Altering the name of a process on Linux
Processes on Linux have two names (the strings that show up in the output of ps(1) or top(1). Some tools use one, some tools use the other. A process may change both, for various reasons.
Process name
AKA comm. Derived from the name of the process' executable. Visible as the second value in /proc/$pid/stat:
$ cat /proc/$(pgrep udev)/stat 3630 (udevd) S 1 3630 3630 0 -1 8388928 11085 232832 0 52 6 24 197 385 15 -4 ...
Since Linux 2.6.9, a process may change this value by calling prctl:
prctl (SET_PR_NAME, "foo", 0, 0, 0);
pkill(1), pgrep(1) and killall(1) all display/use the process name by default. pkill(1) and pgrep(1) can be made to use the other name if you use the -f option.
$ ps c $(pgrep udev) PID TTY STAT TIME COMMAND 3630 ? S<s 0:00 udevd
Command line name
AKA argv[0]. Derived from the command line of the process. Visible as the first null-terminated string in /proc/$pid/cmdline:
$ xxd /proc/$(pgrep udev)/cmdline 0000000: 7564 6576 6400 2d2d 6461 656d 6f6e 00 udevd.--daemon.
A process may change this value by overwriting argv[0]. The size of the argv array does not change, so the new value should be null-terminated (to avoid the old value leaking through if the new value is shorter) and must be no longer than the old one (to avoid overwriting the rest of 'argv' and the environment variables, memory corruption and crashes). This can be worked around by calling fork(2) and then exec(3) with the desired process name as the first arg value.
top(1) and ps(1) display the command line name by default. In top(1), pressing the c key will toggle between the process name and command line name. ps(1) can be made to use the process name instead with the c option.
$ ps $(pgrep udev) PID TTY STAT TIME COMMAND 3630 ? S<s 0:00 udevd --daemon