Make all the processes of a given user killable by anyone

not-root-userprivilegesusers

On a shared server, I would like to have some very low priority users such that whenever an other user (also without root privileges) needs the resources, they can kill any of the low priority users' processes.

Is it possible to allow something like that?

Best Answer

Give the other users permission to kill the processes as the low priority user through

sudo -u lowpriouser /bin/kill PID

A user can only signal their own processes, unless they have root privileges. By using sudo -u a user with the correct set-up in the sudoers file may assume the identity of the low priority user and kill the process.

For example:

%killers ALL = (lowpriouser) /bin/kill

This would allow all users in the group killers to run /bin/kill as lowpriouser.

See also the sudoers manual on your system.

On an OpenBSD system, the same can be done through the native doas utility with a configuration like

permit :killers as lowpriouser cmd /bin/kill

Then

doas -u lowpriouser /bin/kill PID

See the manuals for doas and doas.conf.

Related Question