kill users processes in linux with php

Question

I am trying to write a php script to kill users in a redhat machine.

I know it is possible (and very insecure) to give apache the ability to do things as root, but I need to be able to kill any user from a web page, does anyone have any good working scripts or point me to a place to find some more info? I can use this code (which I took from php.net) to make it work, but I assume that this will work only if I give apache root permission or run apache as root.

<?php
    exec("kill -9 $pid");
?>

This command pulls the user and their process id which I assume once the apache issue is figured out will work just fine for grabbing the list of users for me to output.

who -u | awk '{print $1" "$7}'

I can't really think of any other info I can give on this, so let me know if I am forgetting anything.

haha I never thought of it like that, maybe we need a tech mob. — Toby Joiner, Jun 10 '11 at 16:23
it's for real, my mother walked into my room, glanced at the screen and asked me what kind of websites I visit :-) — Blagovest Buyukliev, Jun 10 '11 at 16:26

score 3 · Accepted Answer · edited Jun 06 '17 at 15:13

3

Use the skill command instead:

skill -9 -u username

edited Jun 06 '17 at 15:13

lewiatan

1,126
2
21
37

answered Jun 10 '11 at 15:49

Emil Vikström

90,431
16
141
175

that works when I run it as root, but as apache, it does not work. I also tried pkill since that was recommended when I looked up skill – Toby Joiner Jun 10 '11 at 16:40
I made this work by giving the apache user sudo access to skill with apache ALL=(root) NOPASSWD: /usr/bin/skill – Toby Joiner Jun 16 '11 at 04:24
I have same requirement, but I am doubtful about the security if I give access to apache. Please tell me is there any secure alternative for same, I thought of saving the process to be killed in a mysql table and executing a cron to kill them every minute. Any suggestions? – Ruhi Singh Sep 03 '13 at 11:20
@Toby Joiner Can you make it more clear of, how can we give www-data user get access to run the skill command? – Sanjay Kumar N S Jul 30 '14 at 07:33
Ruhi, sorry I did not see your question forever ago. @Sanjay Not sure what you are asking. I did it in the sudoers file with the above addition. I did it with the apache user, but I suppose you could do it with www-data the same way. – Toby Joiner Aug 12 '14 at 14:51

kill users processes in linux with php

1 Answers1

Linked