How do I find and kill remote processes in Linux?
Solution 1
In order to kill a process running on a machine, some local process (or the kernel) has to emit the killing signal. So you need a way to cause a process to emit that signal, and since you can't create a new process, you need to find a way that relies exclusively on already-running processes.
There is no standard daemon that can help you there. They would all process your authentication, then fork a new process (such as a shell) running as you. So if you have no console access and have no existing interaction with the machine, you're out of luck.
From your comments, it sounds like you still have a shell on the machine. Then there are things you can do. You can't run any external process, such as ls
or ps
. But you can run built-in commands such as echo
, read
, and kill
(kill
is not a built-in in all shells, but it is one in all shells that support job control, such as bash and zsh).
Each process has an associated directory under /proc
: /proc/12345
where 12345 is the process id. Thus you can get some information on exising by exploring /proc
. echo
with wildcards is helpful here, e.g. cd /proc; echo [0-9]*
shows the process ids of all running processes. If the shell is zsh, you can do a lot with glob qualifiers; for instance echo /proc/*(u$UID)
shows only the processes running under your user id.
A way to display the contents of a file without forking is
while read -r line; do
echo "$line"
done </path/to/file
You can kill many processes at once by passing them all to kill
. If you've identified a process that belongs to your daemon, try killing its process group with kill -9 -PGID
where PGID
is the process id of the group leader. You can find the process group id of process 123 with </proc/123/stat read pid tcomm state ppid pgrp sid more; echo $pgrp
. (The same information exists in a more readable form in /proc/123/
but you're not in a good condition to read it.) You can also try send a signal to all your processes (including the originating shell) with
trap : NUM
kill -NUM -1
Pick values of NUM other than KILL
(9) so that the trap
command does cause your shell to ignore the signal (KILL
cannot be trapped).
Solution 2
The following information was found at http://www.cyberciti.biz/faq/kill-process-in-linux-or-terminate-a-process-in-unix-or-linux-systems/
Kill process using kill command under Linux/UNIX
kill command works under both Linux and UNIX/BSD like operating systems.
step #1: First, you need to find out process PID (process id)
Use ps command or pidof command to find out process ID (PID). Syntax: ps aux | grep processname pidof processname
For example if process name is lighttpd, you can use any one of the following command to obtain process ID:
ps aux | grep lighttpdOutput
lighttpd 3486 0.0 0.1 4248 1432 ? S Jul31 0:00 /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
lighttpd 3492 0.0 0.5 13752 3936 ? Ss Jul31 0:00 /usr/bin/php5-cg
OR use pidof command which is use to find the process ID of a running program:
pidof lighttpd
Output
3486
Step #2: kill process using PID (process id)
Above command tell you PID (3486) of lighttpd process. Now kill process using this PID:
# kill 3486
OR
# kill -9 3486
Where, -9 is special Kill signal, which will kill the process.
killall command examples
DO NOT USE killall command on UNIX system (Linux only command). You can also use killall command. The killall command kill processes by name (no need to find PID):
# killall -9 lighttpd
Kill Firefox process:
# killall -9 firefox-bin
As I said earlier killall on UNIX system does something else. It kills all process and not just specific process. Do not use killall on UNIX system (use kill -9).
Solution 3
As you said in your comment, an admin is the only person who can help you at this point. I suggest you obtain the Perl cookbook and read section 16.19 for the correct method of handling zombies.
Related videos on Youtube
Comments
-
stephenmm over 1 year
I am developing a daemon that is acting up and I am now unable to create any new processes (ie. I cannot start a new process to kill the other rogue processes). So, I need to be able to kill the processes from a remote machine. How do I do "kill" remotely without admin privileges? If I cannot kill my own process from a remote machine as a normal user then tell me so I can mark it as the correct answer.
-
Joe Phillips over 13 yearsYou don't need process id with pkill. Just the process name
-
ewanm89 over 13 yearspkill grep's the command, kill uses the process ID. Though, what is it stopping the launching of fresh processes, a forkbomb?
-
Doug Harris over 13 yearsI'm not quite following. If you can't create any new processes, how do you expect to connect to the machine and then run
pkill
orkill
? That's at least two new processes which will have to be created. -
stephenmm over 13 years@Doug: My bad, I thought that you could provide pkill a server name as an argument and that it would go to the machine and kill the process. Now that I thin about even if pkill did have that functionality it would probably have to log in as me. So its looking like I cannot do this on my own and that an admin is the only person that can kill these jobs for me, correct?
-
stephenmm over 13 years@ewanm: I am not exactly sure what a forkbomb is or why I cannot execute any commands on the machine any more. Whenever I do anything, (ls, pwd, etc...) I get the error: "No more processes." I am getting the impression I am not going to be able to solve this problem on my own.
-
stephenmm over 13 yearsDoes anyone have a good resource (best practices, recommendations) for creating your own perl based daemons?
-
ewanm89 over 13 yearsLooks like the process table is full, the main way this happens is if someone runs what is called a forkbomb, this is a program that just spawns more and more processes. And then the only way to fix is the magic reboot button as running pkill kill is still a process to run.
-
-
Doug Harris over 13 yearsYou should try kill/killall without
-9
before doing it with-9
. Well crafted daemons will catch the SIGTERM signal (default forkill
) and may do some cleanup before shutting down. Be kind to your system resources and let your daemons release them nicely. If the daemon still doesn't die, then go ahead and send SIGKILL (-9
). -
stephenmm over 13 yearsWow very thorough! Unfortunately I know how to kill processes what I need to know is how to kill a process when I cannot log on to the machine.
-
stephenmm over 13 years@Doug: Thanks, I always wondered why you wouldn't just always do kill -9! Thanks for the enlightenment.