In order to kill a process running on a machine, some local process (or the kernel) has to emit the killing signal. So you need a way to cause a process to emit that signal, and since you can't create a new process, you need to find a way that relies exclusively on already-running processes.
There is no standard daemon that can help you there. They would all process your authentication, then fork a new process (such as a shell) running as you. So if you have no console access and have no existing interaction with the machine, you're out of luck.
From your comments, it sounds like you still have a shell on the machine. Then there are things you can do. You can't run any external process, such as ls
or ps
. But you can run built-in commands such as echo
, read
, and kill
(kill
is not a built-in in all shells, but it is one in all shells that support job control, such as bash and zsh).
Each process has an associated directory under /proc
: /proc/12345
where 12345 is the process id. Thus you can get some information on exising by exploring /proc
. echo
with wildcards is helpful here, e.g. cd /proc; echo [0-9]*
shows the process ids of all running processes. If the shell is zsh, you can do a lot with glob qualifiers; for instance echo /proc/*(u$UID)
shows only the processes running under your user id.
A way to display the contents of a file without forking is
while read -r line; do
echo "$line"
done </path/to/file
You can kill many processes at once by passing them all to kill
. If you've identified a process that belongs to your daemon, try killing its process group with kill -9 -PGID
where PGID
is the process id of the group leader. You can find the process group id of process 123 with </proc/123/stat read pid tcomm state ppid pgrp sid more; echo $pgrp
. (The same information exists in a more readable form in /proc/123/
but you're not in a good condition to read it.) You can also try send a signal to all your processes (including the originating shell) with
trap : NUM
kill -NUM -1
Pick values of NUM other than KILL
(9) so that the trap
command does cause your shell to ignore the signal (KILL
cannot be trapped).
Your soft_kill has a few issues.
- killing a process isn't instantaneous but kill exits as soon as the signal is sent. You'll have to wait for a while before determining if the kill command succeed or if you need to escalate to -INT or -HUP.
- kill returns(1) zero (success) if it's allowed to send the signal. Not if it succeeds to kill the process. So in your code only the first kill will be executed.
(1)
kill()
RETURN VALUES
If successful, kill() returns a value of zero. On failure, it returns a value of -1, does not send a signal, and sets errno to one of the following values:
EINVAL
The value of sig is an invalid or unsupported signal number.
EPERM
The user ID of the sending process is not privileged; its real or effective user ID does not match the real or saved user ID of the receiving process. Or, the process does not have permission to send the signal to any receiving process.
ESRCH
No process or process group can be found that corresponds to the one that pid specifies.
Best Answer