In this section, we will show you how processes work in Linux. Now, let's discuss everything about processes. Every program in a Linux system that is currently running is called a process. One single program can consist of multiple processes, and the process can start other processes. For example, as we already know, the Bash shell itself is a command, so, when started, it gets a process. Each command you start in this shell is a new process started by the shell process. So, for example, each time we execute the la -al command, the Bash shell process creates a new process in which the ls -al command is running. There are many, processes running all the time on every Linux system. If you have a multiprocessor CPU computer, some of those processes really are physically running in parallel all the time. Other processes, or if you have a single processor CPU, are running only semi-parallel, which means every process only runs for a few milliseconds on the CPU then pauses, which is also called being put to sleep, so the system can execute the next process for a small period of time. This system allows the execution of all processes seemingly in parallel, when in reality they are processed sequentially one after another.
All processes in a Linux system get created by another process so that every process has a parent process that created it. Only the first process does not have a parent, which in CentOS 7 is the systemd process. To get a list of all the running processes, run the ps command. Herem we use it with the -ev option and pipe its output into the less command as it does not fit the screen. You'll see that every process has a unique identifier, which is called the process identifier, or PID for short. The first process, the systemd process, has the PID of 1. The subsequent ones are in increasing order. Every process has a user ID associated to it, and also every process has a parent denoted by the parent process ID column. You'll notice that the first two processes in the list have a parent PID of 0, which means they don't have a parent.
To get a better understanding of the parent-child process relationship, you can use the pstree command, which we first need to install using the psmisc package. Afterward, just start the pstree command. With it you get a better understanding of which parent process created which child process, and how the relationship between the processes is. As said before, the systemd process is the first process in the system, which created all the other processes in the system. Every process also has a state; type man ps and go to the state section. The most important states are running. This means the process is currently running and will get executed by the CPU, or is in the run queue, which means it's just about to be started. You will see sleeping if the process execution is interrupted in favor of the next process in the waiting queue, or stopped, and even defunct or zombie, which means that the process terminated but the parent process does not know about it yet.
As we have learned in the previous section, you can also use the top or htop command to get a dynamic or real-time view on the processes in your system. The state column shows you the state of the process, where r stands for running, s for sleeping, and so on. If a new process gets created, the parent process will be cloned or copied exactly to the child process, so it has exactly the same data and environment as the parent process. Only the PID will be different, but the parent and child process are completely independent from each other.