UNIX processes are created when one process calls
fork, which splits the running executable into two. The process can then execute one of the system calls in the
exec family, which replaces the current running image with the new one.
When the parent process dies, all its children are adopted by
init, which is PID 1. If the child dies before the parent, a signal is sent to the parent, and then the child moves to a zombie state until the signal is acknowledged, or the parent process is killed.
Now that you understand how processes are created and destroyed, you’re better equipped to deal with the processes running your system, especially those that make heavy use of multiple processes, such as Apache. Being able to follow the process tree for a particular process also lets you track any application back to the process that created it, should you need to do some troubleshooting.