The /proc File System And ProcMeter
The /proc file system is a part of Linux that most people have not investigated deeply—perhaps may have never heard of. Like the kernel itself, it is a vital part of a Linux system. Yet its contents and its function are a mystery to most users. If the kernel is the brain of the operating system then the /proc file system is its personal organizer.
In this article I will describe the /proc file system—what it is, and how it can be used. There is also a description of the program ProcMeter that uses the /proc file system to display useful information.
First of all, the /proc file system is not a real file system; it is a virtual file system without the physical presence that a disk or a tape has. The most common file system you use is the collection of files on the disk. The disk stores the data without regard to meaning, and the file system (e.g., the Linux ext2fs system) makes sense of the data. The file system organizes the data as directories and files for the user. Another common file system is the Network File System (NFS), which makes files on remote computers accessible.
All file systems are managed by the Linux kernel, which maps the data on the device into a usable form. The user-level programs that access the file system do not need to know how or where the data is actually stored. When a program reads from a file, the kernel manipulates the appropriate device to obtain the data. When a program accesses one of the /proc files there is no device; instead, the kernel supplies the information from its internal state. The files exist only while there is a program actually looking at them.
The /proc file system is a feature which Linux inherited from one of its Unix ancestors. There are two main dialects of Unix in popular usage: System V and BSD. The history of these two are not important here, except that System V contains a /proc and BSD does not.
Everything that is happening in Linux. Every single program that is running, the entire contents of memory, the internal workings of the kernel—all the processes currently running on the system are contained in the /proc file system. proc is an abbreviation for process.
The most interesting files in /proc are listed below. This list was compiled from kernel version 1.2.13; other versions will be different. This is not a complete list, but contains only those files whose contents are obvious to casual browsers. A full description of the files can be read in the Linux kernel source code—a task not for the faint-hearted.
The contents of /proc are completely dependent on the processor architecture. (For example, the file /proc/cpuinfo is available only for ix86 processors.) The different types of hardware with which the kernel must communicate can also add files (e.g., /proc/pci on PCI bus computers). There are also files that are present or not, depending on which kernel options are compiled. (My /proc/modules is empty, because I did not compile in modules support.)
cpuinfo contains the information established by the kernel about the processor at boot time, e.g., the type of processor, including variant and features.
kcore contains the entire RAM contents as seen by the kernel.
loadavg contains the system load averages for the last 1, 5 and 15 minutes, along with the number of processes currently running and the total number of processes.
meminfo contains information about the memory usage, how much of the available RAM and swap space are in use and how the kernel is using them.
stat contains system statistics, counts of the amount of usage the kernel has made of basic system resources.
uptime contains the amount of time in seconds that the system has been running, and the amount of that time that it has been idle.
version contains the kernel version information that lists the version number, when it was compiled and who compiled it.
net/ is a directory containing network information.
net/dev contains a list of the network devices that are compiled into the kernel. For each device there are statistics on the number of packets that have been transmitted and received.
net/route contains the routing table that is used for routing packets on the network.
net/snmp contains statistics on the higher levels of the network protocol.
self/ contains information about the current process. The contents are the same as those in the per-process information described below.
pid/ contains information about process number pid. The kernel maintains a directory containing process information for each process.
pid/cmdline contains the command that was used to start the process (using null characters to separate arguments).
pid/cwd contains a link to the current working directory of the process.
pid/environ contains a list of the environment variables that the process has available.
pid/exe contains a link to the program that is running in the process.
pid/fd/ is a directory containing a link to each of the files that the process has open.
pid/mem contains the memory contents of the process.
pid/stat contains process status information.
pid/statm contains process memory usage information.
You can look at the contents of these files yourself. Just type:
and you will see something like:
total: used: free: shared: buffers: Mem: 11423744 8753152 2670592 2670592 2764800 Swap: 25800704 5328896 20471808This table shows you how much memory you have, the amount you are using and how it is being used.
Free DevOps eBooks, Videos, and more!
Regardless of where you are in your DevOps process, Linux Journal can help!
We offer here the DEFINITIVE DevOps for Dummies, a mobile Application Development Primer, and advice & help from the expert sources like:
- Linux Journal
- Users, Permissions and Multitenant Sites
- New Products
- Flexible Access Control with Squid Proxy
- Security in Three Ds: Detect, Decide and Deny
- High-Availability Storage with HA-LVM
- Tighten Up SSH
- DevOps: Everything You Need to Know
- Solving ODEs on Linux
- Non-Linux FOSS: MenuMeters
- March 2015 Issue of Linux Journal: System Administration