Kill Command (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey Cybrarians and welcome back to
00:00
the Linux+ Course here at Cybrary.
00:00
I'm your instructor Rob Goelz and in
00:00
today's lesson we're going to be covering
00:00
the kill command.
00:00
Upon completion of this lesson,
00:00
you are going to be able to understand
00:00
why the kill command is important.
00:00
We're going to talk about the common types of
00:00
kill commands and process signals and
00:00
then we'll use some kill commands to
00:00
terminate processes during demo time.
00:00
The kill command is a sysadmins best friend?
00:00
Yes, it is.
00:00
The kill commands and processing signals are
00:00
tremendously important in dealing with processes.
00:00
At some point in your professional career,
00:00
you will have to deal with a bad process.
00:00
It could be that your colleague
00:00
ran off and left something
00:00
nohup running in the
00:00
>> background now it's causing issues.
00:00
>> You've got a user job that crashed and it
00:00
stranded a bunch of child processes behind
00:00
creating zombies or maybe you have
00:00
a process that's just leaking
00:00
>> memory all over the system.
00:00
>> Knowing the appropriate kill command
00:00
or signal to use is important.
00:00
It's going to save you a lot of problems down the road.
00:00
Now, we cover processes a lot more in Module 22,
00:00
but for now, recall we
00:00
covered the top command in module 11.
00:00
Top is going to show the process ID
00:00
or PID for each running process.
00:00
We can then pass that PID for
00:00
the process to the kill command
00:00
>> in order to terminate it.
00:00
>> We can just run kill and then the PID, the process ID.
00:00
But if we don't know the PID,
00:00
but we do know the process name,
00:00
we can run another kill command
00:00
which is called pkill or process kill.
00:00
The pkill command will kill
00:00
all processes related to a process name.
00:00
For example, if we wanted to
00:00
kill all of the CUPS related processes,
00:00
all the printer related processes, remember CUPS,
00:00
common unix printing system,
00:00
we could run P kill CUPS and that will kill all of
00:00
the printer related processes on the system.
00:00
Now we saw this in the last lesson.
00:00
There are few process signals.
00:00
We talked about single hang up,
00:00
which hangs up and cleans up
00:00
a terminal after log out to make sure that there's
00:00
no user processes running after they exit this session.
00:00
The signal interrupt or
00:00
SIGINT quits a running process on the terminal.
00:00
We use Control Z to run a SIGNIT.
00:00
SIGSTP, which is process ID 19, stops a process.
00:00
Puts that process memory,
00:00
essentially pauses it, We do that with Control Z.
00:00
But the kill command can also
00:00
accept processed signals and
00:00
it has two specific process signals of its own.
00:00
If you run the kill command with
00:00
just the kill command and the process ID,
00:00
it runs a SIGTERM,
00:00
or single ID 15 by default.
00:00
SIGTERM tells a process to terminate gracefully.
00:00
SIGKILL 9 is the brute force kill.
00:00
It's called the kill-9 and then the PID.
00:00
SIGKILL kills a process
00:00
without waiting for it to exit gracefully.
00:00
It can leave files and and handles open
00:00
and causes issues sometimes,
00:00
but unfortunately sometimes that's your only option,
00:00
is just to kill with fire.
00:00
Let's take a look at doing this with some demo time.
00:00
Here we are in our CentOS environment and let's
00:00
go ahead and start some processes
00:00
running them in the background.
00:00
I'm going to start up Firefox,
00:00
and I'm going to put it in
00:00
the background by running ampersand.
00:00
Remember that's how we background
00:00
processes and we'll see that startup and then I'm
00:00
going to go back over here to
00:00
my screen and we're
00:00
also going to run in the background Nautilus,
00:00
which is the file manager.
00:00
Run nautilus &,
00:00
and that will start that running in the background.
00:00
When this starts up, it actually tells us the job ID as
00:00
well as the PID but if we didn't have the process ID,
00:00
we could get that by running the PS or top command.
00:00
I'm going to jump ahead a little bit and use
00:00
the PS command because I like that a lot.
00:00
We're just going to run ps aux
00:00
and then we could do a grep for, let's say firefox.
00:00
Let's find out what the PIDs are for Firefox. Oh wow.
00:00
We can see that it actually started
00:00
quite a bit of process ID is right.
00:00
I thought for 5078,
00:00
it's spawned a bunch of child processes as well.
00:00
If we do the same thing,
00:00
we do at ps aux and grep for nautilus.
00:00
We can see the process ID there as well, the 5346.
00:00
You'll also sometimes see a line for grep
00:00
because basically our grep is using the word Nautilus.
00:00
You just disregard that.
00:00
A lot of times when I run this,
00:00
I'll actually do a grep minus V
00:00
on grep just to make sure that I don't get
00:00
an extra line here that isn't
00:00
the process ID because sometimes they can screw you up.
00:00
But anyway, we can see that
00:00
the Firefox process spawned a bunch of child processes.
00:00
In this case, it would be easiest to use
00:00
the pkill command and just
00:00
>> get them all at the same time.
00:00
>> What we can do to do that,
00:00
let's clear our screen and then we'll run
00:00
pkill and then firefox.
00:00
Now we can see that firefox is
00:00
gone. Died in the background.
00:00
We can also use ps aux
00:00
grep firefox and now all we see is my grep command.
00:00
Again, I can get rid of that.
00:00
I Just want to do a grep minus V. For the word grep,
00:00
we see nothing has returned.
00:00
There's no Firefox running here.
00:00
We found the process ID for Nautilus here.
00:00
We'll just do this again.
00:00
We see that that's 5346.
00:00
Now we could kill it normally.
00:00
We just do kill 5346,
00:00
but let's have a little bit of fun
00:00
and kill it with kill-9.
00:00
Kill-9, 5346 and that kills it immediately.
00:00
We see that it's killed and we get our screen back.
00:00
We saw that some of that Nautilus process
00:00
in the background, that window close.
00:00
If we run ps aux grep nautilus again,
00:00
we'll see that nothing is running.
00:00
But with that, we've reached into this lesson.
00:00
In this lesson we covered the importance
00:00
of the kill command in Linux.
00:00
We talked about the different types
00:00
of kill commands and the process,
00:00
signals for kill and then we talked about how to
00:00
find and kill a process during our demo time.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next