System Administration

Re: user id processes not get killed

 
Abhilash Krishnan
Frequent Advisor

user id processes not get killed

Hi all
we are using ssh for all of our servers.
their is one problem we have no users login in server but still it shows some user in who output.When i kill that process it is not getting killed.So user not able to login because we have the policy that user can login only 3 times.Please see output below and help me .Its urgent.

smsc2@root:/>who -u
amogh pts/0 Feb 3 14:43 old 16316 172.16.18.184
amogh pts/3 Jan 30 16:27 old 5956 172.16.202.154
srikanth pts/2 Mar 12 09:58 . 20506 172.16.18.184



smsc2@root:/>kill -9 16316
kill: 16316: The specified process does not exist.
smsc2@root:/>kill -9 5956
kill: 5956: The specified process does not exist.
You have mail in /var/mail/root
22 REPLIES 22
john123
Trusted Contributor

Re: user id processes not get killed

ohh.. looks like they are defunct process.
What does ps -ef |grep 16316 shows..?

Regards
john
Abhilash Krishnan
Frequent Advisor

Re: user id processes not get killed

It doestn't show any process.
Avinash20
Honored Contributor

Re: user id processes not get killed

>/var/adm/btmp
>/var/adm/wtmp

After some time

# who -u
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Ganesan R
Honored Contributor

Re: user id processes not get killed

process could be zombie which you cannot kill it. Zombie process will not consume any resources other than entry in process table.

Best wishes,

Ganesh.
Abhilash Krishnan
Frequent Advisor

Re: user id processes not get killed

/var/adm/btmp
sh: /var/adm/btmp: Execute permission denied.

it could be zombe but i have to remove that entry from utmp
Matti_Kurkela
Honored Contributor

Re: user id processes not get killed

Your /etc/utmp and/or /etc/utmpx files may have been corrupted. Older versions of HP-UX have only /etc/utmp, modern ones have /etc/utmpx too.

If all users have now logged out, you can clear the utmp and utmpx files. The command to do this is "> /etc/utmp" for the utmp file and "> /etc/utmpx" for the utmpx file.
After doing this, you should log out. At next login, the utmp file(s) will be automatically recreated.

Normally the process that is managing the user's login session will write to /etc/utmp and/or /etc/utmpx when it exits, to mark that the session has ended. When someone logs in again and gets the same pts/number, the session record is automatically recycled. But if the session is ended with "kill -9", this process may be disrupted and the incorrect session information may remain until the next reboot or until the utmp files are manually cleared.

You should use "kill -HUP" and/or just an ordinary "kill" (without -9) to remove old sessions whenever possible. Use "kill -9" only in special cases, when the gentler forms won't work. An interactive shell won't usually die with an ordinary "kill", but will die with "kill -HUP".

MK
MK
Avinash20
Honored Contributor

Re: user id processes not get killed

You missed ">" sign

# cd /var/adm
# cat /dev/null > wtmp
# cat /dev/null > btmp
# login

# who -u
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Avinash20
Honored Contributor

Re: user id processes not get killed

Oops.. Matti.. is correct.
I went via man page of who command

DESCRIPTION
The who command can list the user's name, terminal line, login time,
elapsed time since input activity occurred on the line, the user's
host name, and the process-ID of the command interpreter (shell) for
each current system user. It examines the "/etc/utmp" file to obtain
its information. If file is given, that file is examined. Usually,
file is /var/adm/wtmp, which contains a history of all of the logins
since the file was last created.

## you could follow Matti's plan.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Abhilash Krishnan
Frequent Advisor

Re: user id processes not get killed

Hi MK thanks now who output not showing any user.Can i know when users are login how i can remove old users without affecting login users.