The /proc filesystem





Last Updated on 09/18/2013 by dboth

The /proc filesystem is one of the most important filesystems on any Linux computer. It is also a very powerful tool for the system administrator. It is both a view into the instantaneous status of the running kernel and a way to modify the operational parameters of the kernel.

The /proc filesystem is a virtual filesystem. It exists in RAM only and is not stored or recorded on the hard drive. It therefore exists only when the computer is turned on and running.

The /proc filesystem contains many different types of data. All of this data is observable by any user or process, whether root or non-root. This means that users, programs and scripts can all access any of the data in the /proc filesystem without the necessity of using protected mode system calls and their attendant CPU overhead. The kernel has been designed specifically to store performance data there and to use the configuration variables stored there for configuration and tuning.

For example, each process has a subdirectory in the /proc filesystem, with the name of the directory being the process ID (PID) of the process. That subdirectory contains all of the information about a process including private and shared memory usage, various statistics, the environment variables, current status, stack contents, and a great deal more.

The /proc directory itself contains many system statistics including memory and CPU data, load averages, disk statistics, device information, a count of interrupts and much more.

The /proc/sys directory and its subdirectories contains files that contain kernel configuration parameters.

Data stored in /proc/sys/kernel includes information such as the hostname, OS information (the stuff you get from the uname command), the maximum PID number that the kernel can assign, and again, much much more. The difference with these parameters is that they can be changed. But you should only do so if you know exactly what you are doing.

Changes to kernel configuration parameters is instantaneous and no reboot of the system is required for them to take effect.

Viewing system data

There are a large number of Linux commands that are used in the process of analyzing system performance and problem determination. Most of these commands obtain their information from various files in the /proc filesystem.

For example. the free command displays the amount of free memory as well as the memory and swap space in use.

[root@voyager ~]# free
             total       used       free     shared    buffers     cached
Mem:       8107216    4583236    3523980          0      69524    2460124
-/+ buffers/cache:    2053588    6053628
Swap:      4194300          0    4194300

Other commands like top, htop, w, and many more use the /proc filesystem as the source for their data. Thus there is no need for simple utilities to have privileged access to the kernel. The kernel stores all of its performance data in a virtual filesystem that is freely accessible to all users.

All of the data displayed by these commands and many others are stored by the kernel in the /proc filesystem. Because the kernel already stores this data in an easily accessible location and format, it is possible for other programs to access it with no impact upon the performance of the kernel.

Each of the following commands allow you to view some of the raw data from the /proc filesystem.

cat /proc/meminfo
cat /proc/cpuinfo
cat /proc/loadavg

Cat each of the above files multiple times to observe the changes in the various data as the kernel changes.

These are just a few of the files in /proc that contain incredibly useful information.

Modifying the running kernel

It is possible to modify the configuration parameters of the running kernel. You may wish to do this to tune the performance parameters of the system, or to alter its functionality. Note that only root user can make changes to the /proc filesystem.

For example, you may wish to configure the host as a router. This is a fairly trivial thing to do and requires only adding one or two entries to your firewall and a change to the kernel parameter, ip_forward.

If you cat the contents of /proc/sys/net/ipv4/ip_forward it is zero (0) by default. To turn your computer into a router use the command below.

echo 1 > /proc/sys/net/ipv4/ip_forward

This command turns your Linux computer into a router by turning on IP packet forwarding. Instantly. No reboot required. See the page “Making your Linux Box Into a Router” for the complete procedure required to perform this task.

To test a more visible change, you can alter the hostname in /proc/sys/kernel/hostname. If you cat that file you can see the current value of the hostname. Type the hostname  command to see the current hostname as the system sees it. Use the command below to alter the value in that file.

echo test.example.com > /proc/sys/kernel/hostname

Now use the hostname  command again to see that the hostname has changed. Note that the hostname that is part of your command prompt does not change. The reason is that each program inherits its environment variables when it is started and the environment is not changed unless it is overtly changed by the user. One of those environment variables is $HOSTNAME. If you use the command echo $HOSTNAME you will see that it contains the old value for the hostname.

You do need to be aware that any kernel configuration change made in the /proc/sys directory is only temporary until the next reboot. All changes you make in /proc/sys are non-persistent and will be replaced by the default values at each reboot.

The point here is that the configuration parameters of the live, running kernel can be changed instantaneously using the /proc filesystem, and that no ugly reboots are required.

Making changes permanent

To make permanent any kernel configuration changes there are configuration files that are parsed at boot time and which can be used to make any changes persistent across reboots.

For CentOS and fedora up through Fedora 18, change the value of following line in the /etc/sysctl.conf file from 0 (zero) to 1 (one).

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

For Fedora 19 and above the default entries in the /etc/sysctl.conf file have been moved to a series of files in the /usr/lib/sysctl.d/ directory. However the remaining stub of the /etc/sysctl.conf file can be used to add non-default entries for sysctl. So add the following lines to the /etc/sysctl.conf file.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

Note that the hostname is not set permanently in the /etc/sysctl.conf file, but in the /etc/sysconfig/hostname file. The hostname command can be used to permanently change the hostname as shown in the sample command below.

hostname test.example.com

You can  also change the hostname in the /etc/sysconfig/hostname file and then reboot the system for the name change to take effect.

On systems that use systemd for startup, the hostname command will set the hostname temporarily but this change is not persistent through a reboot.

To change the hostname on systems using systemd, change the contents of the /etc/hostname file.

See “Setting the host name” for more details on changing the hostname.