linux poison RSS
linux poison Email

/proc explained

This  filesystem (/proc) contains a huge set of numbered directories that come and go. Each and one of these numbered directories contains information pertaining to all of the currently active processes on the machine. When a new process is started, a new directory is created in the /proc filesystem for it, and a lot of data is created within it regarding the process, such as the commandline with which the program was started with, a link to the "current working directory", environment variables, where the executable is located, and so on

Most of the information in the files are rather "human readable", except a few of them. However, a few of them you should not touch, such as the kcore file. The kcore file contains debugging information regarding the kernel, and if you try to 'cat' it, your system may very well hang up and die. If you try to copy it to a real file on the harddrive, you will very soon have filled up your whole partition, and so on. What all of this tells you is to be very careful. Mostly, none of the variables or entries in the /proc filesystem is not dangerous to watch, but a few of them are. A brief walkthrough of the most important files:
  • cmdline - The command line issued when starting the kernel.
  • cpuinfo - Information about the Central Processing Unit, who made it, known bugs, flags etcetera.
  • dma - Contains information about all DMA channels available, and which driver is using it.
  • filesystems - Contains short information about every single filesystem that the kernel supports.
  • interrupts - Gives you a brief listing of all IRQ channels, how many interrupts they have seen and what driver is actually using it.
  • iomem - A brief file containing all IO memory mappings used by different drivers.
  • ioports - Contains a brief listing of all IO ports used by different drivers.
  • kcore - Contains a complete memory dump. Do not cat or anything like that, you may freeze your system. Mainly used to debug the system.
  • kmsg - Contains messages sent by kernel, is not and should not be readable by users since it may contain vital information. Main usage is to debug the system.
  • ksyms - This contains the kernel symbol table, which is mainly used to debug the kernel.
  • loadavg - Gives the load average of the system during the last 1, 5 and 15 minutes.
  • meminfo - Contains information about memory usage on the system.
  • modules - Contains information about all currently loaded modules in the kernel.
  • mounts - Symlink to another file in the /proc filesystem which contains information about all mounted filesystems.
  • partitions - Contains information about all partitions found on all drives in the system.
  • pci - Gives tons of hardware information about all PCI devices on the system, also includes AGP devices and built in devices which are connected to the PCI bus.
  • swaps - Contains information about all swap partitions mounted.
  • uptime - Gives you the uptime of the computer since it was last rebooted in seconds.
  • version - Gives the exact version string of the kernel currently running, including build date and gcc versions etcetera.
And here is a list of the main directories and what you can expect to find in there:
  • bus - Contains information about all the buses, hardware-wise, such as USB, PCI and ISA buses.
  • ide - Contains information about all of the IDE buses on systems that has IDE buses.
  • net - Some basic information and statistics about the different network systems compiled into the system.
  • scsi - This directory contains information about SCSI buses on SCSI systems.
  • sys - Contains lots of variables that may be changed, including the /proc/sys/net/ipv4 which will be deeply discussed in this document.


Post a Comment

Related Posts with Thumbnails