[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Approaches for killing left-behind processes /Re: killer in the manual



El vie, 06-11-2009 a las 09:32 +0100, José L. Redrejo Rodríguez
escribió:
> El jue, 05-11-2009 a las 20:23 +0100, RalfGesellensetter escribió:
> > Am Thursday, 5. November 2009 schrieb RalfGesellensetter:
> > > Please follow recent IRC log on #debian-edu to find some alternative 
> > > approaches on clearing left-behind processes deliberately (rather
> > >  than  killing arbitrary unidentified processes).
> > 
> > 
> > Dear list, only now I find the time to sumarize some thoughts from IRC:
> > 
> > <RalfG> h01ger: I start to understand what you dislike about killer. It 
> > kills processes not on purpose, but arbitrary -- like a redneck 
> > (alternative package name?) shooting at everything that doesn't match 
> > his patterns. 
> > <RalfG> I tend to agree that this approach is "bad" as it must fail as 
> > soon as you introduce new roles unknown to killer.
> > 
> > <RalfG> On contrary, the clean-up-left-behind-processes-after-logout-
> > script should follow a simple and clean policy like this:
> > <RalfG> get a list of users who were logged in today - and if they 
> > aren't logged in anymore, kill _their_ processes.
> > <RalfG> all needed for this can be found (again) in last.
> > <RalfG> alternatively, you could follow /var/log/auth.log and wait for 
> > "logout" messages. But this log is on tjener, I think.
> > 
> > <RalfG> Yet another approach could be to have processes of users killed, 
> > that are member in a given group (student) unless they are still logged 
> > in.
> > 
> > <RalfG> h01ger: this command shows all user sessions that have been 
> > closed today:
> > grep "session closed" /var/log/auth.log |grep -v "user root" | grep -v  
> > \ "user daemon" | grep -v "user nobody" |grep "`LANG=C date +"%b %_d"`"
> > \|cut "-d " -f12 |sort -u | grep ... | tr '[A-Z]' '[a-z]'
> > 
> > <RalfG> Now find users who are still logged in: 
> > LANG=C last |grep "still logged in" | cut "-d " -f1 | sort -u
> > 
> > <RalfG> note: here might be ambigious names as logins are truncated to 8 
> > characters.
> > <RalfG> Now I could do a "grep -v" on every line there to remove still 
> > logged in users...
> > 
> > <RalfG> rather than triggering the clean-up-left-behind-processes-after-
> > logout-script every hour, wouldn't it be great just to write a watchdog 
> > for auth.log - something like "tail -f /var/log/auth.log" that issues a 
> > pkill whenever a (regular) user closes their sessioN?
> > <RalfG> of course, this would mean, that all processes are killed of one 
> > of several sessions owned by the same user is closed (unless 
> > doublechecking "who").
> > <RalfG> and, of course, this script should not regard old entries in 
> > auth.log in case it is started much after boot time
> > 
> > Now, I think a combination of both should be possible (do the filtering 
> > on tail -f) -- and yes, of course, users who are permanently logged in 
> > will not be regarded (maybe by nightkill in debian-edu-config?).
> > 
> > There was also a discussion that virtually the session manager (like 
> > LDM) should do the job in a propper way, but then, there is also KDM and 
> > GDM, and it is hard to convince their upstreams to find a common way of 
> > purging closed sessions. Hence the watchdog for auth.log seems to be a 
> > straight forward way to go (to me), what do you think?
> > 
> > First steps could be auxialary scripts like test-if-user-is-logged-in 
> > (checking in who).
> > 
> > Then I wonder, if there isn't a mother process to all processes run 
> > within a session, so that the only thing to do is killing this embedding 
> > process at logout time?
> 
> 
> Just in case it might help: Last year when I given up using killer
> because of it killing ssh sessions, I implemented that kind of routine
> in ControlAula.
> In http://paste.debian.net/50868/ you can see the code (for 72 hours
> since now)
> 
> When using gnome, one of the common zombie processes is gnome-panel, if
> an user logins with gnome-panel running as a zombie with his own login,
> the desktop is totally broken, so ControlAula is calling this killer()
> routine with a watch timer every 10 seconds.
> 
> The approach is similar to yours, but using 'who' instead of 'last'. It
> just gets a list of the logged users and another list with the logged
> processes with their user id. It compares them and kills all the
> processes whose uid are not logged and between 1000 and 65535 (to avoid
> killing services and processes launched under the "nobody" user).
> It's quite simple and has been working perfectly for our purposes for
> about a year in our schools.
> 
> Regards.
> 

I've almost forgot it: using who instead of last, you don't have the 8
chars limit in the login names.

Attachment: signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada digitalmente


Reply to: