Killing all members of a process group in Linux

Overview

As a Linux system administrator, dealing with processes is a frequent task. Generally, they're easy to stop, however in certain cases - when there are large numbers of processes within the same groups - additional steps might be needed.

We’ll take a closer look at how to manage processes using the concept of “groups”. Also, how to terminate all processes that belong to one particular group.

Process Groups

A process grouping in Linux is a way that Linux processes share the same PIDs (process IDs). They are a set of related processes that share the same PIDs.

Killing the parents doesn't necessarily mean that the kids will be killed too. However, if we kill the parents, they won't run anymore. So, we'll see how killing a specific pid (the one belonging to the parents) allows us to stop all its associated pids.

For each process group there is one group lead who has the same process ID (PGID) as all the other members of the group.

Setting Up a List of Grouped Processes

We assume a situation where there is a hierarchy of applications running. Therefore, we will write three programs that will call each other, creating a lot of subprocess groups.

Let's create a shell script called parent.sh with the following content −

#!/bin/bash
bash parent.sh &
bash parent.sh &
for i in {1..100}; do 
sleep 2; 
echo -n "This is the grandparent process $i"; 
done

Let’s now add another script called parent.sh and one called children.sh.

#!/bin/bash
bash children.sh &
bash children.sh &
for i in {1..100}; do sleep 2; echo -n "This is the parent process $i"; 
done
#!/bin/bash
for i in {1..100}; do 
sleep 2; 
echo -n "This is a test in children process $i"; 
done

Let’s now run the topmost shell file, which will start up other processes using the following command −

./grandparent.sh

Using The ps Command to Find The Process Group

We'll use the ps to get the list of currently running processes.

• -e − To select all processes

• -f − By default, the ps command does not display full-format listing and PGID and extra columns as options.

• -j − List process in jobs format.

$ ps -efj
UID          PID    PPID    PGID     SID  C STIME TTY          TIME CMD
root           1       0       1       1  0 11:18 ?        00:00:01 /usr/lib/systemd/systemd --switched-root --system --deserialize 18
root           2       0       0       0  0 11:18 ?        00:00:00 [kthreadd]
root           3       2       0       0  0 11:18 ?        00:00:00 [rcu_gp]
root           4       2       0       0  0 11:18 ?        00:00:00 [rcu_par_gp]
root           6       2       0       0  0 11:18 ?        00:00:00 [kworker/0:0H]
root           8       2       0       0  0 11:18 ?        00:00:00 [mm_percpu_wq]
root           9       2       0       0  0 11:18 ?        00:00:00 [ksoftirqd/0]
root          10       2       0       0  0 11:18 ?        00:00:00 [rcu_sched]

Filtering The Process List Output

If there are multiple processes running in your computer, the output may need to be filtered. We’ll look at using some tools to help us identify the process group ID (PGID) for the process we want to terminate.

Going off the setup we just constructed in section 3, there should be one set of processes with an identical PGID.

$ ps -efj | egrep "PGID|children|parent"

UID          PID    PPID    PGID     SID  C STIME TTY          TIME CMD
vagrant     6389    5377    6389    5377  0 12:49 pts/0    00:00:00 bash grandparent.sh
vagrant     6390    6389    6389    5377  0 12:49 pts/0    00:00:00 bash parent.sh
vagrant     6391    6389    6389    5377  0 12:49 pts/0    00:00:00 bash parent.sh
vagrant     6393    6390    6389    5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant     6394    6390    6389    5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant     6395    6391    6389    5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant     6397    6391    6389    5377  0 12:49 pts/0    00:00:00 bash children.sh
vagrant     6440    4570    6439    4570  0 12:49 pts/1    00:00:00 grep -E --color=auto PGID|children|parent

Section 2 discusses the PIDs of the first process to run all other programs. These PIDs are then assigned to all other running programs.

Killing a Process Using The PGID

We'll be using the kill command to terminate processes by sending them a kill signal. Here's an example of how we'd execute the kill command −

kill -- -$PGID

The two dashes (--) represent the default SIGTERM signals. According to Figure 5, the PGID for the group of processes that we want to kill is 6389 Knowing this, we know that we can kill this group by using the "kill" command.

kill -- -6389

We can also use signals we normally use with processes. For example, if we want to terminate the process group using SIGKILL –9, then we would type −

kill -9 -6389

SIGQUIT can be used to send a terminal quit signal to processes within a group.

kill -SIGQUIT -6389

Conclusion

We learned how we could use the "kill" command to terminate processes belonging the same process groups. You can terminate by sending either SIGTERM or SIG QUIT signals. Killing a running program using this method allows for situations where a large number of programs are constantly run. A program needs to be shut down.