This chapter is from the book
This chapter is from the book
This chapter is from the book
Viewing a Process
Objective:
Explain how to view system processes.
Solaris is a multitasking environment in which a number of programs run at the same time. This means that many users can be active on the system at the same time, running many jobs (processes) simultaneously. Each Solaris program can start and stop multiple processes while it is running, but only one job is active per processor at any given time while the other jobs wait in a job queue. Because each process takes its turn running in very short time slices (much less than a second each), multitasking operating systems give the appearance that multiple processes are running at the same time. A parent process forks a child process, which, in turn, can fork other processes.
A program can be made up of many processes. A process is part of a program running in its own address space. A process under Solaris consists of an address space and a set of data structures in the kernel to keep track of that process. The address space is divided into various sections that include the instructions that the process may execute, memory allocated during the execution of the process, the stack, and memory-mapped files. The kernel must keep track of the following data for each process on the system:
- Address space
- Current status of the process
- Execution priority of the process
- Resource usage of the process
- Current signal mask
- Ownership of the process
A process is distinct from a job, command, or program that can be composed of many processes working together to perform a specific task. For example, a computer-aided design application is a single program. When this program starts, it spawns other processes as it runs. When a user logs in to the program, it spawns yet other processes. Each process has a process ID associated with it and is referred to as a PID. You can monitor processes that are currently executing by using one of the commands listed in Table 5.1.
Table 5.1. Commands to Display Processes
|
Command |
Description |
|
mpstat |
Executed from the command line, mpstat reports processor statistics in tabular form. Each row of the table represents the activity of one processor. |
|
ps |
Executed from the command line to display information about active processes. |
|
pgrep |
Executed from the command line to find processes by a specific name or attribute. |
|
prstat |
Executed from the command line to display information about active processes on the system. |
|
ptree |
Prints the process trees containing the specified pids or users, with child processes indented from their respective parent processes. |
|
sdtprocess |
A GUI used to display and control processes on a system. This utility requires the X Window System (also known as X Windows). |
|
SMC process tool |
A GUI available in the Solaris Management Console used to monitor and manage processes on a system. |
|
pargs |
Executed from the command line to examine the arguments and environment variables of a process. |
|
svcs |
With the -p option, this Service Management Facility command will list processes associated with each service instance. |
|
time |
Time a simple command. |
Before getting into the commands used to monitor processes, you first need to become familiar with process attributes. A process has certain attributes that directly affect execution. These are listed in Table 5.2.
Table 5.2. Process Attributes
|
Attribute |
Description |
|
PID |
The process identification (a unique number that defines the process within the kernel) |
|
PPID |
The parent PID (the parent of the process) |
|
UID |
The user ID number of the user who owns the process |
|
EUID |
The effective user ID of the process |
|
GID |
The group ID of the user who owns the process |
|
EGID |
The effective group ID that owns the process |
|
Priority |
The priority at which the process runs |
Use the ps command to view processes currently running on the system. Use the ps command when you're on a character-based terminal and don't have access to a graphical display. Adding the -l option to the ps command displays a variety of other information about the processes currently running, including the state of each process (listed under S). The codes used to show the various process states are listed in Table 5.3.
Table 5.3. Process States
|
Code |
Process State |
Description |
|
O |
Running |
The process is running on a processor. |
|
S |
Sleeping |
The process is waiting for an event to complete. |
|
R |
Runnable |
The process is on the run queue. |
|
Z |
Zombie state |
The process was terminated and the parent is not waiting. |
|
T |
Traced |
The process was stopped by a signal because the parent is tracing it. |
|
W |
Waiting |
The process is waiting for CPU usage to drop to the CPU-caps enforced limits |
To see all the processes that are running on a system, type the following:
ps -el
The system responds with the following output:
# ps -el F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD 19 T 0 0 0 0 0 SY ? 0 ? 0:18 sched 8 S 0 1 0 0 40 20 ? 150 ? ? 0:00 init 19 S 0 2 0 0 0 SY ? 0 ? ? 0:00 pageout 19 S 0 3 0 0 0 SY ? 0 ? ? 0:01 fsflush 8 S 0 309 1 0 40 20 ? 217 ? ? 0:00 sac 8 S 0 315 1 0 40 20 ? 331 ? ? 0:00 sshd 8 S 0 143 1 0 40 20 ? 273 ? ? 0:00 rpcbind 8 S 0 51 1 0 40 20 ? 268 ? ? 0:00 sysevent 8 S 0 61 1 0 40 20 ? 343 ? ? 0:01 picld 8 S 0 453 403 0 50 20 ? 1106 ? ? 0:00 dtfile 8 S 0 189 1 0 40 20 ? 509 ? ? 0:00 automoun 8 S 0 165 1 0 40 20 ? 292 ? ? 0:00 inetd 8 S 0 200 1 0 40 20 ? 415 ? ? 0:00 syslogd 8 S 0 180 1 0 40 20 ? 266 ? ? 0:00 lockd 8 S 0 219 1 0 40 20 ? 391 ? ? 0:00 lpsched 8 S 1 184 1 0 40 20 ? 306 ? ? 0:00 statd 8 S 0 214 1 0 40 20 ? 365 ? ? 0:00 nscd 8 S 0 204 1 0 40 20 ? 254 ? ? 0:00 cron 8 S 0 232 1 0 40 20 ? 173 ? ? 0:00 powerd 8 S 0 255 254 0 40 20 ? 215 ? ? 0:00 smcboot 8 S 0 258 1 0 40 20 ? 356 ? ? 0:02 vold
The manual page for the ps command describes all the fields displayed with the ps command, as well as all the command options. Table 5.4 lists some important fields.
Table 5.4. Process Fields
|
Field |
Description |
|
F |
Flags associated with the process. |
|
S |
The state of the process. |
|
UID |
The user ID of the process owner. For many processes, this is 0 because they run setuid. |
|
PID |
The process ID of each process. This value should be unique. Generally, PIDs are allocated lowest to highest, but they wrap at some point. This value is necessary for you to send a signal, such as the kill signal, to a process. |
|
PPID |
The parent process ID. This identifies the parent process that started the process. Using the PPID enables you to trace the sequence of process creation that took place. |
|
PRI |
The priority of the process. Without the -c option, higher numbers mean lower priority. With the -c option, higher numbers mean higher priority. |
|
NI |
The nice value, used in priority computation. This is not printed when the -c option is used. The process's nice number contributes to its scheduling priority. Making a process nicer means lowering its priority. |
|
ADDR |
The memory address of the process. |
|
SZ |
The SIZE field. This is the total number of pages in the process. Page sizes are 8192 bytes on sun4u systems, but vary on different hardware platforms. Issue the /usr/bin/pagesize command to display the page size on your system. |
|
WCHAN |
The address of an event for which the process is sleeping (if it's -, the process is running). |
|
STIME |
The starting time of the process (in hours, minutes, and seconds). |
|
TTY |
The terminal assigned to your process. |
|
TIME |
The cumulative CPU time used by the process in minutes and seconds. |
|
CMD |
The command that generated the process. |
You often want to look at all processes. You can do this using the command ps -el. A number of options available with the ps command control what information gets printed. A few of them are listed in Table 5.5.
Table 5.5. ps Command Options
|
Option |
Description |
|
-A |
Lists information for all processes. Identical to the -e option. |
|
-a |
Lists information about all the most frequently requested processes. Processes not associated with a terminal will not be listed. |
|
-e |
Lists information about every process on the system. |
|
-f |
Generates a full listing. |
|
-l |
Generates a long listing. |
|
-P |
Prints the number of the processor to which the process is bound, if any, under an additional column header PSR. This is a useful option on systems that have multiple processors. |
|
-u <username> |
Lists only process data for a particular user. In the listing, the numerical user ID is printed unless you give the -f option, which prints the login name. |
For a complete list of options to the ps command, refer to the Solaris online manual pages.
pgrep
The pgrep command replaces the combination of the ps, grep, egrep, and awk commands that were used to manage processes in earlier releases of Solaris. The pgrep command examines the active processes on the system and reports the process IDs of the processes whose attributes match the criteria you specify on the command line. The command syntax for the pgrep command is shown here:
pgrep <options> <pattern>
pgrep options are described in Table 5.6.
Table 5.6. pgrep Options
|
Option |
Description |
|
-d <delim> |
Specifies the output delimiter string to be printed between each matching process ID. If no -d option is specified, the default is a newline character. |
|
-f |
The regular expression pattern should be matched against the full process argument string. If no -f option is specified, the expression is matched only against the name of the executable file. |
|
-g <pgrplist> |
Matches only processes whose process group ID is in the given list. |
|
-G <gidlist> |
Matches only processes whose real group ID is in the given list. Each group ID may be specified as either a group name or a numerical group ID. |
|
-l |
Long output format. Prints the process name along with the process ID of each matching process. |
|
-n |
Matches only the newest (most recently created) process that meets all other specified matching criteria. |
|
-P <ppidlist> |
Matches only processes whose parent process ID is in the given list. |
|
-s <sidlist> |
Matches only processes whose process session ID is in the given list. |
|
-t <termlist> |
Matches only processes that are associated with a terminal in the given list. Each terminal is specified as the suffix following /dev/ of the terminal's device pathname in /dev (for example, term/a or pts/0). |
|
-u <euidlist> |
Matches only processes whose effective user ID is in the given list. Each user ID may be specified as either a login name or a numerical user ID. |
|
-U <uidlist> |
Matches only processes whose real user ID is in the given list. Each user ID may be specified as either a login name or a numerical user ID. |
|
-v |
Matches all processes except those that meet the specified matching criteria. |
|
-x |
Considers only processes whose argument string or executable filename exactly matches the specified pattern. |
|
<pattern> |
A pattern to match against either the executable filename or full process argument string. |
For example, the following pgrep command finds all processes that have "dt" in the process argument string:
# pgrep -l -f "dt"
The system responds with this:
500 /usr/dt/bin/dtlogin -daemon 16224 ./dtterm 438 /usr/dt/bin/dtlogin -daemon 448 /usr/openwin/bin/Xsun :0 -defdepth 24 -nobanner -auth /var/dt/A:0-p_aW2a 520 dtgreet -display :0
To find the process ID for the lpsched process, issue this command:
# pgrep -l lpsched
The system responds with this:
6899 lpsched
prstat
Use the prstat command from the command line to monitor system processes. Again, like the ps command, it provides information on active processes. The difference is that you can specify whether you want information on specific processes, UIDs, CPU IDs, or processor sets. By default, prstat displays information about all processes sorted by CPU usage. Another nice feature with prstat is that the information remains on the screen and is updated periodically. The information displayed by the prstat command is described in Table 5.7.
Table 5.7. Column Headings for the prstat Command
|
Column Heading |
Description |
|
PID |
The process identification (a unique number that defines the process within the kernel) |
|
USERNAME |
The login ID name of the owner of the process |
|
SIZE |
The total virtual memory size of the process in kilobytes (K), megabytes (M), or gigabytes (G) |
|
RSS |
The resident set size of the process in kilobytes, megabytes, or gigabytes |
|
STATE |
The state of the process: |
|
cpu<n>—Process is running on CPU. |
|
|
sleep—Process is waiting for an event to complete. |
|
|
run—Process is in the run queue. |
|
|
zombie—Process has terminated and parent is not waiting. |
|
|
stop—Process is stopped. |
|
|
PRI |
The priority of the process |
|
NICE |
The value used in priority computation |
|
TIME |
The cumulative execution time for the process |
|
CPU |
The percentage of recent CPU time used by the process |
|
PROCESS |
The name of the process |
|
NLWP |
The number of lightweight processes (LWPs) in the process |
This section will introduce some new terminology, so Table 5.8 defines a few terms related to processing in general.
Table 5.8. Process Terminology
|
Term |
Description |
|
Multitasking |
A technique used in an operating system for sharing a single processor among several independent jobs. Multitasking introduces overhead because the processor spends some time choosing the next job to run and saving and restoring tasks' state. However, it reduces the worst-case time from job submission to completion compared with a simple batch system, in which each job must finish before the next one starts. Multitasking also means that while one task is waiting for some external event, the CPU is free to do useful work on other tasks. A multitasking operating system should provide some degree of protection of one task from another to prevent tasks from interacting in unexpected ways, such as accidentally modifying the contents of each other's memory areas. The jobs in a multitasking system may belong to one or many users. This is distinct from parallel processing, in which one user runs several tasks on several processors. Time sharing is almost synonymous with multitasking, but it implies that there is more than one user. |
|
Parallel processing |
The simultaneous use of more than one CPU to solve a problem. The processors either may communicate to cooperate in solving a problem or may run completely independently, possibly under the control of another processor that distributes work to the others and collects results from them. |
|
Multithreaded |
Multithreaded is a process that has multiple flows (threads) of control. The traditional Unix process contained, and still contains, a single thread of control. Multithreading (MT) separates a process into many execution threads, each of which runs independently. For more information, see the Multithreaded Programming Guide at http://docs.sun.com/ Part number 816-5137-10. |
|
Lightweight process (LWP) |
A single-threaded subprocess. LWPs are scheduled by the kernel to use available CPU resources based on their scheduling class and priority. LWPs include a kernel thread, which contains information that must be in memory all the time, and a LWP, which contains information that is swappable. A process can consist of multiple LWPs and multiple application threads. A lightweight process is somewhere between a thread and a full process. |
|
Application thread |
A series of instructions with a separate stack that can execute independently in a user's address space. The threads can be multiplexed on top of LWPs. |
|
Address space |
The range of addresses that a processor or process can access, or at which a device can be accessed. The term may refer to either a physical address or a virtual address. The size of a processor's address space depends on the width of the processor's address bus and address registers. Processes running in 32-bit mode have a 4 gigabyte address space (232 bytes) and processes running in 64-bit mode have a 16 terabyte (264 bytes) address space. |
|
Shared memory |
Usually refers to RAM, which can be accessed by more than one process in a multitasking operating system with memory protection. |
The syntax for the prstat command is as follows:
prstat [options] <count> <interval>
Table 5.9 describes a few of the prstat command options and arguments.
Table 5.9. prstat Options and Arguments
|
Option |
Description |
|
prstat Options |
|
|
-a |
Displays separate reports about processes and users at the same time. |
|
-c |
Continuously prints new reports beneath previous reports instead of overwriting them. |
|
-j <projlist> |
Reports only processes or LWPs whose project ID is in the given list. Each project ID can be specified as either a project name or a numerical project ID. |
|
-J |
Reports information about processes and projects. |
|
-k <tasklist> |
Reports only processes or LWPs whose task ID is in tasklist. |
|
-m |
Reports microstate process accounting information. In addition to all fields listed in -v mode, this mode also includes the percentage of time the process has spent processing system traps, text page faults, and data page faults, and waiting for user locks and waiting for CPU (latency time). |
|
-n <nproc> |
Restricts the number of output lines. The <nproc> argument specifies how many lines of process or LWP statistics are reported. |
|
-p <pidlist> |
Reports only processes that have a PID in the given list. |
|
-P <cpulist> |
Reports only processes or LWPs that have most recently executed on a CPU in the given list. The <cpulist> argument identifies each CPU by an integer as reported by psrinfo. |
|
-S <key> |
Sorts output lines by <key> in descending order. Values for <key> can be cpu—Sorts by process CPU usage. This is the default. time—Sorts by process execution time. size—Sorts by size of process image. rss—Sorts by resident set size. pri—Sorts by process priority. |
|
-s <key> |
Sorts output lines by <key> in ascending order. See the -S option for a list of valid keys to use. |
|
-t |
Reports total usage summary for each user. |
|
-u <uidlist> |
Reports only processes whose effective user ID is in the given list. The value for <uidlist> may be specified as either a login name or a numerical user ID. |
|
-U <uidlist> |
Reports only processes whose real user ID is in the given list. The value for <uidlist> may be specified as either a login name or a numerical user ID. |
|
prstat Arguments |
|
|
<count> |
Specifies the number of times that the statistics are repeated. By default, prstat reports statistics until a termination signal is received. |
|
<interval> |
Specifies the sampling interval in seconds; the default interval is 5 seconds. |
The following example uses the prstat command to view the four most active root processes running. The -n option is used here to restrict the output to the top four processes. The next number, 5, specifies the sampling interval in seconds, and the last number, 3, runs the command three times:
# prstat -u root -n 4 5 3
The system displays the following output:
PID USERNAME SIZE RSS STATE PRI NICE TIME CPU PROCESS/NLWP 4375 root 4568K 4344K cpu0 59 0 0:00:00 0.4% prstat/1 4298 root 7088K 5144K sleep 59 0 0:00:02 0.2% dtterm/1 304 root 2304K 1904K sleep 59 0 0:02:35 0.0% mibiisa/7 427 root 1832K 1304K sleep 59 0 0:00:00 0.0% rpc.rstatd/1 Total: 53 processes, 111 lwps, load averages: 0.02, 0.01, 0.01
The output updates on your display five times every three seconds.
I described projects in Chapter 4, "User and Security Administration," where user accounts can be assigned to project groups. These projects can also be used to label workloads and separate projects and a project's related processes from one another.
The project provides a networkwide administrative identifier for related work. A project consists of tasks, which collect a group of processes into a manageable entity that represents a workload component.
You can use the prstat command with the -J option to monitor the CPU usage of projects and the -k option to monitor tasks across your system. Therefore, you can have prstat report on the processes related to a project rather than just list all system processes. In addition, the system administrator can set processing limits on the project, such as setting a limit on the total amount of physical memory, in bytes, that is available to processes in the project. For more information on projects and resource capping, read the man pages on the following commands: rcapd(1M), project(4), rcapstat(1), and rcapadm(1M).
mpstat
Use the mpstat command to report processor statistics on a multi-processor system. When executing the mpstat command, we'll usually want to see more than one result, so we specify the number of seconds between each mpstat as follows:
mpstat 30
The argument 30, specifies that I want to get a report every 30 seconds. The system displays the following information every 30 seconds:
CPU minf mjf xcal intr ithr csw icsw migr smtx srw syscl usr sys wt idl 0 6 0 0 114 14 25 0 6 3 0 48 1 2 25 72 1 6 0 0 86 85 50 0 6 3 0 66 1 4 24 71 2 7 0 0 42 42 31 0 6 3 0 54 1 3 24 72 3 8 0 0 0 0 33 0 6 4 0 54 1 3 24 72
The results are from a system with four processors. Typically, a system administrator will use the mpstat command to check CPU utilization. In this example, I look at the idl column (percent idle time) and see that the server's CPUs are approx 28% used. For more information on the other columns of information, refer to the mpstat man pages.
ptree
The ptree command will display the process tree. The parent process is displayed with the respective child processes indented beneath it. Here is an example showing the processes that belong to the inetd process (PID 270):
# ptree 270<cr>
The system displays:
270 /usr/lib/inet/inetd start
780 /usr/sbin/in.telnetd
783 -sh
1250 ptree 270
With no arguments, the ptree command will display every process along with the associated child processes.
time
The time command is used to display the time that the system has spent executing a command. It's a useful command for benchmarking performance. Use this command to time a command on a particular system configuration and compare to another system. In the following example, I'll check the system processing time for a script I wrote named "longtime":
# time ./longtime<cr>
The system displays:
real 14.7 user 9.9 sys 2.3
The real time is the total time that has elapsed between invoking the script and its termination. The user time is the time the processor spends executing your user code. Finally, the system time is the time the processor spends executing Operating System code on behalf of your process.
Process Manager
In the Desktop Environment (CDE & JAVA Desktop) you have access to the Process Manager GUI, sdtprocess, a graphical tool that provides a process manager window for monitoring and controlling system processes.
The advantage of using the Process Manager is that you can view and control processes without knowing all the complex options associated with the ps and kill commands. For example, you can display processes that contain specific character strings, and you can sort the process list alphabetically or numerically. You can initiate a search using the find command, or you can terminate a process simply by highlighting it and clicking kill.
To open the Process Manager, you need to log into the Desktop windowing environment. You can start the GUI by executing the command sdtprocess, as follows:
# sdtprocess &
Or, you can click Find Process on the Tools subpanel, as shown in Figure 5.1.
)
Figure 5.1 Front panel.
The Process Manager window opens, as shown in Figure 5.2.
)
Figure 5.2 Process Manager window.
Each process attribute in the header of the Process Manager window provides detailed information about the process and is described in Table 5.10.
Table 5.10. Process Manager Window
|
Column Heading |
Description |
|
ID |
Process ID |
|
Name |
Process name |
|
Owner |
Login ID name of the owner of the process |
|
CPU% |
Ratio of CPU time available in the same period, expressed as a percentage |
|
RAM |
Amount of RAM currently occupied by this process |
|
Swap |
Total swap size in virtual memory |
|
Started |
Actual start time (or date, if other than current) |
|
Parent |
Process ID of parent process, or PPID |
|
Command |
Actual Unix command (truncated) being executed |
Click any of the column headings to sort the processes by that attribute. For example, click the CPU heading to sort all processes by their CPU usage. The list updates every 30 seconds, but you can enter a value in the Sampling field to update the list as frequently as you like. Finally, you can enter a text string that is common to the process entries of all the processes you want to display in the Find drop-down menu. In Figure 5.3, I entered "root" in the Find field to display all processes owned by root. I also changed the sampling rate to every 5 seconds and clicked the CPU heading to sort processes by their CPU usage.
)
Figure 5.3 Sorted Process Manager window.
Another nice feature of the Process Manager is the capability to display the ancestry of a process. When a Unix process initiates one or more processes, these are child processes, or children. Child and parent processes have the same user ID. To view a parent process and all the child processes that belong to it, highlight the process in the Process Manager window. Click Process from the toolbar at the top of the window and select Show Ancestry, as shown in Figure 5.4.
)
Figure 5.4 Selecting Show Ancestry.
The window shown in Figure 5.5 displays showing all the processes belonging to the parent.
)
Figure 5.5 Show Ancestry window.
The command-line equivalent to the Ancestry selection in the Process Manager is the ptree command. Use this command when you don't have a graphical display terminal. The ptree command displays the process ancestry trees containing the specified PIDs or users. The child processes are displayed indented from their respective parent processes. For example, here is the process tree for the -sh process, which has a PID of 293:
# ptree 293
The system responds with this:
293 /usr/dt/bin/dtlogin -daemon
316 /usr/dt/bin/dtlogin -daemon
333 /bin/ksh /usr/dt/bin/Xsession
376 /usr/dt/bin/sdt_shell -c unset DT;DISPLAY=:0;/usr/dt/bin/dt
379 -sh -c unset DT; DISPLAY=:0; usr/dt/bin/dtsession_res - merge
392 /usr/dt/bin/dtsession
402 /usr/dt/bin/dtterm -session dthIaGth -C -ls
418 -sh
SMC Process Tool
The Solaris Management Console (SMC) includes a GUI called the Process Tool, which is used for viewing and managing processes, similar to the Desktop Process Manager tool described in the previous section. You can use the job scheduler tool to
- Suspend a process
- Resume a suspended process
- Kill a process
- Display information about a process
To open the Process Tool, follow Step by Step 5.1.
STEP BY STEP
5.1 Opening the Process Tool
- Start up the Solaris Management Console in the background by typing
# smc &
- The SMC Welcome window appears as shown in Figure 5.6.
Figure 5.6 SMC Welcome Window.
- In the SMC navigation pane, open the Process Tool by clicking on the This Computer icon, then click on the System Status icon, then click on the Processes icon as shown in Figure 5.7.
Figure 5.7 Opening the Job Scheduler.
- The Process Tool displays as shown in Figure 5.8
)
)
)
Figure 5.8 Process Tool.
The Process Tool works much the same way as the Process Manager tool described earlier.
pargs
The pargs command is used from the command line to examine the arguments and environment variables of a process (or number of processes). pargs can also be used to examine core files.
The syntax for the pargs command is as follows:
pargs [options] [pid | core]
Table 5.11 describes the pargs command options and arguments.
Table 5.11. pargs Options and Arguments
|
Option/Arguments |
Description |
|
-a |
Prints the process arguments. |
|
-c |
Treats strings in the target process as though they were encoded in 7-bit ASCII. |
|
-e |
Prints process environment variables and values. |
|
-F |
Force. Grabs the target process even if another process has control. |
|
-x |
Prints process auxiliary vector. |
|
<pid> |
Process ID list. The PID list can be a single process ID or multiple PIDs separated by a space. |
|
core |
Processes a core file. |
For example, to use the pargs command to view all of the environment variables associated with the telnetd process, I first need to find the PID of the telnetd process using pgrep as follows:
# pgrep telnetd 16173
Next, I issue the pargs command using the PID for the telnetd process as an argument:
# pargs -e 16173
The system responds with
16173: /usr/sbin/in.telnetd envp[0]: SMF_RESTARTER=svc:/network/inetd:default envp[1]: SMF_FMRI=svc:/network/telnet:default envp[2]: SMF_METHOD=inetd_start envp[3]: PATH=/usr/sbin:/usr/bin envp[4]: TZ=US/Michigan
svcs
The Service Management Facility (SMF) was described in Chapter 3, "Perform System Boot and Shutdown Procedures for SPARC, x64, and x86-Based Systems," so I won't be redundant by describing it again here. However, this is just a reminder that you can use the svcs command with the -p option to list all processes associated with each service instance.