How to use kill and kill to manage processes on Linux

You can use the ps command to view the running process. You usually use the parameters of the ps command to display more output information. I like to use the - e parameter to see each running process, and the - f parameter to get the full details of each process. Here are some examples:

$ ps
    PID TTY          TIME CMD
  88000 pts/0    00:00:00 bash
  88052 pts/0    00:00:00 ps
  88053 pts/0    00:00:00 head
$ ps -e | head
    PID TTY          TIME CMD
      1 ?        00:00:50 systemd
      2 ?        00:00:00 kthreadd
      3 ?        00:00:00 rcu_gp
      4 ?        00:00:00 rcu_par_gp
      6 ?        00:00:02 kworker/0:0H-events_highpri
      9 ?        00:00:00 mm_percpu_wq
     10 ?        00:00:01 ksoftirqd/0
     11 ?        00:00:12 rcu_sched
     12 ?        00:00:00 migration/0
$ ps -ef | head
UID          PID    PPID  C STIME TTY          TIME CMD
root           1       0  0 13:51 ?        00:00:50 /usr/lib/systemd/systemd --switched-root --system --deserialize 36
root           2       0  0 13:51 ?        00:00:00 [kthreadd]
root           3       2  0 13:51 ?        00:00:00 [rcu_gp]
root           4       2  0 13:51 ?        00:00:00 [rcu_par_gp]
root           6       2  0 13:51 ?        00:00:02 [kworker/0:0H-kblockd]
root           9       2  0 13:51 ?        00:00:00 [mm_percpu_wq]
root          10       2  0 13:51 ?        00:00:01 [ksoftirqd/0]
root          11       2  0 13:51 ?        00:00:12 [rcu_sched]
root          12       2  0 13:51 ?        00:00:00 [migration/0]

The final example shows the most details. In each line, the UID (user ID) shows the owner of the process. PID (process ID) represents the digital ID of each process, while PPID (parent process ID) represents the digital ID of its parent process. In any Unix system, the process is numbered from 1 and is the first process to run after the kernel is started. Here, systemd is the first process that spawned kthreadd, which also created other processes, including rcu_gp,rcu_par_gp and a series of processes.

Use the kill command to manage processes

The system handles most background processes, so you don't need to worry about them. You only need to focus on the processes created by the application you are running. Although many applications run only one process at a time (such as music player, terminal simulator or game), other applications may create background processes. Some of these apps may still run in the background after you exit so that they can start quickly the next time you use them.

When I run chromium (an open source project on which Google Chrome is based), process management becomes a problem. Chromium ran very hard on my laptop and produced many additional processes. Now I can see these chromium processes by opening only five tabs:

$ ps -ef | fgrep chromium
jhall      66221   [...]  /usr/lib64/chromium-browser/chromium-browser [...]
jhall      66230   [...]  /usr/lib64/chromium-browser/chromium-browser [...]
jhall      66861   [...]  /usr/lib64/chromium-browser/chromium-browser [...]
jhall      67329   65132  0 15:45 pts/0    00:00:00 grep -F chromium

I've omitted some lines, including 20 chromium processes and a grep process searching for "chromium" characters.

$ ps -ef | fgrep chromium | wc -l

But after I quit Chromium, these processes are still running. How do I close them and reclaim the memory and CPU occupied by these processes?

The kill command allows you to terminate a process. In the simplest case, you tell the kill command to terminate the PID of the process you want to terminate. For example, to terminate these processes, I need to execute the kill command for all 20 Chromium process IDs. One method is to use the command line to obtain Chromium PID, and the other method is to run kill against the list:

$ ps -ef | fgrep /usr/lib64/chromium-browser/chromium-browser | awk '{print $2}'
$ ps -ef | fgrep /usr/lib64/chromium-browser/chromium-browser | awk '{print $2}' > /tmp/pids
$ kill $(cat /tmp/pids)

The last two lines are the key. The first command line generates a list of process IDs from Chromium browser. The second command line runs the kill command against the list of process IDs.

Describes the kill command

There is a simpler way to terminate multiple processes at once. Use the kill command. You may guess from the name that kill will terminate all processes matching the name. This means that we can use this command to stop all rogue Chromium processes. This is very simple:

$ killall /usr/lib64/chromium-browser/chromium-browser

But be careful to use kill. This command can terminate all processes that match the name you give. That's why I like to use the ps -ef command to check the process I'm running, and then run kill for the exact path of the command to stop.

You can also use the - i or -- interactive parameter to let killkill prompt you before stopping each process.

killall also supports using the - o or -- older than parameters to find processes earlier than a specific time. For example, it will be helpful if you find a group of malicious processes that have been running for several days. Alternatively, you can find processes later than a specific time, such as runaway processes you recently started. Use the - y or -- young than parameters to find these processes.

Other ways of managing processes

Process management is an important part of system maintenance. In my early career as a Unix and Linux system administrator, the ability to kill illegal jobs was the key to keeping the system running normally. Today, you may not need to personally terminate rogue processes on Linux, but you know that kill and kill can help you in the end.

You can also find other ways to manage the process. In my case, I don't need to use kill or kill to terminate the background Chromium process after I exit the browser. There is a simple setting in Chromium to control:

However, it is wise to always focus on which processes are running on the system and intervene when needed.

Posted by dgreenhouse on Wed, 01 Dec 2021 12:33:52 -0800