The Linux kernel provides a mechanism for accessing kernel internal data structures and changing kernel settings through the/proc file system at run time. Although the basic concepts of the/proc file system for Linux systems on various hardware platforms are the same, this article only discusses Linux/proc file systems based on the Intel x86 architecture.
/proc---a virtual file system
The/proc file system is a mechanism that the kernel and kernel modules use to send information to processes (so called/proc). This pseudo file system allows you to interact with the internal data structure of the kernel, get useful information about the process, and change the settings (by changing the kernel parameters) in the runtime (on the fly). Unlike other file systems,/proc exists in memory rather than on the hard disk. If you look at the file/proc/mounts (listing all the loaded file systems like the Mount command), you'll see that one line is like this:
The code is as follows:
grep proc/proc/mounts
/PROC/PROC proc RW 0 0
/proc is controlled by the kernel and does not have a device that hosts/proc. Because/proc mainly holds state information controlled by the kernel, the logical location of most of this information is in the kernel-controlled memory. A ' ls-l ' for/proc can see that most of the files are 0 bytes large, but when you look at them, you can actually see some information. How is that possible? This is because the/proc file system registers itself with the virtual file system layer (VFS) Like other regular file systems. However, the/proc file system establishes the corresponding files and directories according to the information in the kernel, until the VFS invokes it and requests the i-node of the file and directory.
Loading the proc file system
If the proc file system is not yet loaded in the system, you can load the proc file system by using the following command:
The code is as follows:
MOUNT-T proc Proc/proc
The above command will successfully load your proc file system. For more details, read the Mount Command's man page.
View files in/proc
/proc files can be used to access information about the state of the kernel, the properties of the computer, the status of the running process, and so on. Most files and directories in/proc provide the most up-to-date information about the physical environment of the system. Although the files in/proc are virtual, they can still be viewed using any file editor or a program such as ' more ', ' less ' or ' cat '. When an editor tries to open a virtual file, the file is created out of thin air (on the fly) through the information in the kernel. This is some of the interesting results I got from my system:
The code is as follows:
$ ls-l/proc/cpuinfo
-r--r--r--1 root 0 Dec 11:01/proc/cpuinfo
$ file/proc/cpuinfo
/proc/cpuinfo:empty
$ cat/proc/cpuinfo
processor:0
Vendor_id:genuineintel
CPU Family:6
Model:8
Model Name:pentium III (Coppermine)
Stepping:6
CPU mhz:1000.119
Cache size:256 KB
Fdiv_bug:no
Hlt_bug:no
Sep_bug:no
F00f_bug:no
Coma_bug:no
Fpu:yes
Fpu_exception:yes
CPUID Level:2
Wp:yes
FLAGS:FPU VME de PSE TSC MSR PAE MCE cx8 APIC Sep MTRR PGE MCA
Cmov Pat Pse36 MMX FXSR XMM
bogomips:1998.85
Processor:3
Vendor_id:genuineintel
CPU Family:6
Model:8
Model Name:pentium III (Coppermine)
Stepping:6
CPU mhz:1000.119
Cache size:256 KB
Fdiv_bug:no
Hlt_bug:no
Sep_bug:no
F00f_bug:no
Coma_bug:no
Fpu:yes
Fpu_exception:yes
CPUID Level:2
Wp:yes
FLAGS:FPU VME de PSE TSC MSR PAE MCE cx8 APIC Sep MTRR PGE MCA
Cmov Pat Pse36 MMX FXSR XMM
bogomips:1992.29
This is a result from a dual-CPU system, and most of the information above gives a very clear picture of the useful hardware information for the system. Some files in/proc are encoded, and different tools can be used to interpret the encoded information and output it in a readable form. Such tools include: ' Top ', ' ps ', ' APM ' and so on.
Get useful system/kernel information
The proc file system can be used to collect useful information about the system and the running kernel. Here are some important documents:
/PROC/CPUINFO-CPU information (model, family, cache size, etc.)
/proc/meminfo-Information on physical memory, swap space, etc.
/proc/mounts-List of loaded file systems
/proc/devices-List of available devices
/proc/filesystems-Supported file systems
/proc/modules-Loaded Modules
/proc/version-Kernel version
/proc/cmdline-Kernel command line arguments entered at system startup
The files in the proc are much more than those listed above. Readers who want to know more about each of the files in/proc can be ' more ' or read the reference [1] For more information about the files in the/proc directory. I suggest using ' more ' instead of ' cat ' unless you know the file is small, because some files (such as Kcore) can be very long.
Information about a running process
The/proc file system can be used to obtain information about a running process. There are numbered subdirectories in/proc. Each numbered directory corresponds to a process ID (PID). In this way, each running process/proc has a directory named with its PID. These subdirectories contain files that can provide important details about the state and environment of the process. Let's try to find a running process.
The code is as follows:
$ PS-AEF | grep Mozilla
Root 32558 32425 8 22:53 pts/1 00:01:23/usr/bin/mozilla
The above command shows that there is a running Mozilla process PID is 32558. Accordingly, the/proc should have a directory called 32558
The code is as follows:
$ ls-l/proc/32558
Total 0
-r--r--r--1 root 0 Dec 22:59 cmdline
-r--r--r--1 root 0 Dec 22:59 CPU
lrwxrwxrwx 1 root 0 Dec 22:59 cwd->/proc/
-r--------1 root 0 Dec 22:59 environ
lrwxrwxrwx 1 root 0 Dec 22:59 exe->/usr/bin/mozilla*
Dr-x------2 Root 0 Dec 22:59 fd/
-r--r--r--1 Root 0 Dec 22:59 maps
-RW-------1 root 0 Dec 22:59 mem
-r--r--r--1 root 0 Dec 22:59 Mounts
lrwxrwxrwx 1 root 0 Dec 22:59 root->//
-r--r--r--1 root 0 Dec 22:59 stat
-r--r--r--1 root 0 Dec 22:59 Statm
-r--r--r--1 root 0 Dec 22:59 status
The file "CmdLine" contains the command line that was invoked when the process was started. The environment of the "envir" process changes to two. Status is the state information of the process, including the user ID (UID) and group ID (GID) of the user who started the process, the parent process ID (PPID), and the current state of the process, such as "sleelping" and "Running". Each process's directory has several symbolic links, "cwd" is a symbolic link to the current working directory of the process, "EXE" points to the executable program of the running process, and "root" points to the directory (usually "/") that the process considers to be the root directory. Directory "FD" contains a link to the file descriptor used by the process. CPU only appears when running the SMP kernel, which is the process time divided by CPU.
/proc/self is an interesting subdirectory that makes it easy for programs to use/proc to find information about this process. /proc/self is a symbolic link to a directory that is linked to the PID for a process that accesses/proc in/Proc.
Interacting with the kernel through/proc
Most of the files in/proc discussed above are read-only. In fact, the/proc file system provides a mechanism for interacting with the kernel through files that can be read and written in/Proc. Writing these files can change the state of the kernel, so be careful to change these files. The/proc/sys directory holds a directory of all readable and writable files that can be used to change kernel behavior.
/proc/sys/kernel-This directory contains information about the behavior of the anti-generic kernel. /proc/sys/kernel/{domainname, hostname} stores the domain name and hostname of the machine/network. These files can be used to modify these names.
The code is as follows:
$ hostname
Machinename.domainname.com
$ cat/proc/sys/kernel/domainname
Domainname.com
$ cat/proc/sys/kernel/hostname
MachineName
$ echo "New-machinename" >/proc/sys/kernel/hostname
$ hostname
New-machinename.domainname.com
In this way, we can modify the host name by modifying the files in the/proc file system. Many other configurable files exist in the/proc/sys/kernel/. It is not possible to list all these files, and readers can go to the directory to see for more details.
Another configurable directory is/proc/sys/net. The files in this directory can be used to modify the network properties of the machine/network. For example, simply modify a file that you can hide in a network addict computer.
The code is as follows:
$ echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
This will be addictive in the network to hide your machine because it does not respond to Icmp_echo. The host will not respond to ping queries issued by other hosts.
The code is as follows:
$ ping machinename.domainname.com
No answer from Machinename.domainname.com
To change back to the default settings, just
The code is as follows:
$ echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all
There are many other/proc/sys that can be used to change the kernel properties. Readers can get more information by reference [1], [2].
Conclusion
The/proc file system provides a file-based Linux internal interface. It can be used to determine the state of a system's various devices and processes. Configure them. Therefore, understanding and applying knowledge about this file system is the key to understanding your Linux system.