What is the best way to terminate a family of processes in Linux, if we assume that:
- arbitrary process in the family can get killed / terminates before we can start cleanup; as a result, if the child processes don't terminate, their PPID will be 1
- processes can change process groups
The particular scenario I'm looking at is Bash, but the more general technique, the better.
You may want to perform the killing (eventually via a script) in a different login shell to ensure you're not accidentally stopping/killing the very shell/script attempting to do the overall killing before it completes its job :)
The first key strategy is to not directly terminate a process, but to:
- just "freeze" it first (with kill -STOP <pid>) to prevent it from spawning other children (needed to reliably determine its children, otherwise you'll miss some as explained in this Q&A:https://superuser.com/questions/927836/how-to-deal-with-a-memory-leaking-fork-bomb-on-linux/927967#927967)
- add it to the list of processes to terminate (later)
- find the list of its children
- iterate the whole story on the children, rince repeat
Once the entire ancestry tree based on ppid is frozen you can start locating and freezing ancestries based on process groups - you can still determine these process groups reliably as long as the parents of the processes which changed their process group are still alive (since their ppid is not changed) - add these groups to a list of pgids to be nuked and freeze any new ppid-based process subtrees you may find in these groups like above:
- if their parents are still alive they should be frozen already as they're in the frozen ppid-based ancestry tree
- if they're orphans they will be killed when the entire pgid will be nuked
Related processes can be discovered by session ID in a manner very similar to the one based on group ID (except killing needs to be done by pid as the kill cmd supports a group ID but not a session ID).
Another way to find potentially related processes would be by their tty, if they have one. But with care - they might not be descendents of the process you want to kill but ancestors or sibblings. You can still freeze the ppid-based subtrees and groups you find this way while you investigate - you can always "thaw" them later (with kill -CONT) if they don't need to be killed.
I don't know how to locate descendant process subtrees decoupled by a processes declaring themselves session leaders (thus changing both their sid and pgid) if their parents died and they have no pty.
Once the entire list of subtrees is frozen processes can be killed (by pid or pgid as needed) or thawed to continue their work if desired.
来源:https://stackoverflow.com/questions/30980234/the-most-reliable-way-to-terminate-a-family-of-processes