Fuser (Unix)

Last updated
fuser
Fuser-command-example.png
Example usage of fuser
Operating system Unix and Unix-like
Platform Cross-platform
Type Command

The Unix command fuser is used to show which processes are using a specified computer file, file system, or Unix socket.

Contents

Example

For example, to check process IDs and users accessing a USB drive:

$ fuser -m -u /mnt/usb1 /mnt/usb1:   1347c(root)  1348c(guido)  1349c(guido)

The command displays the process identifiers (PIDs) of processes using the specified files or file systems. In the default display mode, each PID is followed by a letter denoting the type of access:

c
current directory.
e
executable being run.
f
open file.
F
open file for writing.
r
root directory.
m
mmap'ed file or shared library

Only the PIDs are written to standard output. Additional information is written to standard error. This makes it easier to process the output with computer programs.

The command can also be used to check what processes are using a network port:

$ fuser -v -n tcp 80                     USER        PID ACCESS COMMAND80/tcp:              root       3067 F.... (root)httpd                     apache     3096 F.... (apache)httpd                     apache     3097 F.... (apache)httpd

The command returns a non-zero code if none of the files are accessed or in case of a fatal error. If at least one access has succeeded, fuser returns zero. The output of "fuser" may be useful in diagnosing "resource busy" messages arising when attempting to unmount filesystems.

Options

POSIX defines the following options: [1]

-c
Treat the file as a mount point.
-f
Only report processes accessing the named files.
-u
Append user names in parentheses to each PID.

psmisc adds the following options, among others: [2]

-k, --kill
Kill all processes accessing a file by sending a SIGKILL. Use e.g. -HUP or -1 to send a different signal.
-l, --list-signals
List all supported signal names.
-i, --interactive
Prompt before killing a process.
-v, --verbose
verbose mode
-a, --all
Display all files. Without this option, only files accessed by at least one process are shown.
-m, --mount
Same as -c. Treat all following path names as files on a mounted file system or block device. All processes accessing files on that file system are listed.

Related Research Articles

In computing, Common Gateway Interface (CGI) is an interface specification that enables web servers to execute an external program, typically to process user requests.

Web server Computer software that distributes web pages

A web server is computer software and underlying hardware that accepts requests via HTTP or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiates communication by making a request for a web page or other resource using HTTP, and the server responds with the content of that resource or an error message. A web server can also accept and store resources sent from the user agent if configured to do so.

Unix security refers to the means of securing a Unix or Unix-like operating system. A secure environment is achieved not only by the design concepts of these operating systems, but also through vigilant user and administrative practices.

xargs is a command on Unix and most Unix-like operating systems used to build and execute commands from standard input. It converts input from standard input into arguments to a command.

dd is a command-line utility for Unix, Unix-like operating systems and beyond, the primary purpose of which is to convert and copy files.

In Unix and Unix-like computer operating systems, a file descriptor is a unique identifier (handle) for a file or other input/output resource, such as a pipe or network socket.

ps (Unix) Standard UNIX utility that displays the currently-running processes

In most Unix and Unix-like operating systems, the ps program displays the currently-running processes. A related Unix utility named top provides a real-time view of the running processes.

The fstab file is a system configuration file commonly found at /etc/fstab on Unix and Unix-like computer systems. In Linux, it is part of the util-linux package. The fstab file typically lists all available disk partitions and other types of file systems and data sources that may not necessarily be disk-based, and indicates how they are to be initialized or otherwise integrated into the larger file system structure.

In computing, kill is a command that is used in several popular operating systems to send signals to running processes.

mv is a Unix command that moves one or more files or directories from one place to another. If both filenames are on the same filesystem, this results in a simple file rename; otherwise the file content is copied to the new location and the old file is removed. Using mv requires the user to have write permission for the directories the file will move between. This is because mv changes the content of both directories involved in the move. When using the mv command on files located on the same filesystem, the file's timestamp is not updated.

The chgrp command may be used by unprivileged users on Unix-like systems to change the group associated with a file system object to one of which they are a member. A file system object has 3 sets of access permissions, one set for the owner, one set for the group and one set for others. Changing the group of an object could be used to change which users can write to a file.

In computing, privilege is defined as the delegation of authority to perform security-relevant functions on a computer system. A privilege allows a user to perform an action with security consequences. Examples of various privileges include the ability to create a new user, install software, or change kernel functions.

The proc filesystem (procfs) is a special filesystem in Unix-like operating systems that presents information about processes and other system information in a hierarchical file-like structure, providing a more convenient and standardized method for dynamically accessing process data held in the kernel than traditional tracing methods or direct access to kernel memory. Typically, it is mapped to a mount point named /proc at boot time. The proc file system acts as an interface to internal data structures about running processes in the kernel. In Linux, it can also be used to obtain information about the kernel and to change certain kernel parameters at runtime (sysctl).

inetd is a super-server daemon on many Unix systems that provides Internet services. For each configured service, it listens for requests from connecting clients. Requests are served by spawning a process which runs the appropriate executable, but simple services such as echo are served by inetd itself. External executables, which are run on request, can be single- or multi-threaded. First appearing in 4.3BSD, it is generally located at /usr/sbin/inetd.

In computer networking, xinetd is an open-source super-server daemon which runs on many Unix-like systems and manages Internet-based connectivity.

lsof

lsof is a command meaning "list open files", which is used in many Unix-like systems to report a list of all open files and the processes that opened them. This open source utility was developed and supported by Victor A. Abell, the retired Associate Director of the Purdue University Computing Center. It works in and supports several Unix flavors.

Toybox is a free and open-source software implementation of over 200 Unix command line utilities such as ls, cp, and mv. The Toybox project was started in 2006, and became a 0BSD licensed BusyBox alternative. Toybox is used for most of Android's command line tools in all currently supported Android versions, and is also used to build Android on Linux and macOS. All of the tools are tested on Linux, and many of them also work on BSD and macOS.

Command-line interface Type of computer interface based on entering text commands and viewing text output

A command-line interface (CLI) processes commands to a computer program in the form of lines of text. The program which handles the interface is called a command-line interpreter or command-line processor. Operating systems implement a command-line interface in a shell for interactive access to operating system functions or services. Such access was primarily provided to users by computer terminals starting in the mid-1960s, and continued to be used throughout the 1970s and 1980s on VAX/VMS, Unix systems and personal computer systems including DOS, CP/M and Apple DOS.

Android Debug Bridge Tool for debugging Android-based devices

The Android Debug Bridge is a programming tool used for the debugging of Android-based devices. The daemon on the Android device connects with the server on the host PC over USB or TCP, which connects to the client that is used by the end-user over TCP. Made available as open-source software under the Apache License by Google since 2007, features include a shell and the possibility to make backups. The adb software is compatible with Windows, Linux and macOS. It has been misused by botnets and other malicious software, for which mitigations were developed such as RSA authentication and device whitelisting.

NuttX is a real-time operating system (RTOS) with an emphasis on technical standards compliance and small size. Scalable from 8-bit to 64-bit microcontroller environments, the main governing standards in NuttX are from the Portable Operating System Interface (POSIX) and the American National Standards Institute (ANSI). Further standard application programming interfaces (APIs) from Unix and other common RTOSes are adopted for functions unavailable under these standards, or inappropriate for deeply embedded environments, such as the fork system call.

References

  1. fuser   Commands & Utilities Reference, The Single UNIX Specification , Issue 7 from The Open Group. Retrieved December 4, 2020.
  2. "fuser.1" (troff with man macros). GitLab . September 9, 2020. Retrieved December 4, 2020.

fuser   Commands & Utilities Reference, The Single UNIX Specification , Issue 7 from The Open Group