参考：https://www.runoob.com/linux/linux-comm-ps.html

目录

1.查找特定uid的进程

2. ps --help

2.1 ps -A

2.2 ps -Af

2.3 ps -AfT

3.总结

---

1.查找特定uid的进程

1）比如看log发现一个uid为1089的进程，但是不知道对应的进程是什么，可以用如下命令查找

ps -A | grep u0_a89

查询结果

chiron:/ $ ps -A | grep u0_a89
u0_a89       28909   628 1821704 102364 0                   0 S com.miui.voiceassist

2）比如看log发现一个uid为10101的进程，但是不知道对应的进程是什么，可以用如下命令查找

ps -A | grep u0_a101

查询结果

chiron:/ $ ps -A | grep u0_a101                                                
u0_a101      32098   627 2588428 105676 0                   0 S com.sohu.inputmethod.sogou.xiaomi

PS:uid系统进程是10000以内，三方是10000以外，三方的uid一般表示为u（用户id，一般是0，多用户依次加1）_a(uid-10000)

PPS:看了help，发现个更简单的

chiron:/ $ ps -ne | grep 10101                                                 
10101        32098   627 2588428 107184 0                   0 S com.sohu.inputmethod.sogou.xiaomi

ps -ne | grep uid

-n    Show numeric USER and GROUP

chiron:/ $ ps -ne                                                              
USER           PID  PPID     VSZ    RSS WCHAN            ADDR S NAME                       
0                1     0   31940   1560 0                   0 S init
0                2     0       0      0 0                   0 S [kthreadd]
...
1000          3077   627 2316852  52620 0                   0 S com.miui.daemon
1027          3091   627 2373336  69492 0                   0 S com.android.nfc
10162         3103   627 2273608  26064 0                   0 S com.xiaomi.mircs

 

 

2. ps --help

chiron:/ $ ps --help
usage: ps [-AadefLlnwZ] [-gG GROUP,] [-k FIELD,] [-o FIELD,] [-p PID,] [-t TTY,] [-uU USER,]

List processes.

Which processes to show (selections may be comma separated lists):

-A	All processes
-a	Processes with terminals that aren't session leaders
-d	All processes that aren't session leaders
-e	Same as -A
-g	Belonging to GROUPs
-G	Belonging to real GROUPs (before sgid)
-p	PIDs (--pid)
-P	Parent PIDs (--ppid)
-s	In session IDs
-t	Attached to selected TTYs
-T	Show threads
-u	Owned by USERs
-U	Owned by real USERs (before suid)

Output modifiers:

-k	Sort FIELDs in +increasing or -decreasting order (--sort)
-M	Measure field widths (expanding as necessary)
-n	Show numeric USER and GROUP
-w	Wide output (don't truncate fields)

Which FIELDs to show. (Default = -o PID,TTY,TIME,CMD)

-f	Full listing (-o USER:12=UID,PID,PPID,C,STIME,TTY,TIME,ARGS=CMD)
-l	Long listing (-o F,S,UID,PID,PPID,C,PRI,NI,ADDR,SZ,WCHAN,TTY,TIME,CMD)
-o	Output FIELDs instead of defaults, each with optional :size and =title
-O	Add FIELDS to defaults
-Z	Include LABEL

Command line -o fields:

  ARGS     CMDLINE minus initial path     CMD  Command (thread) name (stat[2])
  CMDLINE  Command line (argv[])          COMM Command filename (/proc/$PID/exe)
  COMMAND  Command file (/proc/$PID/exe)  NAME Process name (argv[0] of $PID)

Process attribute -o FIELDs:

  ADDR  Instruction pointer               BIT   Is this process 32 or 64 bits
  CPU   Which processor running on        ETIME   Elapsed time since PID start
  F     Flags (1=FORKNOEXEC 4=SUPERPRIV)  GID     Group id
  GROUP Group name                        LABEL   Security label
  MAJFL Major page faults                 MINFL   Minor page faults
  NI    Niceness (lower is faster)
  PCPU  Percentage of CPU time used       PCY     Android scheduling policy
  PGID  Process Group ID
  PID   Process ID                        PPID    Parent Process ID
  PRI   Priority (higher is faster)       PSR     Processor last executed on
  RGID  Real (before sgid) group ID       RGROUP  Real (before sgid) group name
  RSS   Resident Set Size (pages in use)  RTPRIO  Realtime priority
  RUID  Real (before suid) user ID        RUSER   Real (before suid) user name
  S     Process state:
        R (running) S (sleeping) D (device I/O) T (stopped)  t (traced)
        Z (zombie)  X (deader)   x (dead)       K (wakekill) W (waking)
  SCHED Scheduling policy (0=other, 1=fifo, 2=rr, 3=batch, 4=iso, 5=idle)
  STAT  Process state (S) plus:
        < high priority          N low priority L locked memory
        s session leader         + foreground   l multithreaded
  STIME Start time of process in hh:mm (size :19 shows yyyy-mm-dd hh:mm:ss)
  SZ    Memory Size (4k pages needed to completely swap out process)
  TCNT  Thread count                      TID     Thread ID
  TIME  CPU time consumed                 TTY     Controlling terminal
  UID   User id                           USER    User name
  VSZ   Virtual memory size (1k units)    %VSZ    VSZ as % of physical memory
  WCHAN What are we waiting in kernel for

Linux ps命令用于显示当前进程 (process) 的状态。

语法

ps [options] [--help]

参数：

• ps 的参数非常多, 在此仅列出几个常用的参数并大略介绍含义
• -A 列出所有的行程
• -w 显示加宽可以显示较多的资讯
• -au 显示较详细的资讯
• -aux 显示所有包含其他使用者的行程
• au(x) 输出格式 :
• USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
• USER: 行程拥有者
• PID: pid
• %CPU: 占用的 CPU 使用率
• %MEM: 占用的记忆体使用率
• VSZ: 占用的虚拟记忆体大小
• RSS: 占用的记忆体大小
• TTY: 终端的次要装置号码 (minor device number of tty)
• STAT: 该行程的状态:
• D: 无法中断的休眠状态 (通常 IO 的进程)
• R: 正在执行中
• S: 静止状态
• T: 暂停执行
• Z: 不存在但暂时无法消除
• W: 没有足够的记忆体分页可分配
• <: 高优先序的行程
• N: 低优先序的行程
• L: 有记忆体分页分配并锁在记忆体内 (实时系统或捱A I/O)
• START: 行程开始时间
• TIME: 执行的时间
• COMMAND:所执行的指令

2.1 ps -A

chiron:/ $ ps -A
USER           PID  PPID     VSZ    RSS WCHAN            ADDR S NAME                       
root             1     0   31940   1560 0                   0 S init
root             2     0       0      0 0                   0 S [kthreadd]

ps -A是列出所有进程，看列表分为

• USER 进程所属uid
• PID 进程号
• PPID 父进程号
• VSZ Virtual memory size (1k units)
• RSS Resident Set Size (pages in use)
• WCHAN What are we waiting in kernel for
• ADDR Instruction pointer
• S state
• NAME

Process state:
        R (running) S (sleeping) D (device I/O) T (stopped)  t (traced)
        Z (zombie)  X (deader)   x (dead)       K (wakekill) W (waking)
 

2.2 ps -Af

1|chiron:/ $ ps -Af                                                            
UID            PID  PPID C STIME TTY          TIME CMD
root             1     0 0 11:24:30 ?     00:01:07 init
root             2     0 0 11:24:30 ?     00:00:03 [kthreadd]
root             3     2 0 11:24:30 ?     00:07:03 [ksoftirqd/0]
root             7     2 0 11:24:30 ?     00:08:29 [rcu_preempt]
root             8     2 0 11:24:30 ?     00:01:21 [rcu_sched]

STIME Start time of process in hh:mm (size :19 shows yyyy-mm-dd hh:mm:ss)

TTY     Controlling terminal

 

2.3 ps -AfT

UID            PID   TID  PPID TCNT STIME TTY          TIME CMD
u0_a101      32098 32098   627   35 16:06:45 ?     00:04:53 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32103   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32104   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32105   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32106   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32107   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32108   627   35 16:06:45 ?     00:00:06 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32109   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32110   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32111   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32113   627   35 16:06:45 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32119   627   35 16:06:45 ?     00:01:56 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32120   627   35 16:06:45 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32125   627   35 16:06:46 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32126   627   35 16:06:46 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32136   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32137   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32139   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32142   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32143   627   35 16:06:47 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32147   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 32153   627   35 16:06:47 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2360   627   35 16:09:12 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2361   627   35 16:09:12 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2427   627   35 16:09:19 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2429   627   35 16:09:19 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2442   627   35 16:09:24 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  2445   627   35 16:09:24 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 13576   627   35 16:41:04 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 16113   627   35 16:50:30 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 21796   627   35 17:26:56 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  1284   627   35 18:53:17 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  7372   627   35 08:10:20 ?     00:00:01 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098  7723   627   35 12:23:33 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi
u0_a101      32098 28653   627   35 09:51:56 ?     00:00:00 com.sohu.inputmethod.sogou.xiaomi

TCNT  Thread count

TIME  CPU time consumed

用这个命令可以看到对应进程有多少线程，并且跑了多久了

 

3.总结

ps有几个好用的命令参数

-A 列出所有进程

-T 列出所有线程

-n 列出user