NAME

       proc - process information, system information, and sysctl pseudo-filesystem

DESCRIPTION

       The  proc  filesystem  is  a  pseudo-filesystem which provides an interface to kernel data
       structures.  It is commonly mounted at /proc.  Typically, it is mounted  automatically  by
       the system, but it can also be mounted manually using a command such as:

           mount -t proc proc /proc

       Most  of  the  files  in  the  proc filesystem are read-only, but some files are writable,
       allowing kernel variables to be changed.

   Mount options
       The proc filesystem supports the following mount options:

       hidepid=n (since Linux 3.3)
              This option controls who can access the information in /proc/pid directories.   The
              argument, n, is one of the following values:

              0   Everybody  may  access  all  /proc/pid  directories.   This  is the traditional
                  behavior, and the default if this mount option is not specified.

              1   Users may not access files and subdirectories inside any /proc/pid  directories
                  but their own (the /proc/pid directories themselves remain visible).  Sensitive
                  files such as /proc/pid/cmdline and /proc/pid/status are now protected  against
                  other  users.   This makes it impossible to learn whether any user is running a
                  specific program (so long as the program doesn't otherwise reveal itself by its
                  behavior).

              2   As  for  mode  1,  but in addition the /proc/pid directories belonging to other
                  users become invisible.  This means that /proc/pid entries  can  no  longer  be
                  used  to  discover  the  PIDs on the system.  This doesn't hide the fact that a
                  process with a specific PID value exists (it can be learned by other means, for
                  example,  by "kill -0 $PID"), but it hides a process's UID and GID, which could
                  otherwise be learned by employing  stat(2)  on  a  /proc/pid  directory.   This
                  greatly  complicates  an attacker's task of gathering information about running
                  processes (e.g., discovering whether  some  daemon  is  running  with  elevated
                  privileges,  whether  another  user  is running some sensitive program, whether
                  other users are running any program at all, and so on).

              gid=gid (since Linux 3.3)
                  Specifies the ID of a group whose  members  are  authorized  to  learn  process
                  information  otherwise  prohibited by hidepid (i.e., users in this group behave
                  as though /proc was mounted with hidepid=0).  This group should be used instead
                  of approaches such as putting nonroot users into the sudoers(5) file.

       subset=pid (since Linux 5.8)
              Show  only  the  specified  subset  of  procfs,  hiding  all  top  level  files and
              directories in the procfs that are not related to tasks.

   Overview
       Underneath /proc, there are the following general groups of files and subdirectories:

       /proc/pid subdirectories
              Each one  of  these  subdirectories  contains  files  and  subdirectories  exposing
              information about the process with the corresponding process ID.

              Underneath  each  of  the  /proc/pid  directories,  a  task  subdirectory  contains
              subdirectories of the form task/tid, which contain corresponding information  about
              each  of  the  threads  in  the  process,  where tid is the kernel thread ID of the
              thread.

              The  /proc/pid  subdirectories  are  visible  when  iterating  through  /proc  with
              getdents(2)  (and  thus  are  visible  when  one uses ls(1) to view the contents of
              /proc).

       /proc/tid subdirectories
              Each one  of  these  subdirectories  contains  files  and  subdirectories  exposing
              information  about  the  thread  with the corresponding thread ID.  The contents of
              these directories are the same as the corresponding /proc/pid/task/tid directories.

              The /proc/tid subdirectories are not visible  when  iterating  through  /proc  with
              getdents(2)  (and  thus are not visible when one uses ls(1) to view the contents of
              /proc).

       /proc/self
              When a process accesses this magic symbolic link, it resolves to the process's  own
              /proc/pid directory.

       /proc/thread-self
              When  a  thread accesses this magic symbolic link, it resolves to the process's own
              /proc/self/task/tid directory.

       /proc/[a-z]*
              Various other files and subdirectories under /proc expose system-wide information.

       All of the above are described in more detail in separate manpages whose names start  with
       proc_.

NOTES

       Many  files  contain  strings  (e.g.,  the  environment  and command line) that are in the
       internal format, with subfields terminated by null bytes  ('\0').   When  inspecting  such
       files,  you  may  find  that  the  results  are  more readable if you use a command of the
       following form to display them:

           $ cat file | tr '\000' '\n'

SEE ALSO

       cat(1), dmesg(1), find(1), free(1), htop(1), init(1), ps(1), pstree(1), tr(1),  uptime(1),
       chroot(2), mmap(2), readlink(2), syslog(2), slabinfo(5), sysfs(5), hier(7), namespaces(7),
       time(7),  arp(8),  hdparm(8),  ifconfig(8),  lsmod(8),  lspci(8),  mount(8),   netstat(8),
       procinfo(8), route(8), sysctl(8)

       The      Linux      kernel      source      files:     Documentation/filesystems/proc.rst,
       Documentation/admin-guide/sysctl/fs.rst,      Documentation/admin-guide/sysctl/kernel.rst,
       Documentation/admin-guide/sysctl/net.rst, and Documentation/admin-guide/sysctl/vm.rst.