Home

The /proc File System And ProcMeter

Issue 36

From Issue #36
April 1997

Apr 01, 1997  By Andrew M. Bishop
 in
You may rely on your electronic Rolodex to organize your life, but Linux uses the /proc file system.

The /proc file system is a part of Linux that most people have not investigated deeply—perhaps may have never heard of. Like the kernel itself, it is a vital part of a Linux system. Yet its contents and its function are a mystery to most users. If the kernel is the brain of the operating system then the /proc file system is its personal organizer.

In this article I will describe the /proc file system—what it is, and how it can be used. There is also a description of the program ProcMeter that uses the /proc file system to display useful information.

What Is the /proc File System?

First of all, the /proc file system is not a real file system; it is a virtual file system without the physical presence that a disk or a tape has. The most common file system you use is the collection of files on the disk. The disk stores the data without regard to meaning, and the file system (e.g., the Linux ext2fs system) makes sense of the data. The file system organizes the data as directories and files for the user. Another common file system is the Network File System (NFS), which makes files on remote computers accessible.

All file systems are managed by the Linux kernel, which maps the data on the device into a usable form. The user-level programs that access the file system do not need to know how or where the data is actually stored. When a program reads from a file, the kernel manipulates the appropriate device to obtain the data. When a program accesses one of the /proc files there is no device; instead, the kernel supplies the information from its internal state. The files exist only while there is a program actually looking at them.

The /proc file system is a feature which Linux inherited from one of its Unix ancestors. There are two main dialects of Unix in popular usage: System V and BSD. The history of these two are not important here, except that System V contains a /proc and BSD does not.

What Is in This File System?

Everything that is happening in Linux. Every single program that is running, the entire contents of memory, the internal workings of the kernel—all the processes currently running on the system are contained in the /proc file system. proc is an abbreviation for process.

The most interesting files in /proc are listed below. This list was compiled from kernel version 1.2.13; other versions will be different. This is not a complete list, but contains only those files whose contents are obvious to casual browsers. A full description of the files can be read in the Linux kernel source code—a task not for the faint-hearted.

The contents of /proc are completely dependent on the processor architecture. (For example, the file /proc/cpuinfo is available only for ix86 processors.) The different types of hardware with which the kernel must communicate can also add files (e.g., /proc/pci on PCI bus computers). There are also files that are present or not, depending on which kernel options are compiled. (My /proc/modules is empty, because I did not compile in modules support.)

Some Common Files in /proc

  • cpuinfo contains the information established by the kernel about the processor at boot time, e.g., the type of processor, including variant and features.

  • kcore contains the entire RAM contents as seen by the kernel.

  • loadavg contains the system load averages for the last 1, 5 and 15 minutes, along with the number of processes currently running and the total number of processes.

  • meminfo contains information about the memory usage, how much of the available RAM and swap space are in use and how the kernel is using them.

  • stat contains system statistics, counts of the amount of usage the kernel has made of basic system resources.

  • uptime contains the amount of time in seconds that the system has been running, and the amount of that time that it has been idle.

  • version contains the kernel version information that lists the version number, when it was compiled and who compiled it.

  • net/ is a directory containing network information.

  • net/dev contains a list of the network devices that are compiled into the kernel. For each device there are statistics on the number of packets that have been transmitted and received.

  • net/route contains the routing table that is used for routing packets on the network.

  • net/snmp contains statistics on the higher levels of the network protocol.

  • self/ contains information about the current process. The contents are the same as those in the per-process information described below.

  • pid/ contains information about process number pid. The kernel maintains a directory containing process information for each process.

  • pid/cmdline contains the command that was used to start the process (using null characters to separate arguments).

  • pid/cwd contains a link to the current working directory of the process.

  • pid/environ contains a list of the environment variables that the process has available.

  • pid/exe contains a link to the program that is running in the process.

  • pid/fd/ is a directory containing a link to each of the files that the process has open.

  • pid/mem contains the memory contents of the process.

  • pid/stat contains process status information.

  • pid/statm contains process memory usage information.

You can look at the contents of these files yourself. Just type:

cat /proc/meminfo

and you will see something like: 

    total:  used:  free:  shared: buffers:
Mem: 11423744 8753152 2670592 2670592 2764800
Swap: 25800704 5328896 20471808
This table shows you how much memory you have, the amount you are using and how it is being used.

______________________

Webcast
More Resources
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers

Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions