How to safely kick out other users logged in as root?

linux command-line-interface kill

21,195

Solution 1

Kicking people out who are using root access is a dangerous thing, who knows what they are in the middle of doing and what state a system will be left in if they suddenly find themselves disconnected.

It's better not to allow people to use root unless they absolutely have to, routine use of root leads (as you have discovered) to accidents some of which will take more than a simple reboot to fix.

If you need people who are logged in as root to log out, talk to them and ask them to do so. If you don't have voice try wall or email.

Don't go killing root user processes because you want them to log out it will likely end badly.

Solution 2

You killed every process that is owned by root. That means, that you killed several services that are started with root as owner.

To kick a user who is logged in as root, you could kill his terminal session (tty/pty).
Look at ps -ef | grep -e 'pts\|tty'and find out the terminal where your user is logged in.
Then use something like skill -KILL pts/0

Solution 3

[root@sgeorge-ld ~]# w | grep root
sgeorge  pts/7    :0.0             23:17    0.00s  0.11s  0.01s ssh root@localh
root     pts/10   sgeorge-ld.linke 23:21    2:22   0.09s  0.09s -bash
root     pts/11   sgeorge-ld.linke 23:21    0.00s  0.15s  0.00s w

[root@sgeorge-ld ~]# ps -ef | grep 'pts/11'
root     17313 17275  0 23:21 ?        00:00:00 sshd: root@pts/11
root     17317 17313  0 23:21 pts/11   00:00:00 -bash
root     17439 17317  1 23:24 pts/11   00:00:00 ps -ef
root     17440 17317  0 23:24 pts/11   00:00:00 grep pts/11

[root@sgeorge-ld ~]# ps -ef | grep 'pts/10'
root     17283 17275  0 23:21 ?        00:00:00 sshd: root@pts/10
root     17286 17283  0 23:21 pts/10   00:00:00 -bash
root     17443 17317  0 23:24 pts/11   00:00:00 grep pts/10

This way you can find out the pid number. Just kill that pid number if you really want to kill it.

Using tty command you can find out your current terminal's name.

21,195

Buttle Butkus

I'm doing Magento programming and "theming" and also some other php projects. I also do a lot of linux server admin and mysql db design and query writing. I'm soooo ready to help. SOreadytohelp

Updated on September 18, 2022

Comments

Buttle Butkus over 1 year
I tried this:
```
pkill -KILL -u root
```
It turns out that wasn't what I wanted. Now I can't log in by SSH.

What is the correct way?

Edit - I've added the word "safely" to the question. I know that you should not kick out root users because they might be doing something important. But suppose that user is a customer service agent at a large hosting company who is charging you about $5 per minute as long as they are logged into your machine. Suppose you've told them the problem is solved and they can log out now and stop billing you, but they pretend not to get your emails because your boss already authorized two hours of work and they'd like to bill 100% of that. Suppose you aren't the average soulless corporate slave and you'd like to save your boss some money. So anyway, I kicked them out. I did it the wrong way, but no harm was done and I learned a few things, and I saved my boss at least $100.
- Buttle Butkus over 11 years
  
  I don't understand why this is being downvoted. No explanation whatsoever. You shouldn't downvote a question just because you happen to think kicking out root users is a bad idea. Downvoting doesn't teach anyone that either. It's a valid question, and just because you can't imagine a valid reason for performing such an action, doesn't mean it's universally wrong. So, why the downvotes?
- John Gardeniers over 11 years
  
  Nobody has an obligation to explain votes, whether they are up or down. Voting itself is a personal thing and not everyone does so for the same reasons. That's life. BTW, I chuckled when I read your question but I didn't feel the need to downvote it.
- Buttle Butkus over 11 years
  
  @JohnGardeniers It starts to make these stack sites seem silly. Perhaps downvoting should be allowed only for those of the same rep magnitude.
- John Gardeniers over 11 years
  
  No, that is most definitely not a genius idea and it's not the site that's looking silly.
- Buttle Butkus over 11 years
  
  @JohnGardeniers Funny, I didn't say it was a genius idea. But now that you mention it, you're right! Here's an even better one: give askers rep based on the upvotes of the answers they get. How bad could a question be that gets thousands of views and dozens of upvotes for its answers? And yet you see that all the time. Silly, nitpicking nerds and grammar police bring these sites down.
- John Gardeniers over 11 years
  
  Actually you did say "Now tell me that's not a genius idea" but then edited it back out but I posted my comment before you did the edit.
- Buttle Butkus over 11 years
  
  I have a few more questions. Tell me if they're too dumb and should be downvoted, so I'll know not to ask them. Should servers be turned off at night? How is fire spread in servers and datacenters? Can you mount a network switch upside down?
- Chopper3 over 11 years
  
  1) Should servers be turned off at night? It can save a lot of energy if they're not needed. 2) How is fire spread in servers and datacenters? Varies based on too many factors to be a worthy question, hire a pro to answer that and 3) Can you mount a network switch upside down? Some you can, some you can't - depends on the model due to heat dispersion, read the documentation or call the manufacturer - I've done it ONCE with a Cisco 3750E for a few months as it made sense, it was safe but it was temporary. Oh and don't get hung up about downvotes, seriously it doesn't matter a jot.
- wullxz over 11 years
  
  Maybe you're getting downvotes because of your comments under your question. I don't understand your downvotes, too. The stackexchange community is generally very polite and helpful. Also, stackexchange adds negative rep points to the downvoters rep (I think it was 2 or 5 rep points). Maybe you're getting downvotes because you posted 2 similar questions with almost the same content. If you've two simple questions regarding the same problem, post them in one question.
- Imre L over 11 years
  
  Maybe one should not doublepost
- Oldskool over 11 years
  
  The question itself is valid, but pretty duplicate to your other question, which you also updated with this info.
Buttle Butkus over 11 years

Thanks, I probably should have used wall. I told them to get off by email for 30 minutes and finally just decided to kick them. Couldn't I theoretically have checked to see what processes they were using, and if nothing critical then kick them?
Lucas Kauffman over 11 years

You shouldn't kick people, you should make sure they can't just log in as root. Use tools like sudo for instance.
Buttle Butkus over 11 years

@LucasKauffman Would it be safe to kick sudoers? Is it safe to kick anyone?
Lucas Kauffman over 11 years

nope, but you can see if they are using sudo or not, if they are not using sudo you have a smaller chance of making the system instable. What we are telling you is that you shouldn't be kicking anyone :)
Rob Moir over 11 years

"I don't know what someone is doing so how can I kick them out" is the same reasoning you see from Windows users that say "I don't know what this file is, so can I delete it". Usually followed by a post along the lines of "Help, I deleted a file and now my system won't boot". Same thing.
Buttle Butkus over 11 years

@RobM $ w , $ USER root TTY pts/3 FROM 64.235.98.15 LOGIN@ 23:12 IDLE 27.0m WHAT vi. I would say it's pretty safe to kill him. But thanks for the amazingly intelligent sarcasm!
Buttle Butkus over 11 years

@lain There are questions, there are answers, and then there are elaborate scenarios that prove that questions should never have been asked in the first place. What if I know they're working on an .htaccess file and I have a backup of it anyway, and they are ignoring my emails, and they are costing me exactly $140 per hour? Is it ok then for me to kick them off?
Rob Moir over 11 years

I would say it's pretty safe to kill him - I would say "I don't know". Keep in mind that you're not supposed to be using root unless you're doing something that requires it, so I wouldn't expect someone to be logged in as root for trivial matters to begin with. There's a reason why one of us has killed SSH on their system and needs to ask what to do here, and the other one of us is enjoying a productive day at work unencumbered by mistakes like that. Of course we all make mistakes, & I've done worse than this myself, but the key is to learn from mistakes instead of trying to justify them.
Buttle Butkus over 11 years

@RobM With pretty much every hosting company I've used, whenever you submit a ticket they ask for the root password to your server. Not that they would always need it, but they always ask for it and they always log in as root. So I doubt I'm the only one dealing with this kind of issue. I think that from now on, I will just create a user for them, add it to sudoers, and tell them to use that. Of course, not sure if that would stop them from doing sudo su -