At some point in a Linux System Administrator's career they will need to kick a user off of a system. Usually it is because the user left an open session and you want to reboot the system or do some other maintenance. In this quick tip we will discuss the step's to forcefully kick a user off of a system.
Find a List of Logged In Users
You can use the "who" command to find a list of users currently logged into the system. Using the -u (--users) option will also display the PID (process ID) of the users shell session.
$ who -u
savona pts/1 2019-03-16 09:46 . 6063 (192.168.122.1)
stacy pts/0 2019-03-16 17:07 . 9940 (192.168.122.1)
Let's kick the user "stacy" so we can complete our maintenance.
Warn the User of the Impending Disconnection
It is always best practice to warn users before performing a reboot or disconnection. If the user is doing something malicious or abusing the system in some way, then by all means kick them without warning.
When we ran the who command, it showed us which pts (pseudo terminal) the user is connected to. We can display a message on their terminal by using the echo command and piping it to the write command.
echo "Your session will be terminated in 2 minutes for maintenance." | write stacy pts/0
You can make the message whatever you like. It is basic etiquette to give the user some time to save their work and log out.
End the Users Shell Process
When you are ready to kick the user, send the SIGHUP to the users shell process. A SIGHUP signal is the same signal the process would receive when the controlling terminal is closed.
sudo kill -HUP 9940
The number at the end of the above command is the process ID of the users shell. We found the process ID using the who command above.
Sometimes there is a process that hangs. In that case we can send a SIGKILL (kill -9) to the PID. This is exactly what it sounds like. It will immediately terminate ANY process, so be careful.
sudo kill -9 9940
My preferred way of kicking a user it to use pkill to send a SIGHUP to all of the users processes. The pkill command is a wrapper for kill and allows for signalling a process by name rather than PID (process ID).
sudo pkill -HUP -u stacy
Disable User Logins
Optionally, you may want to temporarily disable user logins before you start your maintenance.
If you want to learn how to disable user logins read "Disable User Logins to Linux Systems".
Conclusion
You should now know how to disconnect a user from your Linux system. We also discussed some good SysAdmin etiquette. If you have any comments we would love to hear them.
A little story... I spent almost my three last years in undergrad school at a phylogeny lab dealing with DNA sequences. I had my own project and there was only one other student at the lab at the time. He had just started Master's and was learning Linux...
I was a little more experienced than him, in truth, with Linux even though I was not such power user at the time... Anyways, the fact is that the lab had about 6 old desktops and they had just bought a new Server for the lab and were trying to set that up ... The master's degree student liked a GOOEY and stood for Windows so he installed that in the Server computer... After a little time, they decided to change the server to Linux for good, though, which is the only sane thing they could do about the server, in my opinion...
I remember I was trying to perform some DNA alignments that consumed a lot of RAM and therefore I tried to install a lot of alignment programmes in the Server to see whether any one of those would run my data with the limited 12GB RAM + 10GB SWAP of the server.. Of course, I had to install all those programmes under root as it is rather impossible to install some applications under your user only, specially if you are using Debian official repos...
So I think the master student did not like that and some days later, changed the password for the Server (there was only one account set at the time as there were only few students and teachers in the lab that could use the Server, anyway...).
Not happy enough with that, he decided to format all 6 old PCS at the lab. I had done such great partitioning schemes when I installed Linux for dual booting in some of those old PCS ... The master student wiped all of the old PCs and installed Linux in ONE huge partition, not even separating root from home... AND he set up passwords for all PCS so I could not use them! I asked my teacher to give me access to those computers and he said to ask the Master's student, who, in turn, said I should ask the teacher... Also, the student said he put passwords so that he could protect those computers.... From whom???? As there were only the two of us who worked at the lab full time ( I was more full-time than he, as a matter of fact), plus the teachers, I said that there was no need for passwords for those old PCS at all or the Server , even! If something broke, he could simply ask me if it was me who broke it...
So, suddenly, I was kicked out of all those computers and the server at the phylogeny lab!
I never felt so much like Richard Stallman when he was at MIT and decided to counter up setting passwords for MIT computers! So, as my dissertation was almost complete, I quit going to the lab..
Nowadays, I think I should have booted from a live Pendrive and emptied those passwords to free the computing!
Apt-get install slay; slay stacy
I was aware how easy it is to write to some user terminal. Tanks for the trick!
I will add it to my linux-super-cheatsheet:
Thanks for such a post, very informative and useful article
If you have multiple users (20+) logged in...
Is there a way to send them the message all at once and kick them all out with simple commands?