Just how do you kick a benign customer off your system?

I was googling this a little bit earlier and also saw a number of means, yet I'm presuming that google does not recognize all. So just how do you kick users off your Linux box? additionally just how do you deal with seeing they are visited to begin with? and also relevant ... does your method job if the customer is logged right into an X11 DE (not a need I'm simply interested)?

2019-05-05 20:27:29
Source Share
Answers: 5

There's possibly a less complicated means, yet I do this :

  1. See that's logged right into your equipment - - usage who or w :

    > who  
    mmrozek  tty1         Aug 17 10:03  
    mmrozek  pts/3        Aug 17 10:09 (:pts/2:S.0)
  2. Look up the procedure ID of the shell their TTY is attached to :

    > ps t  
    30737 pts/3    Ss     0:00 zsh
  3. Laugh at their upcoming interference (this action is optional, yet urged)

    > echo "HAHAHAHAHAHAHAHA" | write mmrozek pts/3
  4. Kill the equivalent procedure :

    > kill -9 30737

I simply uncovered you can incorporate actions 1 and also 2 by offering who the -u flag ; the PID is the number off to the appropriate :

> who -u
mmrozek  tty1         Aug 17 10:03 09:01        9250
mmrozek  pts/18       Aug 17 10:09 01:46       19467 (:pts/2:S.0)
2019-05-08 12:35:42

As Micheal currently mentioned, you can make use of who to figure out that's visited. Nonetheless if they have numerous procedures, there's an easier means than eliminating each procedure independently : you can make use of killall -u username to eliminate all procedures by that customer.

2019-05-08 12:24:06

Other valuable command is pkill below pkill -u username && pkill -9 -u username. killall have negative aspect that on Solaris IIRC it suggests something entirely various - additionally pkill have a little advanced alternatives.

2019-05-08 12:20:11

First of all, this shows a bigger trouble. If you have users that you do not trust on your system, you need to possibly level it and also re - photo.

With that said in mind, you can do some or every one of the adhering to :

# set up the environment
$ BADUSER=foo # where foo is the username in question
$ USERLINE=$(grep '^${BADUSER}:' /etc/passwd)
$ BADUID=$(echo ${USERLINE} | awk -F: '{print $3}')
$ BADGID=$(echo ${USERLINE} | awk -F: '{print $4}')
$ BADHOMEDIR=$(echo ${USERLINE} | awk -F: '{print $6}')
$ BDIR="~/backup/home-backup/"
$ TSTAMP=$(date +%F)

# disable the user's future login
$ sudo chsh -s /bin/false "${BADUSER}"

# kill all of the user's processes
$ BADPROCS=$(ps auwx | grep '^${BADUSER} ' | awk '{print $2}')
$ sudo kill -9 ${BADPROCS}

# back up/clear the user's home directory
$ mkdir -p ${BDIR}
$ sudo tar -cfj ${BDIR}/${TAR_FILENAME} ${BADHOMEDIR}
$ sudo rm -rf ${BADHOMEDIR}/.* ${BADHOMEDIR}/*

# find all files owned by user
$ sudo find / -user ${BADUSER} > ~/backup/${OWNED_FILENAME}

# remove user
$ sudo userdel ${BADUSER}
2019-05-08 10:50:15

Logout the customer 'username' :

skill -KILL -u username

See man skill

2019-05-08 10:34:11