[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Approaches for killing left-behind processes /Re: killer in the manual

Am Thursday, 5. November 2009 schrieb RalfGesellensetter:
> Please follow recent IRC log on #debian-edu to find some alternative 
> approaches on clearing left-behind processes deliberately (rather
>  than  killing arbitrary unidentified processes).

Dear list, only now I find the time to sumarize some thoughts from IRC:

<RalfG> h01ger: I start to understand what you dislike about killer. It 
kills processes not on purpose, but arbitrary -- like a redneck 
(alternative package name?) shooting at everything that doesn't match 
his patterns. 
<RalfG> I tend to agree that this approach is "bad" as it must fail as 
soon as you introduce new roles unknown to killer.

<RalfG> On contrary, the clean-up-left-behind-processes-after-logout-
script should follow a simple and clean policy like this:
<RalfG> get a list of users who were logged in today - and if they 
aren't logged in anymore, kill _their_ processes.
<RalfG> all needed for this can be found (again) in last.
<RalfG> alternatively, you could follow /var/log/auth.log and wait for 
"logout" messages. But this log is on tjener, I think.

<RalfG> Yet another approach could be to have processes of users killed, 
that are member in a given group (student) unless they are still logged 

<RalfG> h01ger: this command shows all user sessions that have been 
closed today:
grep "session closed" /var/log/auth.log |grep -v "user root" | grep -v  
\ "user daemon" | grep -v "user nobody" |grep "`LANG=C date +"%b %_d"`"
\|cut "-d " -f12 |sort -u | grep ... | tr '[A-Z]' '[a-z]'

<RalfG> Now find users who are still logged in: 
LANG=C last |grep "still logged in" | cut "-d " -f1 | sort -u

<RalfG> note: here might be ambigious names as logins are truncated to 8 
<RalfG> Now I could do a "grep -v" on every line there to remove still 
logged in users...

<RalfG> rather than triggering the clean-up-left-behind-processes-after-
logout-script every hour, wouldn't it be great just to write a watchdog 
for auth.log - something like "tail -f /var/log/auth.log" that issues a 
pkill whenever a (regular) user closes their sessioN?
<RalfG> of course, this would mean, that all processes are killed of one 
of several sessions owned by the same user is closed (unless 
doublechecking "who").
<RalfG> and, of course, this script should not regard old entries in 
auth.log in case it is started much after boot time

Now, I think a combination of both should be possible (do the filtering 
on tail -f) -- and yes, of course, users who are permanently logged in 
will not be regarded (maybe by nightkill in debian-edu-config?).

There was also a discussion that virtually the session manager (like 
LDM) should do the job in a propper way, but then, there is also KDM and 
GDM, and it is hard to convince their upstreams to find a common way of 
purging closed sessions. Hence the watchdog for auth.log seems to be a 
straight forward way to go (to me), what do you think?

First steps could be auxialary scripts like test-if-user-is-logged-in 
(checking in who).

Then I wonder, if there isn't a mother process to all processes run 
within a session, so that the only thing to do is killing this embedding 
process at logout time?

Reply to: