Killing all members of a process group in Linux

As a Linux system administrator, dealing with processes is a frequent task. Generally, they're easy to stop, however in certain cases when there are large numbers of processes within the same groups additional steps might be needed.

We'll take a closer look at how to manage processes using the concept of process groups and how to terminate all processes that belong to one particular group efficiently.

Process Groups

A process group in Linux is a collection of related processes that share the same Process Group ID (PGID). Each process group has one group leader whose PID becomes the PGID for all members of the group. This hierarchical structure allows Linux to manage related processes collectively.

Killing the parent process doesn't necessarily terminate all child processes. However, by targeting the entire process group using its PGID, we can stop all related processes simultaneously.

Setting Up a Test Process Hierarchy

Let's create a practical example with a hierarchy of shell scripts that spawn multiple processes. First, create grandparent.sh

#!/bin/bash
bash parent.sh &
bash parent.sh &
for i in {1..100}; do
    sleep 2
    echo "This is the grandparent process $i"
done

Next, create parent.sh

#!/bin/bash
bash children.sh &
bash children.sh &
for i in {1..100}; do
    sleep 2
    echo "This is the parent process $i"
done

Finally, create children.sh

#!/bin/bash
for i in {1..100}; do
    sleep 2
    echo "This is a child process $i"
done

Make the scripts executable and run the top-level script

chmod +x *.sh
./grandparent.sh

Finding Process Groups with ps Command

Use the ps command with specific options to display process group information

• -e Select all processes

• -f Full-format listing

• -j Jobs format (shows PGID column)

ps -efj

UID         PID   PPID  PGID   SID  C STIME TTY          TIME CMD
root          1      0     1     1  0 11:18 ?        00:00:01 /usr/lib/systemd/systemd
root          2      0     0     0  0 11:18 ?        00:00:00 [kthreadd]
vagrant    6389   5377  6389  5377  0 12:49 pts/0    00:00:00 bash grandparent.sh
vagrant    6390   6389  6389  5377  0 12:49 pts/0    00:00:00 bash parent.sh
vagrant    6391   6389  6389  5377  0 12:49 pts/0    00:00:00 bash parent.sh

Filtering Process Output

To identify specific process groups, filter the output using grep

ps -efj | grep -E "PGID|children|parent"

UID         PID   PPID  PGID   SID  C STIME TTY          TIME CMD
vagrant    6389   5377  6389  5377  0 12:49 pts/0    00:00:00 bash grandparent.sh
vagrant    6390   6389  6389  5377  0 12:49 pts/0    00:00:00 bash parent.sh
vagrant    6391   6389  6389  5377  0 12:49 pts/0    00:00:00 bash parent.sh
vagrant    6393   6390  6389  5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant    6394   6390  6389  5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant    6395   6391  6389  5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant    6397   6391  6389  5377  0 12:49 pts/0    00:00:00 bash children.sh

Notice that all processes share the same PGID (6389), indicating they belong to the same process group.

Killing Process Groups

To terminate an entire process group, use the kill command with a negative PGID

kill -- -PGID

For our example with PGID 6389

kill -- -6389

Using Different Signals

You can specify different signals for termination

# Force kill with SIGKILL
kill -9 -6389

# Graceful termination with SIGTERM (default)
kill -TERM -6389

# Send quit signal
kill -QUIT -6389

Conclusion

Process groups provide an efficient way to manage related processes collectively in Linux. By using the kill command with a negative PGID, you can terminate entire process hierarchies with a single command. This technique is particularly useful when dealing with complex applications that spawn multiple child processes.