print out the environment of process 1, you would do:
-
$ (cat /proc/1/environ; echo) | tr '\000' '\n'
- /proc/[pid]/exe
- Under Linux 2.2 and later, this file is a symbolic link containing the actual pathname of the executed command. This symbolic link can be dereferenced normally; attempting to open it will open the executable. You can even type /proc/[pid]/exe to run another copy of the same executable as is being run by process [pid]. In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
Under Linux 2.0 and earlier /proc/[pid]/exe is a pointer to the binary which was executed, and appears as a symbolic link. A readlink(2) call on this file under Linux 2.0 returns a string in the format:
[device]:inode
For example, [0301]:1502 would be inode 1502 on device major 03 (IDE, MFM, etc. drives) minor 01 (first partition on the first drive).
find(1) with the -inum option can be used to locate the file.
- /proc/[pid]/fd
- This is a subdirectory containing one entry for each file which the process has open, named by its file descriptor, and which is a symbolic link to the actual file. Thus, 0 is standard input, 1 standard output, 2 standard error, etc.
In a multithreaded process, the contents of this directory are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
Programs that will take a filename as a command-line argument, but will not take input from standard input if no argument is supplied, or that write to a file named as a command-line argument, but will not send their output to standard output if no argument is supplied, can nevertheless be made to use standard input or standard out using /proc/[pid]/fd. For example, assuming that -i is the flag designating an input file and -o is the flag designating an output file:
-
$ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
- and you have a working filter.
/proc/self/fd/N is approximately the same as /dev/fd/N in some UNIX and UNIX-like systems. Most Linux MAKEDEV scripts symbolically link /dev/fd to /proc/self/fd, in fact.
Most systems provide symbolic links /dev/stdin, /dev/stdout, and /dev/stderr, which respectively link to the files 0, 1, and 2 in /proc/self/fd. Thus the example command above could be written as:
-
$ foobar -i /dev/stdin -o /dev/stdout ...
- /proc/[pid]/fdinfo/ (since kernel 2.6.22)
- This is a subdirectory containing one entry for each file which the process has open, named by its file descriptor. The contents of each file can be read to obtain information about the corresponding file descriptor, for example:
-
$ cat /proc/12015/fdinfo/4 pos: 1000 flags: 01002002
- The pos field is a decimal number showing the current file offset. The flags field is an octal number that displays the file access mode and file status flags (see open(2)).
The files in this directory are readable only by the owner of the process.
- /proc/[pid]/limits (since kernel 2.6.24)
- This file displays the soft limit, hard limit, and units of measurement for each of the process's resource limits (see getrlimit(2)). Up to and including Linux 2.6.35, this file is protected to only allow reading by the real UID of the process. Since Linux 2.6.36, this file is readable by all users on the system.
- /proc/[pid]/maps
- A file containing the currently mapped memory regions and their access permissions.
The format is:
address perms offset dev inode pathname 08048000-08056000 r-xp 00000000 03:0c 64593 /usr/sbin/gpm 08056000-08058000 rw-p 0000d000 03:0c 64593 /usr/sbin/gpm 08058000-0805b000 rwxp 00000000 00:00 0 40000000-40013000 r-xp 00000000 03:0c 4165 /lib/ld-2.2.4.so 40013000-40015000 rw-p 00012000 03:0c 4165 /lib/ld-2.2.4.so 4001f000-40135000 r-xp 00000000 03:0c 45494 /lib/libc-2.2.4.so 40135000-4013e000 rw-p 00115000 03:0c 45494 /lib/libc-2.2.4.so 4013e000-40142000 rw-p 00000000 00:00 0 bffff000-c0000000 rwxp 00000000 00:00 0
where "address" is the address space in the process that it occupies, "perms" is a set of permissions:r = read w = write x = execute s = shared p = private (copy on write)
"offset" is the offset into the file/whatever, "dev" is the device (major:minor), and "inode" is the inode on that device. 0 indicates that no inode is associated with the memory region, as the case would be with BSS (uninitialized data).Under Linux 2.0 there is no field giving pathname.
- /proc/[pid]/mem
- This file can be used to access the pages of a process's memory through open(2), read(2), and lseek(2).
- /proc/[pid]/mountinfo (since Linux 2.6.26)
- This file contains information about mount points. It contains lines of the form:
36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue (1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11)
- The numbers in parentheses are labels for the descriptions below:
- (1)
mount ID: unique identifier of the mount (may be reused after umount(2)).
(2)
parent ID: ID of parent mount (or of self for the top of the mount tree).
(3)
major:minor: value of st_dev for files on file system (see stat(2)).
(4)
root: root of the mount within the file system.
(5)
mount point: mount point relative to the process's root.
(6)
mount options: per-mount options.
(7)
optional fields: zero or more fields of the form "tag[:value]".
(8)
separator: marks the end of the optional fields.
(9)
file system type: name of file system in the form "type[.subtype]".
(10)
mount source: file system-specific information or "none".
(11)
super options: per-super block options.
- Parsers should ignore all unrecognized optional fields. Currently the possible optional fields are:
- shared:X
mount is shared in peer group X
master:X
mount is slave to peer group X
propagate_from:X
mount is slave and receives propagation from peer group X (*)
unbindable
mount is unbindable
- (*) X is the closest dominant peer group under the process's root. If X is the immediate master of the mount, or if there is no dominant peer group under the same root, then only the "master:X" field is present and not the "propagate_from:X" field.
For more information on mount propagation see: Documentation/filesystems/sharedsubtree.txt in the Linux kernel source tree.
- /proc/[pid]/mounts (since Linux 2.4.19)
- This is a list of all the file systems currently mounted in the process's mount namespace. The format of this file is documented in fstab(5). Since kernel version 2.6.15, this file is pollable: after opening the file for reading, a change in this file (i.e., a file system mount or unmount) causes select(2) to mark the file descriptor as readable, and poll(2) and epoll_wait(2) mark the file as having an error condition.
- /proc/[pid]/mountstats (since Linux 2.6.17)
- This file exports information (statistics, configuration information) about the mount points in the process's name space. Lines in this file have the form:
device /dev/sda7 mounted on /home with fstype ext3 [statistics] ( 1 ) ( 2 ) (3 ) (4)
- The fields in each line are:
- (1)
The name of the mounted device (or "nodevice" if there is no corresponding device).
(2)
The mount point within the file system tree.
(3)
The file system type.
(4)
Optional statistics and configuration information. Currently (as at Linux 2.6.26), only NFS file systems export information via this field.
- This file is only readable by the owner of the process.
- /proc/[pid]/ns/ (since Linux 3.0)
- This is a subdirectory containing one entry for each namespace that supports being manipulated by setns(2). For information about namespaces, see clone(2).
- /proc/[pid]/ns/ipc (since Linux 3.0)
- Bind mounting this file (see mount(2)) to somewhere else in the filesystem keeps the IPC namespace of the process specified by pid alive even if all processes currently in the namespace terminate.
Opening this file returns a file handle for the IPC namespace of the process specified by pid. As long as this file descriptor remains open, the IPC namespace will remain alive, even if all processes in the namespace terminate. The file descriptor can be passed to setns(2).
- /proc/[pid]/ns/net (since Linux 3.0)
- Bind mounting this file (see mount(2)) to somewhere else in the filesystem keeps the network namespace of the process specified by pid alive even if all processes in the namespace terminate.
Opening this file returns a file handle for the network namespace of the process specified by pid. As long as this file descriptor remains open, the network namespace will remain alive, even if all processes in the namespace terminate. The file descriptor can be passed to setns(2).
- /proc/[pid]/ns/uts (since Linux 3.0)
- Bind mounting this file (see mount(2)) to somewhere else in the filesystem keeps the UTS namespace of the process specified by pid alive even if all processes currently in the namespace terminate.
Opening this file returns a file handle for the UTS namespace of the process specified by pid. As long as this file descriptor remains open, the UTS namespace will remain alive, even if all processes in the namespace terminate. The file descriptor can be passed to setns(2).
- /proc/[pid]/numa_maps (since Linux 2.6.14)
- See numa(7).
- /proc/[pid]/oom_adj (since Linux 2.6.11)
- This file can be used to adjust the score used to select which process should be killed in an out-of-memory (OOM) situation. The kernel uses this value for a bit-shift operation of the process's oom_score value: valid values are in the range -16 to +15, plus the special value -17, which disables OOM-killing altogether for this process. A positive score increases the likelihood of this process being killed by the OOM-killer; a negative score decreases the likelihood.
- The default value for this file is 0; a new process inherits its parent's oom_adj setting. A process must be privileged (CAP_SYS_RESOURCE) to update this file.
Since Linux 2.6.36, use of this file is deprecated in favor of /proc/[pid]/oom_score_adj.
- /proc/[pid]/oom_score (since Linux 2.6.11)
- This file displays the current score that the kernel gives to this process for the purpose of selecting a process for the OOM-killer. A higher score means that the process is more likely to be selected by the OOM-killer. The basis for this score is the amount of memory used by the process, with increases (+) or decreases (-) for factors including:
- *
whether the process creates a lot of children using fork(2) (+);
*
whether the process has been running a long time, or has used a lot of CPU time (-);
*
whether the process has a low nice value (i.e., > 0) (+);
*
whether the process is privileged (-); and
*
whether the process is making direct hardware access (-).
- The oom_score also reflects the adjustment specified by the oom_score_adj or oom_adj setting for the process.
- /proc/[pid]/oom_score_adj (since Linux 2.6.36)
- This file can be used to adjust the badness heuristic used to select which process gets killed in out-of-memory conditions.
The badness heuristic assigns a value to each candidate task ranging from 0 (never kill) to 1000 (always kill) to determine which process is targeted. The units are roughly a proportion along that range of allowed memory the process may allocate from, based on an estimation of its current memory and swap use. For example, if a task is using all allowed memory, its badness score will be 1000. If it is using half of its allowed memory, its score will be 500.
There is an additional factor included in the badness score: root processes are given 3% extra memory over other tasks.
The amount of "allowed" memory depends on the context in which the OOM-killer was called. If it is due to the memory assigned to the allocating task's cpuset being exhausted, the allowed memory represents the set of mems assigned to that cpuset (see cpuset(7)). If it is due to a mempolicy's node(s) being exhausted, the allowed memory represents the set of mempolicy nodes. If it is due to a memory limit (or swap limit) being reached, the allowed memory is that configured limit. Finally, if it is due to the entire system being out of memory, the allowed memory represents all allocatable resources.
The value of oom_score_adj is added to the badness score before it is used to determine which task to kill. Acceptable values range from -1000 (OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX). This allows user space to control the preference for OOM-killing, ranging from always preferring a certain task or completely disabling it from OOM-killing. The lowest possible value, -1000, is equivalent to disabling OOM-killing entirely for that task, since it will always report a badness score of 0.
Consequently, it is very simple for user space to define the amount of memory to consider for each task. Setting a oom_score_adj value of +500, for example, is roughly equivalent to allowing the remainder of tasks sharing the same system, cpuset, mempolicy, or memory controller resources to use at least 50% more memory. A value of -500, on the other hand, would be roughly equivalent to discounting 50% of the task's allowed memory from being considered as scoring against the task.
For backward compatibility with previous kernels, /proc/[pid]/oom_adj can still be used to tune the badness score. Its value is scaled linearly with oom_score_adj.
Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will change the other with its scaled value.
- /proc/[pid]/root
- UNIX and Linux support the idea of a per-process root of the file system, set by the chroot(2) system call. This file is a symbolic link that points to the process's root directory, and behaves as exe, fd/*, etc. do.
In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
- /proc/[pid]/smaps (since Linux 2.6.14)
- This file shows memory consumption for each of the process's mappings. For each of mappings there is a series of lines such as the following:
-
08048000-080bc000 r-xp 00000000 03:02 13130 /bin/bash Size: 464 kB Rss: 424 kB Shared_Clean: 424 kB Shared_Dirty: 0 kB Private_Clean: 0 kB Private_Dirty: 0 kB
- The first of these lines shows the same information as is displayed for the mapping in /proc/[pid]/maps. The remaining lines show the size of the mapping, the amount of the mapping that is currently resident in RAM, the number of clean and dirty shared pages in the mapping, and the number of clean and dirty private pages in the mapping.
This file is only present if the CONFIG_MMU kernel configuration option is enabled.
- /proc/[pid]/stat
- Status information about the process. This is used by ps(1). It is defined in /usr/src/linux/fs/proc/array.c.
The fields, in order, with their proper scanf(3) format specifiers, are:
- pid %d
(1) The process ID.
comm %s
(2) The filename of the executable, in parentheses. This is visible whether or not the executable is swapped out.
state %c
(3) One character from the string "RSDZTW" where R is running, S is sleeping in an interruptible wait, D is waiting in uninterruptible disk sleep, Z is zombie, T is traced or stopped (on a signal), and W is paging.
ppid %d
(4) The PID of the parent.
pgrp %d
(5) The process group ID of the process.
session %d
(6) The session ID of the process.
tty_nr %d
(7) The controlling terminal of the process. (The minor device number is contained in the combination of bits 31 to 20 and 7 to 0; the major device number is in bits 15 to 8.)
tpgid %d
(8) The ID of the foreground process group of the controlling terminal of the process.
- flags %u (%lu before Linux 2.6.22)
(9) The kernel flags word of the process. For bit meanings, see the PF_* defines in the Linux kernel source file include/linux/sched.h. Details depend on the kernel version.
- minflt %lu
(10) The number of minor faults the process has made which have not required loading a memory page from disk.
cminflt %lu
(11) The number of minor faults that the process's waited-for children have made.
majflt %lu
(12) The number of major faults the process has made which have required loading a memory page from disk.
cmajflt %lu
(13) The number of major faults that the process's waited-for children have made.
utime %lu
(14) Amount of time that this process has been scheduled in user mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK)). This includes guest time, guest_time (time spent running a virtual CPU, see below), so that applications that are not aware of the guest time field do not lose that time from their calculations.
stime %lu
(15) Amount of time that this process has been scheduled in kernel mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK)).
cutime %ld
(16) Amount of time that this process's waited-for children have been scheduled in user mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK)). (See also times(2).) This includes guest time, cguest_time (time spent running a virtual CPU, see below).
cstime %ld
(17) Amount of time that this process's waited-for children have been scheduled in kernel mode, measured in clock ticks (divide by sysconf(_SC_CLK_TCK)).
- priority %ld
(18) (Explanation for Linux 2.6) For processes running a real-time scheduling policy (policy below; see sched_setscheduler(2)), this is the negated scheduling priority, minus one; that is, a number in the range -2 to -100, corresponding to real-time priorities 1 to 99. For processes running under a non-real-time scheduling policy, this is the raw nice value (setpriority(2)) as represented in the kernel. The kernel stores nice values as numbers in the range 0 (high) to 39 (low), corresponding to the user-visible nice range of -20 to 19.
Before Linux 2.6, this was a scaled value based on the scheduler weighting given to this process.
- nice %ld
(19) The nice value (see setpriority(2)), a value in the range 19 (low priority) to -20 (high priority).
- num_threads %ld
(20) Number of threads in this process (since Linux 2.6). Before kernel 2.6, this field was hard coded to 0 as a placeholder for an earlier removed field.
- itrealvalue %ld
(21) The time in jiffies before the next SIGALRM is sent to the process due to an interval timer. Since kernel 2.6.17, this field is no longer maintained, and is hard coded as 0.
- starttime %llu (was %lu before Linux 2.6)
(22) The time the process started after system boot. In kernels before Linux 2.6, this value was expressed in jiffies. Since Linux 2.6, the value is expressed in clock ticks (divide by sysconf(_SC_CLK_TCK)).
- vsize %lu
(23) Virtual memory size in bytes.
rss %ld
(24) Resident Set Size: number of pages the process has in real memory. This is just the pages which count toward text, data, or stack space. This does not include pages which have not been demand-loaded in, or which are swapped out.
rsslim %lu
(25) Current soft limit in bytes on the rss of the process; see the description of RLIMIT_RSS in getrlimit(2).
- startcode %lu
(26) The address above which program text can run.
- endcode %lu
(27) The address below which program text can run.
- startstack %lu
(28) The address of the start (i.e., bottom) of the stack.
- kstkesp %lu
(29) The current value of ESP (stack pointer), as found in the kernel stack page for the process.
kstkeip %lu
(30) The current EIP (instruction pointer).
signal %lu
(31) The bitmap of pending signals, displayed as a decimal number. Obsolete, because it does not provide information on real-time signals; use /proc/[pid]/status instead.
blocked %lu
(32) The bitmap of blocked signals, displayed as a decimal number. Obsolete, because it does not provide information on real-time signals; use /proc/[pid]/status instead.
- sigignore %lu
(33) The bitmap of ignored signals, displayed as a decimal number. Obsolete, because it does not provide information on real-time signals; use /proc/[pid]/status instead.
- sigcatch %lu
(34) The bitmap of caught signals, displayed as a decimal number. Obsolete, because it does not provide information on real-time signals; use /proc/[pid]/status instead.
- wchan %lu
(35) This is the "channel" in which the process is waiting. It is the address of a system call, and can be looked up in a namelist if you need a textual name. (If you have an up-to-date /etc/psdatabase, then try ps -l to see the WCHAN field in action.)
nswap %lu
(36) Number of pages swapped (not maintained).
cnswap %lu
(37) Cumulative nswap for child processes (not maintained).
- exit_signal %d (since Linux 2.1.22)
(38) Signal to be sent to parent when we die.
- processor %d (since Linux 2.2.8)
(39) CPU number last executed on.
- rt_priority %u (since Linux 2.5.19; was %lu before Linux 2.6.22)
(40) Real-time scheduling priority, a number in the range 1 to 99 for processes scheduled under a real-time policy, or 0, for non-real-time processes (see sched_setscheduler(2)).
- policy %u (since Linux 2.5.19; was %lu before Linux 2.6.22)
(41) Scheduling policy (see sched_setscheduler(2)). Decode using the SCHED_* constants in linux/sched.h.
- delayacct_blkio_ticks %llu (since Linux 2.6.18)
(42) Aggregated block I/O delays, measured in clock ticks (centiseconds).
- guest_time %lu (since Linux 2.6.24)
(43) Guest time of the process (time spent running a virtual CPU for a guest operating system), measured in clock ticks (divide by sysconf(_SC_CLK_TCK)).
- cguest_time %ld (since Linux 2.6.24)
(44) Guest time of the process's children, measured in clock ticks (divide by sysconf(_SC_CLK_TCK)).
- /proc/[pid]/statm
- Provides information about memory usage, measured in pages. The columns are:
-
size (1) total program size (same as VmSize in /proc/[pid]/status) resident (2) resident set size (same as VmRSS in /proc/[pid]/status) share (3) shared pages (i.e., backed by a file) text (4) text (code) lib (5) library (unused in Linux 2.6) data (6) data + stack dt (7) dirty pages (unused in Linux 2.6) - /proc/[pid]/status
- Provides much of the information in /proc/[pid]/stat and /proc/[pid]/statm in a format that's easier for humans to parse. Here's an example:
-
$ cat /proc/$$/status Name: bash State: S (sleeping) Tgid: 3515 Pid: 3515 PPid: 3452 TracerPid: 0 Uid: 1000 1000 1000 1000 Gid: 100 100 100 100 FDSize: 256 Groups: 16 33 100 VmPeak: 9136 kB VmSize: 7896 kB VmLck: 0 kB VmHWM: 7572 kB VmRSS: 6316 kB VmData: 5224 kB VmStk: 88 kB VmExe: 572 kB VmLib: 1708 kB VmPTE: 20 kB Threads: 1 SigQ: 0/3067 SigPnd: 0000000000000000 ShdPnd: 0000000000000000 SigBlk: 0000000000010000 SigIgn: 0000000000384004 SigCgt: 000000004b813efb CapInh: 0000000000000000 CapPrm: 0000000000000000 CapEff: 0000000000000000 CapBnd: ffffffffffffffff Cpus_allowed: 00000001 Cpus_allowed_list: 0 Mems_allowed: 1 Mems_allowed_list: 0 voluntary_ctxt_switches: 150 nonvoluntary_ctxt_switches: 545
- The fields are as follows:
- *
Name: Command run by this process.
*
State: Current state of the process. One of "R
- (running)", "S (sleeping)", "D (disk sleep)", "T (stopped)", "T (tracing stop)", "Z (zombie)", or "X (dead)".
- *
Tgid: Thread group ID (i.e., Process ID).
*
Pid: Thread ID (see gettid(2)).
*
PPid: PID of parent process.
*
TracerPid: PID of process tracing this process (0 if not being traced).
*
Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs).
- *
FDSize: Number of file descriptor slots currently allocated.
*
Groups: Supplementary group list.
*
VmPeak: Peak virtual memory size.
*
VmSize: Virtual memory size.
*
VmLck: Locked memory size (see mlock(3)).
*
VmHWM: Peak resident set size ("high water mark").
*
VmRSS: Resident set size.
*
VmData, VmStk, VmExe: Size of data, stack, and text segments.
*
VmLib: Shared library code size.
*
VmPTE: Page table entries size (since Linux 2.6.10).
*
Threads: Number of threads in process containing this thread.
*
SigQ: This field contains two slash-separated numbers that relate to queued signals for the real user ID of this process. The first of these is the number of currently queued signals for this real user ID, and the second is the resource limit on the number of queued signals for this process (see the description of RLIMIT_SIGPENDING in getrlimit(2)).
*
SigPnd, ShdPnd: Number of signals pending for thread and for process as a whole (see pthreads(7) and signal(7)).
*
SigBlk, SigIgn, SigCgt: Masks indicating signals being blocked, ignored, and caught (see signal(7)).
*
CapInh, CapPrm, CapEff: Masks of capabilities enabled in inheritable, permitted, and effective sets (see capabilities(7)).
*
CapBnd: Capability Bounding set (since kernel 2.6.26, see capabilities(7)).
*
Cpus_allowed: Mask of CPUs on which this process may run (since Linux 2.6.24, see cpuset(7)).
*
Cpus_allowed_list: Same as previous, but in "list format" (since Linux 2.6.26, see cpuset(7)).
*
Mems_allowed: Mask of memory nodes allowed to this process (since Linux 2.6.24, see cpuset(7)).
*
Mems_allowed_list: Same as previous, but in "list format" (since Linux 2.6.26, see cpuset(7)).
*
voluntary_context_switches, nonvoluntary_context_switches: Number of voluntary and involuntary context switches (since Linux 2.6.23).
- /proc/[pid]/task (since Linux 2.6.0-test6)
- This is a directory that contains one subdirectory for each thread in the process. The name of each subdirectory is the numerical thread ID ([tid]) of the thread (see gettid(2)). Within each of these subdirectories, there is a set of files with the same names and contents as under the /proc/[pid] directories. For attributes that are shared by all threads, the contents for each of the files under the task/[tid] subdirectories will be the same as in the corresponding file in the parent /proc/[pid] directory (e.g., in a multithreaded process, all of the task/[tid]/cwd files will have the same value as the /proc/[pid]/cwd file in the parent directory, since all of the threads in a process share a working directory). For attributes that are distinct for each thread, the corresponding files under task/[tid] may have different values (e.g., various fields in each of the task/[tid]/status files may be different for each thread).
In a multithreaded process, the contents of the /proc/[pid]/task directory are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
- /proc/apm
- Advanced power management version and battery information when CONFIG_APM is defined at kernel compilation time.
- /proc/bus
- Contains subdirectories for installed busses.
- /proc/bus/pccard
- Subdirectory for PCMCIA devices when CONFIG_PCMCIA is set at kernel compilation time.
- /proc/bus/pccard/drivers
- /proc/bus/pci
- Contains various bus subdirectories and pseudo-files containing information about PCI busses, installed devices, and device drivers. Some of these files are not ASCII.
- /proc/bus/pci/devices
- Information about PCI devices. They may be accessed through lspci(8) and setpci(8).
- /proc/cmdline
- Arguments passed to the Linux kernel at boot time. Often done via a boot manager such as lilo(8) or grub(8).
- /proc/config.gz (since Linux 2.6)
- This file exposes the configuration options that were used to build the currently running kernel, in the same format as they would be shown in the .config file that resulted when configuring the kernel (using make xconfig, make config, or similar). The file contents are compressed; view or search them using zcat(1), zgrep(1), etc. As long as no changes have been made to the following file, the contents of /proc/config.gz are the same as those provided by :
-
cat /lib/modules/$(uname -r)/build/.config
- /proc/config.gz is only provided if the kernel is configured with CONFIG_IKCONFIG_PROC.
- /proc/cpuinfo
- This is a collection of CPU and system architecture dependent items, for each supported architecture a different list. Two common entries are processor which gives CPU number and bogomips; a system constant that is calculated during kernel initialization. SMP machines have information for each CPU. The lscpu(1) command gathers its information from this file.
- /proc/devices
- Text listing of major numbers and device groups. This can be used by MAKEDEV scripts for consistency with the kernel.
- /proc/diskstats (since Linux 2.5.69)
- This file contains disk I/O statistics for each disk device. See the Linux kernel source file Documentation/iostats.txt for further information.
- /proc/dma
- This is a list of the registered ISA DMA (direct memory access) channels in use.
- /proc/driver
- Empty subdirectory.
- /proc/execdomains
- List of the execution domains (ABI personalities).
- /proc/fb
- Frame buffer information when CONFIG_FB is defined during kernel compilation.
- /proc/filesystems
- A text listing of the file systems which are supported by the kernel, namely file systems which were compiled into the kernel or whose kernel modules are currently loaded. (See also filesystems(5).) If a file system is marked with "nodev", this means that it does not require a block device to be mounted (e.g., virtual file system, network file system).
Incidentally, this file may be used by mount(8) when no file system is specified and it didn't manage to determine the file system type. Then file systems contained in this file are tried (excepted those that are marked with "nodev").
- /proc/fs
- Empty subdirectory.
- /proc/ide
- This directory exists on systems with the IDE bus. There are directories for each IDE channel and attached device. Files include:
-
cache buffer size in KB capacity number of sectors driver driver version geometry physical and logical geometry identify in hexadecimal media media type model manufacturer's model number settings drive settings smart_thresholds in hexadecimal smart_values in hexadecimal
- The hdparm(8) utility provides access to this information in a friendly format.
- /proc/interrupts
- This is used to record the number of interrupts per CPU per IO device. Since Linux 2.6.24, for the i386 and x86_64 architectures, at least, this also includes interrupts internal to the system (that is, not associated with a device as such), such as NMI (nonmaskable interrupt), LOC (local timer interrupt), and for SMP systems, TLB (TLB flush interrupt), RES (rescheduling interrupt), CAL (remote function call interrupt), and possibly others. Very easy to read formatting, done in ASCII.
- /proc/iomem
- I/O memory map in Linux 2.4.
- /proc/ioports
- This is a list of currently registered Input-Output port regions that are in use.
- /proc/kallsyms (since Linux 2.5.71)
- This holds the kernel exported symbol definitions used by the modules(X) tools to dynamically link and bind loadable modules. In Linux 2.5.47 and earlier, a similar file with slightly different syntax was named ksyms.
- /proc/kcore
- This file represents the physical memory of the system and is stored in the ELF core file format. With this pseudo-file, and an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be used to examine the current state of any kernel data structures.
The total length of the file is the size of physical memory (RAM) plus 4KB.
- /proc/kmsg
- This file can be used instead of the syslog(2) system call to read kernel messages. A process must have superuser privileges to read this file, and only one process should read this file. This file should not be read if a syslog process is running which uses the syslog(2) system call facility to log kernel messages.
Information in this file is retrieved with the dmesg(1) program.
- /proc/ksyms (Linux 1.1.23-2.5.47)
- See /proc/kallsyms.
- /proc/loadavg
- The first three fields in this file are load average figures giving the number of jobs in the run queue (state R) or waiting for disk I/O (state D) averaged over 1, 5, and 15 minutes. They are the same as the load average numbers given by uptime(1) and other programs. The fourth field consists of two numbers separated by a slash (/). The first of these is the number of currently runnable kernel scheduling entities (processes, threads). The value after the slash is the number of kernel scheduling entities that currently exist on the system. The fifth field is the PID of the process that was most recently created on the system.
- /proc/locks
- This file shows current file locks (flock(2) and fcntl(2)) and leases (fcntl(2)).
- /proc/malloc (only up to and including Linux 2.2)
- This file is only present if CONFIG_DEBUG_MALLOC was defined during compilation.
- /proc/meminfo
- This file reports statistics about memory usage on the system. It is used by free(1) to report the amount of free and used memory (both physical and swap) on the system as well as the shared memory and buffers used by the kernel. Each line of the file consists of a parameter name, followed by a colon, the value of the parameter, and an option unit of measurement (e.g., "kB"). The list below describes the parameter names and the format specifier required to read the field value. Except as noted below, all of the fields have been present since at least Linux 2.6.0. Some fileds are only displayed if the kernel was configured with various options; those dependencies are noted in the list.
- MemTotal %lu
Total usable RAM (i.e. physical RAM minus a few reserved bits and the kernel binary code).
- MemFree %lu
The sum of LowFree+HighFree.
- Buffers %lu
Relatively temporary storage for raw disk blocks that shouldn't get tremendously large (20MB or so).
- Cached %lu
In-memory cache for files read from the disk (the page cache). Doesn't include SwapCached.
- SwapCached %lu
Memory that once was swapped out, is swapped back in but still also is in the swap file. (If memory pressure is high, these pages don't need to be swapped out again because they are already in the swap file. This saves I/O.)
- Active %lu
Memory that has been used more recently and usually not reclaimed unless absolutely necessary.
- Inactive %lu
Memory which has been less recently used. It is more eligible to be reclaimed for other purposes.
- Active(anon) %lu (since Linux 2.6.28)
[To be documented.]
- Inactive(anon) %lu (since Linux 2.6.28)
[To be documented.]
- Active(file) %lu (since Linux 2.6.28)
[To be documented.]
- Inactive(file) %lu (since Linux 2.6.28)
[To be documented.]
- Unevictable %lu (since Linux 2.6.28)
(From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was required.) [To be documented.]
- Mlocked %lu (since Linux 2.6.28)
(From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was required.) [To be documented.]
- HighTotal %lu
(Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.) Total amount of highmem. Highmem is all memory above ~860MB of physical memory. Highmem areas are for use by user-space programs, or for the page cache. The kernel must use tricks to access this memory, making it slower to access than lowmem.
- HighFree %lu
(Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.) Amount of free highmem.
- LowTotal %lu
(Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.) Total amount of lowmem. Lowmem is memory which can be used for everything that highmem can be used for, but it is also available for the kernel's use for its own data structures. Among many other things, it is where everything from Slab is allocated. Bad things happen when you're out of lowmem.
- LowFree %lu
(Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.) Amount of free lowmem.
- MmapCopy %lu (since Linux 2.6.29)
(CONFIG_MMU is required.) [To be documented.]
- SwapTotal %lu
Total amount of swap space available.
- SwapFree %lu
Amount of swap space that is currently unused.
- Dirty %lu
Memory which is waiting to get written back to the disk.
- Writeback %lu
Memory which is actively being written back to the disk.
- AnonPages %lu (since Linux 2.6.18)
Non-file backed pages mapped into user-space page tables.
- Mapped %lu
Files which have been mmaped, such as libraries.
- Shmem %lu (since Linux 2.6.32)
[To be documented.]
- Slab %lu
In-kernel data structures cache.
- SReclaimable %lu (since Linux 2.6.19)
Part of Slab, that might be reclaimed, such as caches.
- SUnreclaim %lu (since Linux 2.6.19)
Part of Slab, that cannot be reclaimed on memory pressure.
- KernelStack %lu (since Linux 2.6.32)
Amount of memory allocated to kernel stacks.
- PageTables %lu (since Linux 2.6.18)
Amount of memory dedicated to the lowest level of page tables.
- Quicklists %lu (since Linux 2.6.27)
(CONFIG_QUICKLIST is required.) [To be documented.]
- NFS_Unstable %lu (since Linux 2.6.18)
NFS pages sent to the server, but not yet committed to stable storage.
- Bounce %lu (since Linux 2.6.18)
Memory used for block device "bounce buffers".
- WritebackTmp %lu (since Linux 2.6.26)
Memory used by FUSE for temporary writeback buffers.
- CommitLimit %lu (since Linux 2.6.10)
Based on the overcommit ratio ('vm.overcommit_ratio'), this is the total amount of memory currently available to be allocated on the system. This limit is only adhered to if strict overcommit accounting is enabled (mode 2 in /proc/sys/vm/overcommit_ratio). The CommitLimit is calculated using the following formula:
CommitLimit = (overcommit_ratio * Physical RAM) + Swap
For example, on a system with 1GB of physical RAM and 7GB of swap with a overcommit_ratio of 30, this formula yields a CommitLimit of 7.3GB. For more details, see the memory overcommit documentation in the kernel source file Documentation/vm/overcommit-accounting.
- Committed_AS %lu
The amount of memory presently allocated on the system. The committed memory is a sum of all of the memory which has been allocated by processes, even if it has not been "used" by them as of yet. A process which allocates 1GB of memory (using malloc(3) or similar), but only touches 300MB of that memory will only show up as using 300MB of memory even if it has the address space allocated for the entire 1GB. This 1GB is memory which has been "committed" to by the VM and can be used at any time by the allocating application. With strict overcommit enabled on the system (mode 2 /proc/sys/vm/overcommit_memory), allocations which would exceed the CommitLimit (detailed above) will not be permitted. This is useful if one needs to guarantee that processes will not fail due to lack of memory once that memory has been successfully allocated.
- VmallocTotal %lu
Total size of vmalloc memory area.
- VmallocUsed %lu
Amount of vmalloc area which is used.
- VmallocChunk %lu
Largest contiguous block of vmalloc area which is free.
- HardwareCorrupted %lu (since Linux 2.6.32)
(CONFIG_MEMORY_FAILURE is required.) [To be documented.]
- AnonHugePages %lu (since Linux 2.6.38)
(CONFIG_TRANSPARENT_HUGEPAGE is required.) Non-file backed huge pages mapped into user-space page tables.
- HugePages_Total %lu
(CONFIG_HUGETLB_PAGE is required.) The size of the pool of huge pages.
- HugePages_Free %lu
(CONFIG_HUGETLB_PAGE is required.) The number of huge pages in the pool that are not yet allocated.
- HugePages_Rsvd %lu (since Linux 2.6.17)
(CONFIG_HUGETLB_PAGE is required.) This is the number of huge pages for which a commitment to allocate from the pool has been made, but no allocation has yet been made. These reserved huge pages guarantee that an application will be able to allocate a huge page from the pool of huge pages at fault time.
- HugePages_Surp %lu (since Linux 2.6.24)
(CONFIG_HUGETLB_PAGE is required.) This is the number of huge pages in the pool above the value in /proc/sys/vm/nr_hugepages. The maximum number of surplus huge pages is controlled by /proc/sys/vm/nr_overcommit_hugepages.
- Hugepagesize %lu
(CONFIG_HUGETLB_PAGE is required.) The size of huge pages.
- /proc/modules
- A text list of the modules that have been loaded by the system. See also lsmod(8).
- /proc/mounts
- Before kernel 2.4.19, this file was a list of all the file systems currently mounted on the system. With the introduction of per-process mount namespaces in Linux 2.4.19, this file became a link to /proc/self/mounts, which lists the mount points of the process's own mount namespace. The format of this file is documented in fstab(5).
- /proc/mtrr
- Memory Type Range Registers. See the Linux kernel source file Documentation/mtrr.txt for details.
- /proc/net
- various net pseudo-files, all of which give the status of some part of the networking layer. These files contain ASCII structures and are, therefore, readable with cat(1). However, the standard netstat(8) suite provides much cleaner access to these files.
- /proc/net/arp
- This holds an ASCII readable dump of the kernel ARP table used for address resolutions. It will show both dynamically learned and preprogrammed ARP entries. The format is:
IP address HW type Flags HW address Mask Device 192.168.0.50 0x1 0x2 00:50:BF:25:68:F3 * eth0 192.168.0.250 0x1 0xc 00:00:00:00:00:00 * eth0
Here "IP address" is the IPv4 address of the machine and the "HW type" is the hardware type of the address from RFC 826. The flags are the internal flags of the ARP structure (as defined in /usr/include/linux/if_arp.h) and the "HW address" is the data link layer mapping for that IP address if it is known. - /proc/net/dev
- The dev pseudo-file contains network device status information. This gives the number of received and sent packets, the number of errors and collisions and other basic statistics. These are used by the ifconfig(8) program to report device status. The format is:
Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 2776770 11307 0 0 0 0 0 0 2776770 11307 0 0 0 0 0 0 eth0: 1215645 2751 0 0 0 0 0 0 1782404 4324 0 0 0 427 0 0 ppp0: 1622270 5552 1 0 0 0 0 0 354130 5669 0 0 0 0 0 0 tap0: 7714 81 0 0 0 0 0 0 7714 81 0 0 0 0 0 0
- /proc/net/dev_mcast
- Defined in /usr/src/linux/net/core/dev_mcast.c:
indx interface_name dmi_u dmi_g dmi_address 2 eth0 1 0 01005e000001 3 eth1 1 0 01005e000001 4 eth2 1 0 01005e000001
- /proc/net/igmp
- Internet Group Management Protocol. Defined in /usr/src/linux/net/core/igmp.c.
- /proc/net/rarp
- This file uses the same format as the arp file and contains the current reverse mapping database used to provide rarp(8) reverse address lookup services. If RARP is not configured into the kernel, this file will not be present.
- /proc/net/raw
- Holds a dump of the RAW socket table. Much of the information is not of use apart from debugging. The "sl" value is the kernel hash slot for the socket, the "local_address" is the local address and protocol number pair. "St" is the internal status of the socket. The "tx_queue" and "rx_queue" are the outgoing and incoming data queue in terms of kernel memory usage. The "tr", "tm->when", and "rexmits" fields are not used by RAW. The "uid" field holds the effective UID of the creator of the socket.
- /proc/net/snmp
- This file holds the ASCII data needed for the IP, ICMP, TCP, and UDP management information bases for an SNMP agent.
- /proc/net/tcp
- Holds a dump of the TCP socket table. Much of the information is not of use apart from debugging. The "sl" value is the kernel hash slot for the socket, the "local_address" is the local address and port number pair. The "rem_address" is the remote address and port number pair (if connected). "St" is the internal status of the socket. The "tx_queue" and "rx_queue" are the outgoing and incoming data queue in terms of kernel memory usage. The "tr", "tm->when", and "rexmits" fields hold internal information of the kernel socket state and are only useful for debugging. The "uid" field holds the effective UID of the creator of the socket.
- /proc/net/udp
- Holds a dump of the UDP socket table. Much of the information is not of use apart from debugging. The "sl" value is the kernel hash slot for the socket, the "local_address" is the local address and port number pair. The "rem_address" is the remote address and port number pair (if connected). "St" is the internal status of the socket. The "tx_queue" and "rx_queue" are the outgoing and incoming data queue in terms of kernel memory usage. The "tr", "tm->when", and "rexmits" fields are not used by UDP. The "uid" field holds the effective UID of the creator of the socket. The format is:
sl local_address rem_address st tx_queue rx_queue tr rexmits tm->when uid 1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0 1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0 1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
- /proc/net/unix
- Lists the UNIX domain sockets present within the system and their status. The format is:
Num RefCount Protocol Flags Type St Path 0: 00000002 00000000 00000000 0001 03 1: 00000001 00000000 00010000 0001 01 /dev/printer
Here "Num" is the kernel table slot number, "RefCount" is the number of users of the socket, "Protocol" is currently always 0, "Flags" represent the internal kernel flags holding the status of the socket. Currently, type is always "1" (UNIX domain datagram sockets are not yet supported in the kernel). "St" is the internal state of the socket and Path is the bound path (if any) of the socket. - /proc/partitions
- Contains major and minor numbers of each partition as well as number of blocks and partition name.
- /proc/pci
- This is a listing of all PCI devices found during kernel initialization and their configuration.
This file has been deprecated in favor of a new /proc interface for PCI (/proc/bus/pci). It became optional in Linux 2.2 (available with CONFIG_PCI_OLD_PROC set at kernel compilation). It became once more nonoptionally enabled in Linux 2.4. Next, it was deprecated in Linux 2.6 (still available with CONFIG_PCI_LEGACY_PROC set), and finally removed altogether since Linux 2.6.17.
- /proc/profile (since Linux 2.4)
- This file is present only if the kernel was booted with the profile=1 command-line option. It exposes kernel profiling information in a binary format for use by readprofile(1). Writing (e.g., an empty string) to this file resets the profiling counters; on some architectures, writing a binary integer "profiling multiplier" of size sizeof(int) sets the profiling interrupt frequency.
- /proc/scsi
- A directory with the scsi mid-level pseudo-file and various SCSI low-level driver directories, which contain a file for each SCSI host in this system, all of which give the status of some part of the SCSI IO subsystem. These files contain ASCII structures and are, therefore, readable with cat(1).
You can also write to some of the files to reconfigure the subsystem or switch certain features on or off.
- /proc/scsi/scsi
- This is a listing of all SCSI devices known to the kernel. The listing is similar to the one seen during bootup. scsi currently supports only the add-single-device command which allows root to add a hotplugged device to the list of known devices.
The command
-
echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
- will cause host scsi1 to scan on SCSI channel 0 for a device on ID 5 LUN 0. If there is already a device known on this address or the address is invalid, an error will be returned.
- /proc/scsi/[drivername]
- [drivername] can currently be NCR53c7xx, aha152x, aha1542, aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000, pas16, qlogic, scsi_debug, seagate, t128, u15-24f, ultrastore, or wd7000. These directories show up for all drivers that registered at least one SCSI HBA. Every directory contains one file per registered host. Every host-file is named after the number the host was assigned during initialization.
Reading these files will usually show driver and host configuration, statistics, etc.
Writing to these files allows different things on different hosts. For example, with the latency and nolatency commands, root can switch on and off command latency measurement code in the eata_dma driver. With the lockup and unlock commands, root can control bus lockups simulated by the scsi_debug driver.
- /proc/self
- This directory refers to the process accessing the /proc file system, and is identical to the /proc directory named by the process ID of the same process.
- /proc/slabinfo
- Information about kernel caches. Since Linux 2.6.16 this file is only present if the CONFIG_SLAB kernel configuration option is enabled. The columns in /proc/slabinfo are:
-
cache-name num-active-objs total-objs object-size num-active-slabs total-slabs num-pages-per-slab
- See slabinfo(5) for details.
- /proc/stat
- kernel/system statistics. Varies with architecture. Common entries include:
- cpu 3357 0 4313 1362393
The amount of time, measured in units of USER_HZ (1/100ths of a second on most architectures, use sysconf(_SC_CLK_TCK) to obtain the right value), that the system spent in various states:
user
(1) Time spent in user mode.
nice
(2) Time spent in user mode with low priority (nice).
system
(3) Time spent in system mode.
idle
(4) Time spent in the idle task. This value should be USER_HZ times the second entry in the /proc/uptime pseudo-file.
iowait (since Linux 2.5.41)
(5) Time waiting for I/O to complete.
irq (since Linux 2.6.0-test4)
(6) Time servicing interrupts.
softirq (since Linux 2.6.0-test4)
(7) Time servicing softirqs.
steal (since Linux 2.6.11)
(8) Stolen time, which is the time spent in other operating systems when running in a virtualized environment
guest (since Linux 2.6.24)
(9) Time spent running a virtual CPU for guest operating systems under the control of the Linux kernel.
guest_nice (since Linux 2.6.33)
(10) Time spent running a niced guest (virtual CPU for guest operating systems under the control of the Linux kernel).
- page 5741 1808
The number of pages the system paged in and the number that were paged out (from disk).
- swap 1 0
The number of swap pages that have been brought in and out.
- intr 1462898
This line shows counts of interrupts serviced since boot time, for each of the possible system interrupts. The first column is the total of all interrupts serviced; each subsequent column is the total for a particular interrupt.
- disk_io: (2,0):(31,30,5764,1,2) (3,0):...
(major,disk_idx):(noinfo, read_io_ops, blks_read, write_io_ops, blks_written)
(Linux 2.4 only)
- ctxt 115315
The number of context switches that the system underwent.
- btime 769041601
boot time, in seconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).
- processes 86031
Number of forks since boot.
- procs_running 6
Number of processes in runnable state. (Linux 2.5.45 onward.)
- procs_blocked 2
Number of processes blocked waiting for I/O to complete. (Linux 2.5.45 onward.)
- /proc/swaps
- Swap areas in use. See also swapon(8).
- /proc/sys
- This directory (present since 1.3.57) contains a number of files and subdirectories corresponding to kernel variables. These variables can be read and sometimes modified using the /proc file system, and the (deprecated) sysctl(2) system call.
- /proc/sys/abi (since Linux 2.4.10)
- This directory may contain files with application binary information. See the Linux kernel source file Documentation/sysctl/abi.txt for more information.
- /proc/sys/debug
- This directory may be empty.
- /proc/sys/dev
- This directory contains device-specific information (e.g., dev/cdrom/info). On some systems, it may be empty.
- /proc/sys/fs
- This directory contains the files and subdirectories for kernel variables related to file systems.
- /proc/sys/fs/binfmt_misc
- Documentation for files in this directory can be found in the Linux kernel sources in Documentation/binfmt_misc.txt.
- /proc/sys/fs/dentry-state (since Linux 2.2)
- This file contains information about the status of the directory cache (dcache). The file contains six numbers, nr_dentry, nr_unused, age_limit (age in seconds), want_pages (pages requested by system) and two dummy values.
- *
nr_dentry is the number of allocated dentries (dcache entries). This field is unused in Linux 2.2.
*
nr_unused is the number of unused dentries.
*
age_limit is the age in seconds after which dcache entries can be reclaimed when memory is short.
*
want_pages is nonzero when the kernel has called shrink_dcache_pages() and the dcache isn't pruned yet.
- /proc/sys/fs/dir-notify-enable
- This file can be used to disable or enable the dnotify interface described in fcntl(2) on a system-wide basis. A value of 0 in this file disables the interface, and a value of 1 enables it.
- /proc/sys/fs/dquot-max
- This file shows the maximum number of cached disk quota entries. On some (2.4) systems, it is not present. If the number of free cached disk quota entries is very low and you have some awesome number of simultaneous system users, you might want to raise the limit.
- /proc/sys/fs/dquot-nr
- This file shows the number of allocated disk quota entries and the number of free disk quota entries.
- /proc/sys/fs/epoll (since Linux 2.6.28)
- This directory contains the file max_user_watches, which can be used to limit the amount of kernel memory consumed by the epoll interface. For further details, see epoll(7).
- /proc/sys/fs/file-max
- This file defines a system-wide limit on the number of open files for all processes. (See also setrlimit(2), which can be used by a process to set
the per-process limit, RLIMIT_NOFILE, on the number of files it may open.) If you get lots of error messages in the kernel log about running out of file
handles (look for "VFS: file-max limit <number> reached"), try increasing this value:
echo 100000 > /proc/sys/fs/file-max
The kernel constant NR_OPEN imposes an upper limit on the value that may be placed in file-max.If you increase /proc/sys/fs/file-max, be sure to increase /proc/sys/fs/inode-max to 3-4 times the new value of /proc/sys/fs/file-max, or you will run out of inodes.
Privileged processes (CAP_SYS_ADMIN) can override the file-max limit.
- /proc/sys/fs/file-nr
- This (read-only) file contains three numbers: the number of allocated file handles (i.e., the number of files presently opened); the number of free file handles; and the maximum number of file handles (i.e., the same value as /proc/sys/fs/file-max). If the number of allocated file handles is close to the maximum, you should consider increasing the maximum. Before Linux 2.6, the kernel allocated file handles dynamically, but it didn't free them again. Instead the free file handles were kept in a list for reallocation; the "free file handles" value indicates the size of that list. A large number of free file handles indicates that there was a past peak in the usage of open file handles. Since Linux 2.6, the kernel does deallocate freed file handles, and the "free file handles" value is always zero.
- /proc/sys/fs/inode-max
- This file contains the maximum number of in-memory inodes. On some (2.4) systems, it may not be present. This value should be 3-4 times larger than the value in file-max, since stdin, stdout and network sockets also need an inode to handle them. When you regularly run out of inodes, you need to increase this value.
- /proc/sys/fs/inode-nr
- This file contains the first two values from inode-state.
- /proc/sys/fs/inode-state
- This file contains seven numbers: nr_inodes, nr_free_inodes, preshrink, and four dummy values. nr_inodes is the number of inodes the system has allocated. This can be slightly more than inode-max because Linux allocates them one page full at a time. nr_free_inodes represents the number of free inodes. preshrink is nonzero when the nr_inodes > inode-max and the system needs to prune the inode list instead of allocating more.
- /proc/sys/fs/inotify (since Linux 2.6.13)
- This directory contains files max_queued_events, max_user_instances, and max_user_watches, that can be used to limit the amount of kernel memory consumed by the inotify interface. For further details, see inotify(7).
- /proc/sys/fs/lease-break-time
- This file specifies the grace period that the kernel grants to a process holding a file lease (fcntl(2)) after it has sent a signal to that process notifying it that another process is waiting to open the file. If the lease holder does not remove or downgrade the lease within this grace period, the kernel forcibly breaks the lease.
- /proc/sys/fs/leases-enable
- This file can be used to enable or disable file leases (fcntl(2)) on a system-wide basis. If this file contains the value 0, leases are disabled. A nonzero value enables leases.
- /proc/sys/fs/mqueue (since Linux 2.6.6)
- This directory contains files msg_max, msgsize_max, and queues_max, controlling the resources used by POSIX message queues. See mq_overview(7) for details.
- /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
- These files allow you to change the value of the fixed UID and GID. The default is 65534. Some file systems only support 16-bit UIDs and GIDs, although in Linux UIDs and GIDs are 32 bits. When one of these file systems is mounted with writes enabled, any UID or GID that would exceed 65535 is translated to the overflow value before being written to disk.
- /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
- The value in this file defines an upper limit for raising the capacity of a pipe using the fcntl(2) F_SETPIPE_SZ operation. This limit applies only to unprivileged processes. The default value for this file is 1,048,576. The value assigned to this file may be rounded upward, to reflect the value actually employed for a convenient implementation. To determine the rounded-up value, display the contents of this file after assigning a value to it. The minimum value that can be assigned to this file is the system page size.
- /proc/sys/fs/protected_hardlinks (since Linux 3.6)
- When the value in this file is 0, no restrictions are placed on the creation of hard links (i.e., this is the historical behaviour before Linux 3.6). When the value in this file is 1, a hard link can be created to a target file only if one of the following conditions is true:
- *
The caller has the CAP_FOWNER capability.
*
The file system UID of the process creating the link matches the owner (UID) of the target file (as described in credentials(7), a process's file system UID is normally the same as its effective UID).
*
All of the following conditions are true:
- • the target is a regular file;
• the target file does not have its set-user-ID permission bit enabled;
• the target file does not have both its set-group-ID and group-executable permission bits enabled; and
• the caller has permission to read and write the target file (either via the file's permissions mask or because it has suitable capabilities).
- The default value in this file is 0. Setting the value to 1 prevents a longstanding class of security issues caused by hard-link-based time-of-check, time-of-use races, most commonly seen in world-writable directories such as /tmp. The common method of exploiting this flaw is to cross privilege boundaries when following a given hard link (i.e., a root process follows a hard link created by another user). Additionally, on systems without separated partitions, this stops unauthorized users from "pinning" vulnerable set-user-ID and set-group-ID files against being upgraded by the administrator, or linking to special files.
- /proc/sys/fs/protected_symlinks (since Linux 3.6)
- When the value in this file is 0, no restrictions are placed on following symbolic links (i.e., this is the historical behaviour before Linux 3.6). When the value in this file is 1, symbolic links are followed only in the following circumstances:
- *
the file system UID of the process following the link matches the owner (UID) of the symbolic link (as described in credentials(7), a process's file system UID is normally the same as its effective UID);
*
the link is not in a sticky world-writable directory; or
*
the symbolic link and and its parent directory have the same owner (UID)
- A system call that fails to follow a symbolic link because of the above restrictions returns the error EACCES in errno.
The default value in this file is 0. Setting the value to 1 avoids a longstanding class of security issues based on time-of-check, time-of-use races when accessing symbolic links.
- /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
- The value in this file determines whether core dump files are produced for set-user-ID or otherwise protected/tainted binaries. Three different integer values can be specified:
- 0 (default)
This provides the traditional (pre-Linux 2.6.13) behavior. A core dump will not be produced for a process which has changed credentials (by calling seteuid(2), setgid(2), or similar, or by executing a set-user-ID or set-group-ID program) or whose binary does not have read permission enabled.
- 1 ("debug")
All processes dump core when possible. The core dump is owned by the file system user ID of the dumping process and no security is applied. This is intended for system debugging situations only. Ptrace is unchecked.
- 2 ("suidsafe")
Any binary which normally would not be dumped (see "0" above) is dumped readable by root only. This allows the user to remove the core dump file but not to read it. For security reasons core dumps in this mode will not overwrite one another or other files. This mode is appropriate when administrators are attempting to debug problems in a normal environment.
Additionally, since Linux 3.6, /proc/sys/kernel/core_pattern must either be an absolute pathname or a pipe command, as detailed in core(5). Warnings will be written to the kernel log if core_pattern does not follow these rules, and no core dump will be produced.
- /proc/sys/fs/super-max
- This file controls the maximum number of superblocks, and thus the maximum number of mounted file systems the kernel can have. You only need to increase super-max if you need to mount more file systems than the current value in super-max allows you to.
- /proc/sys/fs/super-nr
- This file contains the number of file systems currently mounted.
- /proc/sys/kernel
- This directory contains files controlling a range of kernel parameters, as described below.
- /proc/sys/kernel/acct
- This file contains three numbers: highwater, lowwater, and frequency. If BSD-style process accounting is enabled these values control its behavior. If free space on file system where the log lives goes below lowwater percent accounting suspends. If free space gets above highwater percent accounting resumes. frequency determines how often the kernel checks the amount of free space (value is in seconds). Default values are 4, 2 and 30. That is, suspend accounting if 2% or less space is free; resume it if 4% or more space is free; consider information about amount of free space valid for 30 seconds.
- /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
- This file holds the value of the kernel capability bounding set (expressed as a signed decimal number). This set is ANDed against the capabilities permitted to a process during execve(2). Starting with Linux 2.6.25, the system-wide capability bounding set disappeared, and was replaced by a per-thread bounding set; see capabilities(7).
- /proc/sys/kernel/core_pattern
- See core(5).
- /proc/sys/kernel/core_uses_pid
- See core(5).
- /proc/sys/kernel/ctrl-alt-del
- This file controls the handling of Ctrl-Alt-Del from the keyboard. When the value in this file is 0, Ctrl-Alt-Del is trapped and sent to the init(8) program to handle a graceful restart. When the value is greater than zero, Linux's reaction to a Vulcan Nerve Pinch (tm) will be an immediate reboot, without even syncing its dirty buffers. Note: when a program (like dosemu) has the keyboard in "raw" mode, the ctrl-alt-del is intercepted by the program before it ever reaches the kernel tty layer, and it's up to the program to decide what to do with it.
- /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
- The value in this file determines who can see kernel syslog contents. A value of 0 in this file imposes no restrictions. If the value is 1, only privileged users can read the kernel syslog. (See syslog(2) for more details.) Since Linux 3.4, only users with the CAP_SYS_ADMIN capability may change the value in this file.
- /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
- can be used to set the NIS/YP domainname and the hostname of your box in exactly the same way as the commands domainname(1) and hostname(1), that is:
-
# echo 'darkstar' > /proc/sys/kernel/hostname # echo 'mydomain' > /proc/sys/kernel/domainname
- has the same effect as
-
# hostname 'darkstar' # domainname 'mydomain'
- Note, however, that the classic darkstar.frop.org has the hostname "darkstar" and DNS (Internet Domain Name Server) domainname "frop.org", not to be confused with the NIS (Network Information Service) or YP (Yellow Pages) domainname. These two domain names are in general different. For a detailed discussion see the hostname(1) man page.
- /proc/sys/kernel/hotplug
- This file contains the path for the hotplug policy agent. The default value in this file is /sbin/hotplug.
- /proc/sys/kernel/htab-reclaim
- (PowerPC only) If this file is set to a nonzero value, the PowerPC htab (see kernel file Documentation/powerpc/ppc_htab.txt) is pruned each time the system hits the idle loop.
- /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
- The value in this file determines whether kernel addresses are exposed via /proc files and other interfaces. A value of 0 in this file imposes no restrictions. If the value is 1, kernel pointers printed using the %pK format specifier will be replaced with zeros unless the user has the CAP_SYSLOG capability. If the value is 2, kernel pointers printed using the %pK format specifier will be replaced with zeros regardless of the user's capabilities. The initial default value for this file was 1, but the default was changed to 0 in Linux 2.6.39. Since Linux 3.4, only users with the CAP_SYS_ADMIN capability can change the value in this file.
- /proc/sys/kernel/l2cr
- (PowerPC only) This file contains a flag that controls the L2 cache of G3 processor boards. If 0, the cache is disabled. Enabled if nonzero.
- /proc/sys/kernel/modprobe
- This file contains the path for the kernel module loader. The default value is /sbin/modprobe. The file is only present if the kernel is built with the CONFIG_MODULES (CONFIG_KMOD in Linux 2.6.26 and earlier) option enabled. It is described by the Linux kernel source file Documentation/kmod.txt (only present in kernel 2.4 and earlier).
- /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
- A toggle value indicating if modules are allowed to be loaded in an otherwise modular kernel. This toggle defaults to off (0), but can be set true (1). Once true, modules can be neither loaded nor unloaded, and the toggle cannot be set back to false. The file is only present if the kernel is built with the CONFIG_MODULES option enabled.
- /proc/sys/kernel/msgmax
- This file defines a system-wide limit specifying the maximum number of bytes in a single message written on a System V message queue.
- /proc/sys/kernel/msgmni
- This file defines the system-wide limit on the number of message queue identifiers. (This file is only present in Linux 2.4 onward.)
- /proc/sys/kernel/msgmnb
- This file defines a system-wide parameter used to initialize the msg_qbytes setting for subsequently created message queues. The msg_qbytes setting specifies the maximum number of bytes that may be written to the message queue.
- /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
- These files give substrings of /proc/version.
- /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
- These files duplicate the files /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid.
- /proc/sys/kernel/panic
- This file gives read/write access to the kernel variable panic_timeout. If this is zero, the kernel will loop on a panic; if nonzero it indicates that the kernel should autoreboot after this number of seconds. When you use the software watchdog device driver, the recommended setting is 60.
- /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
- This file controls the kernel's behavior when an oops or BUG is encountered. If this file contains 0, then the system tries to continue operation. If it contains 1, then the system delays a few seconds (to give klogd time to record the oops output) and then panics. If the /proc/sys/kernel/panic file is also nonzero then the machine will be rebooted.
- /proc/sys/kernel/pid_max (since Linux 2.5.34)
- This file specifies the value at which PIDs wrap around (i.e., the value in this file is one greater than the maximum PID). The default value for this file, 32768, results in the same range of PIDs as on earlier kernels. On 32-bit platforms, 32768 is the maximum value for pid_max. On 64-bit systems, pid_max can be set to any value up to 2^22 (PID_MAX_LIMIT, approximately 4 million).
- /proc/sys/kernel/powersave-nap (PowerPC only)
- This file contains a flag. If set, Linux-PPC will use the "nap" mode of powersaving, otherwise the "doze" mode will be used.
- /proc/sys/kernel/printk
- The four values in this file are console_loglevel, default_message_loglevel, minimum_console_level, and default_console_loglevel. These values influence printk() behavior when printing or logging error messages. See syslog(2) for more info on the different loglevels. Messages with a higher priority than console_loglevel will be printed to the console. Messages without an explicit priority will be printed with priority default_message_level. minimum_console_loglevel is the minimum (highest) value to which console_loglevel can be set. default_console_loglevel is the default value for console_loglevel.
- /proc/sys/kernel/pty (since Linux 2.6.4)
- This directory contains two files relating to the number of UNIX 98 pseudoterminals (see pts(4)) on the system.
- /proc/sys/kernel/pty/max
- This file defines the maximum number of pseudoterminals.
- /proc/sys/kernel/pty/nr
- This read-only file indicates how many pseudoterminals are currently in use.
- /proc/sys/kernel/random
- This directory contains various parameters controlling the operation of the file /dev/random. See random(4) for further information.
- /proc/sys/kernel/real-root-dev
- This file is documented in the Linux kernel source file Documentation/initrd.txt.
- /proc/sys/kernel/reboot-cmd (Sparc only)
- This file seems to be a way to give an argument to the SPARC ROM/Flash boot loader. Maybe to tell it what to do after rebooting?
- /proc/sys/kernel/rtsig-max
- (Only in kernels up to and including 2.6.7; see setrlimit(2)) This file can be used to tune the maximum number of POSIX real-time (queued) signals that can be outstanding in the system.
- /proc/sys/kernel/rtsig-nr
- (Only in kernels up to and including 2.6.7.) This file shows the number POSIX real-time signals currently queued.
- /proc/sys/kernel/sem (since Linux 2.4)
- This file contains 4 numbers defining limits for System V IPC semaphores. These fields are, in order:
- SEMMSL
The maximum semaphores per semaphore set.
SEMMNS
A system-wide limit on the number of semaphores in all semaphore sets.
SEMOPM
The maximum number of operations that may be specified in a semop(2) call.
SEMMNI
A system-wide limit on the maximum number of semaphore identifiers.
- /proc/sys/kernel/sg-big-buff
- This file shows the size of the generic SCSI device (sg) buffer. You can't tune it just yet, but you could change it at compile time by editing include/scsi/sg.h and changing the value of SG_BIG_BUFF. However, there shouldn't be any reason to change this value.
- /proc/sys/kernel/shmall
- This file contains the system-wide limit on the total number of pages of System V shared memory.
- /proc/sys/kernel/shmmax
- This file can be used to query and set the run-time limit on the maximum (System V IPC) shared memory segment size that can be created. Shared memory segments up to 1GB are now supported in the kernel. This value defaults to SHMMAX.
- /proc/sys/kernel/shmmni
- (available in Linux 2.4 and onward) This file specifies the system-wide maximum number of System V shared memory segments that can be created.
- /proc/sys/kernel/sysrq
- This file controls the functions allowed to be invoked by the SysRq key. By default, the file contains 1 meaning that every possible SysRq request is allowed (in older kernel versions, SysRq was disabled by default, and you were required to specifically enable it at run-time, but this is not the case any more). Possible values in this file are:
0 - disable sysrq completely 1 - enable all functions of sysrq >1 - bit mask of allowed sysrq functions, as follows: 2 - enable control of console logging level 4 - enable control of keyboard (SAK, unraw) 8 - enable debugging dumps of processes etc. 16 - enable sync command 32 - enable remount read-only 64 - enable signalling of processes (term, kill, oom-kill) 128 - allow reboot/poweroff 256 - allow nicing of all real-time tasks
This file is only present if the CONFIG_MAGIC_SYSRQ kernel configuration option is enabled. For further details see the Linux kernel source file Documentation/sysrq.txt.
- /proc/sys/kernel/version
- This file contains a string like:
#5 Wed Feb 25 21:49:24 MET 1998
The "#5" means that this is the fifth kernel built from this source base and the date behind it indicates the time the kernel was built.
- /proc/sys/kernel/threads-max (since Linux 2.3.11)
- This file specifies the system-wide limit on the number of threads (tasks) that can be created on the system.
- /proc/sys/kernel/zero-paged (PowerPC only)
- This file contains a flag. When enabled (nonzero), Linux-PPC will pre-zero pages in the idle loop, possibly speeding up get_free_pages.
- /proc/sys/net
- This directory contains networking stuff. Explanations for some of the files under this directory can be found in tcp(7) and ip(7).
- /proc/sys/net/core/somaxconn
- This file defines a ceiling value for the backlog argument of listen(2); see the listen(2) manual page for details.
- /proc/sys/proc
- This directory may be empty.
- /proc/sys/sunrpc
- This directory supports Sun remote procedure call for network file system (NFS). On some systems, it is not present.
- /proc/sys/vm
- This directory contains files for memory management tuning, buffer and cache management.
- /proc/sys/vm/drop_caches (since Linux 2.6.16)
- Writing to this file causes the kernel to drop clean caches, dentries and inodes from memory, causing that memory to become free.
To free pagecache, use echo 1 > /proc/sys/vm/drop_caches; to free dentries and inodes, use echo 2 > /proc/sys/vm/drop_caches; to free pagecache, dentries and inodes, use echo 3 > /proc/sys/vm/drop_caches.
Because this is a nondestructive operation and dirty objects are not freeable, the user should run sync(8) first.
- /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
- If nonzero, this disables the new 32-bit memory-mapping layout; the kernel will use the legacy (2.4) layout for all processes.
- /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
- Control how to kill processes when an uncorrected memory error (typically a 2-bit error in a memory module) that cannot be handled by the kernel is detected in the background by hardware. In some cases (like the page still having a valid copy on disk), the kernel will handle the failure transparently without affecting any applications. But if there is no other up-to-date copy of the data, it will kill processes to prevent any data corruptions from propagating.
The file has one of the following values:
- 1:
Kill all processes that have the
- corrupted-and-not-reloadable page mapped as soon as the corruption is detected. Note this is not supported for a few types of pages, like kernel internally allocated data or the swap cache, but works for the majority of user pages.
- 0:
Only unmap the corrupted page from all processes and only kill a process who tries to access it.
- The kill is performed using a SIGBUS signal with si_code set to BUS_MCEERR_AO. Processes can handle this if they want to; see sigaction(2) for more details.
This feature is only active on architectures/platforms with advanced machine check handling and depends on the hardware capabilities.
Applications can override the memory_failure_early_kill setting individually with the prctl(2) PR_MCE_KILL operation.
Only present if the kernel was configured with CONFIG_MEMORY_FAILURE.
- /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
- Enable memory failure recovery (when supported by the platform)
- 1:
Attempt recovery.
0:
Always panic on a memory failure.
- Only present if the kernel was configured with CONFIG_MEMORY_FAILURE.
- /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
- Enables a system-wide task dump (excluding kernel threads) to be produced when the kernel performs an OOM-killing. The dump includes the following information for each task (thread, process): thread ID, real user ID, thread group ID (process ID), virtual memory size, resident set size, the CPU that the task is scheduled on, oom_adj score (see the description of /proc/[pid]/oom_adj), and command name. This is helpful to determine why the OOM-killer was invoked and to identify the rogue task that caused it.
If this contains the value zero, this information is suppressed. On very large systems with thousands of tasks, it may not be feasible to dump the memory state information for each one. Such systems should not be forced to incur a performance penalty in OOM situations when the information may not be desired.
If this is set to nonzero, this information is shown whenever the OOM-killer actually kills a memory-hogging task.
The default value is 0.
- /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
- This enables or disables killing the OOM-triggering task in out-of-memory situations.
If this is set to zero, the OOM-killer will scan through the entire tasklist and select a task based on heuristics to kill. This normally selects a rogue memory-hogging task that frees up a large amount of memory when killed.
If this is set to nonzero, the OOM-killer simply kills the task that triggered the out-of-memory condition. This avoids a possibly expensive tasklist scan.
If /proc/sys/vm/panic_on_oom is nonzero, it takes precedence over whatever value is used in /proc/sys/vm/oom_kill_allocating_task.
The default value is 0.
- /proc/sys/vm/overcommit_memory
- This file contains the kernel virtual memory accounting mode. Values are:
0: heuristic overcommit (this is the default)
1: always overcommit, never check
2: always check, never overcommit
- In mode 0, calls of mmap(2) with MAP_NORESERVE are not checked, and the default check is very weak, leading to the risk of getting a process "OOM-killed". Under Linux 2.4 any nonzero value implies mode 1. In mode 2 (available since Linux 2.6), the total virtual address space on the system is limited to (SS + RAM*(r/100)), where SS is the size of the swap space, and RAM is the size of the physical memory, and r is the contents of the file /proc/sys/vm/overcommit_ratio.
- /proc/sys/vm/overcommit_ratio
- See the description of /proc/sys/vm/overcommit_memory.
- /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
- This enables or disables a kernel panic in an out-of-memory situation.
If this file is set to the value 0, the kernel's OOM-killer will kill some rogue process. Usually, the OOM-killer is able to kill a rogue process and the system will survive.
If this file is set to the value 1, then the kernel normally panics when out-of-memory happens. However, if a process limits allocations to certain nodes using memory policies (mbind(2) MPOL_BIND) or cpusets (cpuset(7)) and those nodes reach memory exhaustion status, one process may be killed by the OOM-killer. No panic occurs in this case: because other nodes' memory may be free, this means the system as a whole may not have reached an out-of-memory situation yet.
If this file is set to the value 2, the kernel always panics when an out-of-memory condition occurs.
The default value is 0. 1 and 2 are for failover of clustering. Select either according to your policy of failover.
- /proc/sys/vm/swappiness
- The value in this file controls how aggressively the kernel will swap memory pages. Higher values increase aggressiveness, lower values decrease aggressiveness. The default value is 60.
- /proc/sysrq-trigger (since Linux 2.4.21)
- Writing a character to this file triggers the same SysRq function as typing ALT-SysRq-<character> (see the description of /proc/sys/kernel/sysrq). This file is normally only writable by root. For further details see the Linux kernel source file Documentation/sysrq.txt.
- /proc/sysvipc
- Subdirectory containing the pseudo-files msg, sem and shm. These files list the System V Interprocess Communication (IPC) objects (respectively: message queues, semaphores, and shared memory) that currently exist on the system, providing similar information to that available via ipcs(1). These files have headers and are formatted (one IPC object per line) for easy understanding. svipc(7) provides further background on the information shown by these files.
- /proc/tty
- Subdirectory containing the pseudo-files and subdirectories for tty drivers and line disciplines.
- /proc/uptime
- This file contains two numbers: the uptime of the system (seconds), and the amount of time spent in idle process (seconds).
- /proc/version
- This string identifies the kernel version that is currently running. It includes the contents of /proc/sys/kernel/ostype,
/proc/sys/kernel/osrelease and /proc/sys/kernel/version. For example:
Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
- /proc/vmstat (since Linux 2.6)
- This file displays various virtual memory statistics.
- /proc/zoneinfo (since Linux 2.6.13)
- This file display information about memory zones. This is useful for analyzing virtual memory behavior.
Notes
Many strings (i.e., the environment and command line) are in the internal format, with subfields terminated by null bytes ('\0'), so you may find that things are more readable if you use od -c or tr "\000" "\n" to read them. Alternatively, echo `cat <file>` works well.
This manual page is incomplete, possibly inaccurate, and is the kind of thing that needs to be updated very often.
See Also
cat(1), dmesg(1), find(1), free(1), ps(1), tr(1), uptime(1), chroot(2), mmap(2), readlink(2), syslog(2), slabinfo(5), hier(7), time(7), arp(8), hdparm(8), ifconfig(8), init(8), lsmod(8), lspci(8), mount(8), netstat(8), procinfo(8), route(8)
The Linux kernel source files: Documentation/filesystems/proc.txt and Documentation/sysctl/vm.txt.
Referenced By
acct(5), collectd.conf(5), delete_module(2), dstat(1), fexecve(3), getauxval(3), getloadavg(3), getrusage(2), htop(1), init_module(2), kcmp(2), link(2), mallopt(3), migratepages(8), mlockall(2), msgctl(2), netdevice(7), numactl(8), pkcheck(1), program_invocation_name(3), pty(7), semctl(2), shmctl(2), shmget(2), smem(8), stapprobes(5), strace(1), sysinfo(2), vnstat(1)
