Get the PID of a process started with sudo via ssh - linux

I need the process id of a process (here sleep 20) started remotely via SSH and sudo.
date is inserted to illustrate the duration of the SSH connection. Without connection there is also no process on my remote machine, of course.
$ date; ssh pc1 "sleep 20 & echo \$!"; date # works
Mi 20. Jan 16:18:29 CET 2016
11540
Mi 20. Jan 16:18:50 CET 2016
$ date; ssh pc1 "echo password | sudo -S sleep 20"; date # works
Mi 20. Jan 16:20:44 CET 2016
[sudo] password for lab: Mi 20. Jan 16:21:04 CET 2016
$ date; ssh pc1 "echo password | sudo -S sleep 20 & echo \$!"; date # does not
Mi 20. Jan 16:21:55 CET 2016
11916
Mi 20. Jan 16:21:56 CET 2016
On a second machine the last, complete command works fine:
$ date; ssh pc2 "echo password | sudo -S sleep 20 & echo \$!"; date
Mi 20. Jan 16:23:40 CET 2016
6035
[sudo] password for lab: Mi 20. Jan 16:24:01 CET 2016
Any suggestion why there is this different behaviour of the two machines?
Info: I know the risk of clear passwords but it's a shared account in an isolated test network.

Something like this?
$ remote_pid=$(ssh mauro#planck 'sleep 20 > /dev/null 2>&1 & echo $!')
$ echo $remote_pid
13878
or...
$ remote_pid=$(ssh mauro#planck 'echo secret | sudo -S sleep 20 > /tmp/log 2>&1 & echo $!')

It looks like an issue with incomplete process dependencies. With some additional milliseconds the connection (and process) keeps established the whole time.
$ date; ssh pc1 "echo password | sudo -S sleep 20 & echo \$! && sleep 0.01"; date
Do 21. Jan 14:50:39 CET 2016
[sudo] password for lab: 6841
Do 21. Jan 14:51:00 CET 2016

Related

RHEL 8 systemctl startup script fails

I have an application startup script that works correctly under RHEL 7, using both the "service" and "systemctl" commands. However when I use the same startup script and service config file on RHEL 8, the "service" command will stop and start the application, but the "systemctl" command will not start it.
The contents of the alm.service file are:
[Unit]
Description=Application Lifecycle Management (ALM)
Documentation=https://software.microfocus.com/en-us/solutions/software-development-lifecycle
After=opt-repository.mount
[Service]
Type=forking
PIDFile=/var/opt/HP/ALM/runtime/MFALM.pid
User=alm
ExecStart=/etc/init.d/alm start
ExecStop=/etc/init.d/alm stop
[Install]
WantedBy=multi-user.target
The portion of the /etc/init.d/alm script that starts the application is:
#!/bin/bash
#
# chkconfig: 35 20 80
# Description: QC Application LifeCycle Management
#
export LANG="en_US.utf8"
source /etc/profile
start () {
echo -n "Starting HP ALM: "
#Log as alm if account is not the good one
testfile=/opt/repository/base_install/.test_$RANDOM_`date|sed 's/ //g'`
testcmd="touch $testfile"
rmcmd="rm $testfile"
if [ `id -u` -eq 0 ]; then
testcmd="su alm -c \"touch $testfile\""
rmcmd="su alm -c \"rm $testfile\""
fi
echo
eval "$testcmd" 2>/dev/null
if [ ! $? -eq 0 ]; then
echo $'\n'"$0 ERROR: UNABLE to access REPOSITORY (touch $testfile) on read-write mode !"
echo $'\n'"!!! ABORTING ALM restart !!!"
echo $'\n'"But this could also be caused by this `uname -n` client needing reboot due to NFS hang."
else
eval "$rmcmd"
cd /var/opt/HP/ALM/wrapper
id
ls -l HPALM
# ./HPALM start
/var/opt/HP/ALM/wrapper/HPALM start
echo "HPALM returned Status: " $?
ls -l /var/opt/HP/ALM/runtime/MFALM.pid
fi
}
The HPALM script forks the daemon process and creates the /var/opt/HP/ALM/runtime/MFALM.pid file when the process is started.
When I do service alm start the application starts correctly.
However, when I do systemctl start alm I get the following error in journalctl -xe
Oct 03 21:18:29 12ee04f4556c44c alm[1311785]: Starting QC ALM:
Oct 03 21:18:29 12ee04f4556c44c alm[1311785]: user ID uid=(alm) gid=(team_alm_L4_users)
Oct 03 21:18:29 12ee04f4556c44c alm[1311785]: calling ./HPALM start
Oct 03 21:18:29 12ee04f4556c44c alm[1311829]: uid=(alm) gid=(team_alm_L4_users)
Oct 03 21:18:29 12ee04f4556c44c alm[1311830]: -rwxr-xr-x. 1 alm team_alm_L4_users 54983 Oct 3 21:06 HPALM
Oct 03 21:18:29 12ee04f4556c44c alm[1311831]: /etc/init.d/alm: line 36: /var/opt/HP/ALM/wrapper/HPALM: Permission denied
Oct 03 21:18:29 12ee04f4556c44c alm[1311785]: HPALM returned Status: 126
Oct 03 21:18:29 12ee04f4556c44c alm[1311832]: ls: cannot access '/var/opt/HP/ALM/runtime/MFALM.pid': No such file or directory
The RHEL 8 release version is Red Hat Enterprise Linux release 8.6 (Ootpa)
These same files and scripts work correctly on RHEL 7.
Does anyone know what has changed with RHEL 8 that would cause this to fail with systemctl but allow it to work with service?

Time not set right, date -u and hwclock -u yield different results

so i am having this weird problem with my clock on pc. I am currently using Kali Linux 2018.1.
Basically my problem is that my computer time is one hour behind every time i start my pc. So is my hardware clock. What i find even weirder is that date -u and hwclock -u display different results:
root#horse:/etc# date
Sat Mar 3 22:50:56 CET 2018
root#horse:/etc# hwclock
2018-03-03 22:50:59.654599+0100
root#horse:/etc# date -u
Sat Mar 3 21:51:03 UTC 2018
root#horse:/etc# hwclock -u
2018-03-03 23:51:09.904595+0100
root#horse:/etc#
The time from hwclock -u is the correct one.
Can you please help me understand and solve this issue?
Since hwclock -u showed the correct time:
#hwclock -u > date -s
#hwclock -w
This seemed to do the trick.
Alternatively :
#date -s M/D/Y +hh:mm
#hwclock -w

Timezone doesn't change after update to Asia/Tehran in CentOS 6.6

I have changed server timezone with following commands :
cp /etc/localtime /root/old.timezone
rm /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Tehran /etc/localtime
but When I check server timezone it shows :
$ date
---------
Wed Apr 22 08:15:03 UTC 2015
which is wrong.
also /etc/localtime out put is :
TZif2UTCTZif2UTC
UTC0
How do I change server timezone?
OS : CentOS
Version : 6.6
I have a CentOS 6.6 and I did as follow
# mv localtime localtime.old
# date
Thu Apr 23 13:14:36 UTC 2015
# ln -s /usr/share/zoneinfo/Asia/Tehran /etc/localtime
# ll localtime
lrwxrwxrwx. 1 root root 31 Apr 23 17:45 localtime -> /usr/share/zoneinfo/Asia/Tehran
# date
Thu Apr 23 17:45:36 IRDT 2015
as you see it did work prefect for me, I did all these change with root user

how to kill the tty in unix

This is the result of the finger command (Today(Monday) when I (Vidya) logged in)
sekic1083 [6:14am] [/home/vidya] -> finger
Name Tty Idle Login Time Where
Felix pts/0 - Thu 10:06 sekic2594.rnd.ki.sw.
john pts/1 2d Fri 15:43
john *pts/2 2d Fri 15:43
john *pts/3 4 Fri 15:44
john *pts/7 - Thu 16:25
Vidya pts/0 - Mon 06:14
Vidya *pts/5 - Mon 06:14
Vidya *pts/6 - Tue 10:13
Vidya *pts/9 - Wed 05:39
Vidya *pts/10 - Wed 10:23
Under column the Tty pts/0 and pts/5 are the current active terminals.
Apart from those two pts/6, pts/9 and pts/10 are also present and I had logged into these last week. But the idle time for them is showing as "-" (not idle).
How can I kill these 6,9 and 10 terminals?
You can run:
ps -ft pts/6 -t pts/9 -t pts/10
This would produce an output similar to:
UID PID PPID C STIME TTY TIME CMD
Vidya 772 2701 0 15:26 pts/6 00:00:00 bash
Vidya 773 2701 0 16:26 pts/9 00:00:00 bash
Vidya 774 2701 0 17:26 pts/10 00:00:00 bash
Grab the PID from the result.
Use the PIDs to kill the processes:
kill <PID1> <PID2> <PID3> ...
For the above example:
kill 772 773 774
If the process doesn't gracefully terminate, just as a last option you can forcefully kill by sending a SIGKILL
kill -9 <PID>
I had the same question as you but I wanted to kill the gnome terminal which I was in. I read the manual on "who" and found that you can list all of the sessions logged into your computer with the '-a' option and then the '-l' option prints the system login processes.
who -la
You should get something like this. Then all you have to do is kill the process with the 'kill' command.
kill <PID>
for example kill pts/0
pkill -9 -t pts/0
Try this:
skill -KILL -v pts/6
skill -KILL -v pts/9
skill -KILL -v pts/10
I had the same problem today.
I had NO remaining processes, but the remaining finger entry of user "xxx",
which prevent me the deletion of this user using "userdel xxx".
Error message was: userdel: account `xxx' is currently in use.
It looked like a crashed terminal session. So I rebooted, but the issue remained.
last xxx
xxx pts/5 10.1.2.3 Fri Feb 7 10:25 - crash (01:27)
So I (re)moved the /var/run/utmp file:
mv /var/run/utmp /var/run/utmp.save ; touch /var/run/utmp
This cleared all finger entries. Unfortunately in this way even the current running sessions will be cleared. If this is an issue for you, you have to reboot, after you (re)moved the utmp file.
However in my case this was the solution. Afterwards I was able to successfully delete the user, using "userdel xxx".
you do not need to know pts number, just type:
ps all | grep bash
then:
kill pid1 pid2 pid3 ...
The simplest way is with the pkill command.
In your case:
pkill -9 -t pts/6
pkill -9 -t pts/9
pkill -9 -t pts/10
Regarding tty sessions, the commands below are always useful:
w - shows active terminal sessions
tty - shows your current terminal session (so you won't close it by accident)
last | grep logged - shows currently logged users
Sometimes we want to close all sessions of an idle user (ie. when connections are lost abruptly).
pkill -u username - kills all sessions of 'username' user.
And sometimes when we want to kill all our own sessions except the current one, so I made a script for it. There are some cosmetics and some interactivity (to avoid accidental running on the script).
#!/bin/bash
MYUSER=`whoami`
MYSESSION=`tty | cut -d"/" -f3-`
OTHERSESSIONS=`w $MYUSER | grep "^$MYUSER" | grep -v "$MYSESSION" | cut -d" " -f2`
printf "\e[33mCurrent session\e[0m: $MYUSER[$MYSESSION]\n"
if [[ ! -z $OTHERSESSIONS ]]; then
printf "\e[33mOther sessions:\e[0m\n"
w $MYUSER | egrep "LOGIN#|^$MYUSER" | grep -v "$MYSESSION" | column -t
echo ----------
read -p "Do you want to force close all your other sessions? [Y]Yes/[N]No: " answer
answer=`echo $answer | tr A-Z a-z`
confirm=("y" "yes")
if [[ "${confirm[#]}" =~ "$answer" ]]; then
for SESSION in $OTHERSESSIONS
do
pkill -9 -t $SESSION
echo Session $SESSION closed.
done
fi
else
echo "There are no other sessions for the user '$MYUSER'".
fi
You can use killall command as well .
-o, --older-than
Match only processes that are older (started before) the time specified. The time is specified as a float then a unit. The units are s,m,h,d,w,M,y for seconds, minutes, hours, days,
-e, --exact
Require an exact match for very long names.
-r, --regexp
Interpret process name pattern as an extended regular expression.
This worked like a charm.
If you want to close tty for specific user with all the process, above command is the easiest. You can use:
killall -u user_name
In addition to AIXroot's answer, there is also a logout function that can be used to write a utmp logout record. So if you don't have any processes for user xxxx, but userdel says "userdel: account xxxx is currently in use", you can add a logout record manually. Create a file logout.c like this:
#include <stdio.h>
#include <utmp.h>
int main(int argc, char *argv[])
{
if (argc == 2) {
return logout(argv[1]);
}
else {
fprintf(stderr, "Usage: logout device\n");
return 1;
}
}
Compile it:
gcc -lutil -o logout logout.c
And then run it for whatever it says in the output of finger's "On since" line(s) as a parameter:
# finger xxxx
Login: xxxx Name:
Directory: /home/xxxx Shell: /bin/bash
On since Sun Feb 26 11:06 (GMT) on 127.0.0.1:6 (messages off) from 127.0.0.1
On since Fri Feb 24 16:53 (GMT) on pts/6, idle 3 days 17:16, from 127.0.0.1
Last login Mon Feb 10 14:45 (GMT) on pts/11 from somehost.example.com
Mail last read Sun Feb 27 08:44 2014 (GMT)
No Plan.
# userdel xxxx
userdel: account `xxxx' is currently in use.
# ./logout 127.0.0.1:6
# ./logout pts/6
# userdel xxxx
no crontab for xxxx

How to get the start time of a long-running Linux process?

Is it possible to get the start time of an old running process? It seems that ps will report the date (not the time) if it wasn't started today, and only the year if it wasn't started this year. Is the precision lost forever for old processes?
You can specify a formatter and use lstart, like this command:
ps -eo pid,lstart,cmd
The above command will output all processes, with formatters to get PID, command run, and date+time started.
Example (from Debian/Jessie command line)
$ ps -eo pid,lstart,cmd
PID CMD STARTED
1 Tue Jun 7 01:29:38 2016 /sbin/init
2 Tue Jun 7 01:29:38 2016 [kthreadd]
3 Tue Jun 7 01:29:38 2016 [ksoftirqd/0]
5 Tue Jun 7 01:29:38 2016 [kworker/0:0H]
7 Tue Jun 7 01:29:38 2016 [rcu_sched]
8 Tue Jun 7 01:29:38 2016 [rcu_bh]
9 Tue Jun 7 01:29:38 2016 [migration/0]
10 Tue Jun 7 01:29:38 2016 [kdevtmpfs]
11 Tue Jun 7 01:29:38 2016 [netns]
277 Tue Jun 7 01:29:38 2016 [writeback]
279 Tue Jun 7 01:29:38 2016 [crypto]
...
You can read ps's manpage or check Opengroup's page for the other formatters.
The ps command (at least the procps version used by many Linux distributions) has a number of format fields that relate to the process start time, including lstart which always gives the full date and time the process started:
# ps -p 1 -wo pid,lstart,cmd
PID STARTED CMD
1 Mon Dec 23 00:31:43 2013 /sbin/init
# ps -p 1 -p $$ -wo user,pid,%cpu,%mem,vsz,rss,tty,stat,lstart,cmd
USER PID %CPU %MEM VSZ RSS TT STAT STARTED CMD
root 1 0.0 0.1 2800 1152 ? Ss Mon Dec 23 00:31:44 2013 /sbin/init
root 5151 0.3 0.1 4732 1980 pts/2 S Sat Mar 8 16:50:47 2014 bash
For a discussion of how the information is published in the /proc filesystem, see
https://unix.stackexchange.com/questions/7870/how-to-check-how-long-a-process-has-been-running
(In my experience under Linux, the time stamp on the /proc/ directories seem to be related to a moment when the virtual directory was recently accessed rather than the start time of the processes:
# date; ls -ld /proc/1 /proc/$$
Sat Mar 8 17:14:21 EST 2014
dr-xr-xr-x 7 root root 0 2014-03-08 16:50 /proc/1
dr-xr-xr-x 7 root root 0 2014-03-08 16:51 /proc/5151
Note that in this case I ran a "ps -p 1" command at about 16:50, then spawned a new bash shell, then ran the "ps -p 1 -p $$" command within that shell shortly afterward....)
As a follow-up to Adam Matan's answer, the /proc/<pid> directory's time stamp as such is not necessarily directly useful, but you can use
awk -v RS=')' 'END{print $20}' /proc/12345/stat
to get the start time in clock ticks since system boot.1
This is a slightly tricky unit to use; see also convert jiffies to seconds for details.
awk -v ticks="$(getconf CLK_TCK)" 'NR==1 { now=$1; next }
END { printf "%9.0f\n", now - ($20/ticks) }' /proc/uptime RS=')' /proc/12345/stat
This should give you seconds, which you can pass to strftime() to get a (human-readable, or otherwise) timestamp.
awk -v ticks="$(getconf CLK_TCK)" 'NR==1 { now=$1; next }
END { print strftime("%c", systime() - (now-($20/ticks))) }' /proc/uptime RS=')' /proc/12345/stat
Updated with some fixes from Stephane Chazelas in the comments; thanks as always!
If you only have Mawk, maybe try
awk -v ticks="$(getconf CLK_TCK)" -v epoch="$(date +%s)" '
NR==1 { now=$1; next }
END { printf "%9.0f\n", epoch - (now-($20/ticks)) }' /proc/uptime RS=')' /proc/12345/stat |
xargs -i date -d #{}
1 man proc; search for starttime.
ls -ltrh /proc | grep YOUR-PID-HERE
For example, my Google Chrome's PID is 11583:
ls -l /proc | grep 11583
dr-xr-xr-x 7 adam adam 0 2011-04-20 16:34 11583
$ ps -p 182454 -o lstart=
Mon Oct 18 17:26:44 2021
But can I get the answer in epoch seconds?
ps -eo pid,cmd,lstart | grep YOUR-PID-HERE
ps -eo pid,etime,cmd|sort -n -k2
use the command ls -ld /proc/process_id where process_id can be find using top command

Resources