HPE Community
Operating System - HP-UX
1834814 Members
2392 Online
110070 Solutions
New Discussion

Re: How is the kill -4 command different from kill -9 on HPUX?

 
SOLVED
Go to solution
Mike Bray
Advisor

‎09-08-2006 03:54 AM

‎09-08-2006 03:54 AM

How is the kill -4 command different from kill -9 on HPUX?

Anybody know what the kill -4 command is actually doing on an HPUX server when killing a process? I heard it's the same as using a kill -9 which is very harsh. If so it makes no sense HP would have two options doing the same thing. We support a client base who gives the root account out like it's candy. Many are kill happy and we are compiling a list of sorts of the proper order (when absolutley needed) for someone to use the kill command. ie, kill -15, 1, 2, 3, 11

Somewhere down the line a rep told many of our clients to use the kill -4. I can tell them not to use this any longer but helps if I can provide an expanation better than "it's the same as using a kill -9" which HP told me yesterday. If it truly is, seems strange.
0 Kudos
10 REPLIES 10
Steven E. Protter
Exalted Contributor

‎09-08-2006 03:59 AM

‎09-08-2006 03:59 AM

Solution

Re: How is the kill -4 command different from kill -9 on HPUX?

Shalom,

kill -9 says kill the process and its parent.

It is the most destructive and potentially dangerous kill command. Run as root, it can make a system unstable.

A normal kill is what you should use. I do not use kill -4 on a regular basis and recommend against it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
A. Clay Stephenson
Acclaimed Contributor

‎09-08-2006 04:02 AM

‎09-08-2006 04:02 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

Just like it's different on any other UNIX flavor. Kill -4 is a SIGILL (Illegal Instruction); the chief difference between them is a kill -4 can be caught but a kill -9 can't be caught. It is true that using kill -4 is "better" than using a kill -9 but only because kill -9 is worse than any other kill. Do a kill -l to list all the signals and then do a man 5 signal to see the default handling of each of these.

This is a disaster waiting to happen. I can't imagine supporting a system where ordinary users are given the root password. I would run from that. The root password needs to be changed and restricted immediately. Being able to issue a kill -9 on your own processes is bad enough; being able to do it to any process is Looney Tunes.


If it ain't broke, I can fix that.
0 Kudos
A. Clay Stephenson
Acclaimed Contributor

‎09-08-2006 04:05 AM

‎09-08-2006 04:05 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

"kill -9 says kill the process and its parent"

This is an incorrect statement. Kill -9 PID says send a SIGKILL (which can't be caught)to PID and nothing more. If the parent process happens to terminate that is a side effect.
If it ain't broke, I can fix that.
0 Kudos
Mike Bray
Advisor

‎09-08-2006 04:18 AM

‎09-08-2006 04:18 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

Excellent, got the two of the best guys I've seen post out here. That was exactly what I was looking for Clay. Yes it's "better" than a kill -9 (with a grin) but highly recommend not using it. Was difficult finding someone who could tell me that it "can" be captured where of course the kill -9 can't.

Yes, welcome to my world. I absolutely love my job and unable to disclose where I work. But...we have dozens (maybe hundreds?) of clients who don't understand the basic concepts of System Administration on HPUX. I want speak of security and proper administration of these servers out here but.....Many are migrating from MPE and are in the early stages of just trying to get things up and running on HPUX. Hopefully at some point each starts to gain more knowledgeable staff both on the managerial side and technical side of things.

You both are exceptional by the way and have enjoy reading some of your posts over the past 7 years or so. This might be my first post ever but can't recall for sure. Usually just surf around when needing to find something. Have a good day and appreciate guys like you out here helping all of us out.
0 Kudos
Mike Bray
Advisor

‎09-08-2006 04:23 AM

‎09-08-2006 04:23 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

Thanks guys.
0 Kudos
A. Clay Stephenson
Acclaimed Contributor

‎09-08-2006 04:33 AM

‎09-08-2006 04:33 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

A big part of your job is "fixing" this situation. As a sysadmin, whatever happens is YOUR responsibility. You need to immediately take this situation to your management. It's time to have what is known where I'm from as a "Come to Jesus" meeting; At that very least I would walk away from that meeting with a signed memo indicating that you have informed them of the poor, dangerous practices, and the responsibility of the continuance of such policies rests with them. Very few managers will take that kind of responsibility and will then allow more reasonable and safe policies to be implemented.

It's difficult enough to prevent knowledgeable users from breaking a system; it's impossible to prevent ignorant (and I use that term in the strictest sense rather than stupid which can't be fixed) users from doing the same when they are given root access.

If there is ever a security audit, you guys are going to be hung out to dry --- and deservedly so.
If it ain't broke, I can fix that.
0 Kudos
Mike Bray
Advisor

‎09-08-2006 04:52 AM

‎09-08-2006 04:52 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

I'm fully aware but I can't get into all of it out here. Our "own internal" servers are strictly managed. Where the fun comes into play is clients who call us for support of their servers and lack either the resources, knowledge or desire to do things like we recommend. We can urge them all day long to follow our recommendations (by us, HP and other vendors) but ultimately each has it's own set of guidelines they will follow. It would be like us suing HP for a security breach but we didn't follow anything they asked us to do (or just some of it). It's scary I know and if you knew who was doing this it would really tick you off. Our nightmare is we ultimately have to work on getting their servers back up and running, doing database restores and troubleshooting things that should have never been allowed to occur. My guess is HP could say the same thing about all the folks who call in for help.
Rest assured all "our" administration is strictly controlled. Just amazing to fly around the country and see what some of our clients are doing or NOT doing.
0 Kudos
Mike Bray
Advisor

‎09-08-2006 05:00 AM

‎09-08-2006 05:00 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

Oh and by the way to get your blood going even more....We can log into "LIVE" production servers months/years after migrating them only to find they are still using the default passwords we setup for root and all the application user accounts. Now that's really scary and yes...we have records of telling them to change these ASAP. Let's just say I wouldn't put my money in any of these institutions and this whole thing on personal information getting out is a no brainer from what I've seen in the financial area I work in.
0 Kudos
Bill Hassell
Honored Contributor

‎09-08-2006 02:09 PM

‎09-08-2006 02:09 PM

Re: How is the kill -4 command different from kill -9 on HPUX?

Hopefully, you and your management are strongly recommending security and procedural audits for these institutions. MPE is so proprietary and closed that many of the standard practices would be unacceptable in systems like HP-UX. With HIPAA and SOX and fiscal regulations now mandating proper access controls and procedures, these practices can usually be cleared up from the CEO level. It is amazing that many institutions will hire consulants to adzise on processes and procedures, then follow none of the recommendations that make system operations more inconvenient.

kill -9 in a database environment almost guarentees database corruption and loss of shared memory space in HP-UX. Unfortunately, far too many beginner Unix books and classes advocate terrible practices like kill -9 and chmod -R 777 to 'fix' problems.


Bill Hassell, sysadmin
0 Kudos
Mike Bray
Advisor

‎09-11-2006 04:02 AM

‎09-11-2006 04:02 AM

Re: How is the kill -4 command different from kill -9 on HPUX?

Bill you hit the nail on the head. Practices they "could" get away with in MPE will not be acceptable in the Unix world. We are strictly controlled but often find ourselves in the middle of a bad nightmare due to the client running our main applications on their servers. I would guess nearly 75% don't have "real" system administrators and rely on operators to fill those shoes.

It's kinda like purchasing a real nice Corvette and just driving it until it breaks down. While driving they ingore speed limits, often hit things and don't do any maintance. Most don't know how to put gas in it, change the oil, lift the hood, fix a flat tire...etc..etc..etc. Oh, and they never lock it up, leave the top down and keys are in the ignition.

I think that wraps up the world I support right now in terms of security and basic system administration for these HP9000 servers. (Over 140 clients in the banking industry) It's extremely chaotic at times, stressful and carrying beeper 24X7 will definitely burn me out at some point. Overall though, it's the best job I've had so far in IT in terms of gaining valuable experiences and knowledge. I do see improvements with our client base but still seems like we are climbing Mount Everest. I'm actually thinking of leaving now to go into Disaster Recovery for a local company. Haven't decided yet.

Thanks again guys, I'll be out here now and then. Your great, I'd hire you in a second if I was in that sort of position and admire how you help folks out here.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.