You can see all the questions I have compiled here.
You are already logged into a server and a user runs a fork bomb script. How can you stop the fork bomb without restarting the server or bringing any services offline that are currently running?
You also know the name of the running fork bomb script.
This will tell you how well the canidate knows about the signals Linux uses with processes. I would think most people would say the easy thing
killall -9 scriptName
This will not work due the nature of a fork bomb. The reason is the killall does not hold a lock on the process table so each one that is killed a new one takes its place in the process table.
Also you will not be able to run a killall due to the shell forking off another shell to run the killall
This question also tells you if the admin knows about Linux internals. That just running a killall will fork a new process buy running exec killall will run the killall in the current process and not fork out a new one
So for this I will use a fork bomb script that is written in C. Below is an example
#include <unistd.h>
int main(void)
{
for(;;)
fork();
return 0;
}
We can compile it like
gcc -o fork fork.c
So the way to stop it is sending a SIGSTOP signal to each fork bomb process and once they are all stopped you can send a SIGKILL to each process.
So if you run a
killall -STOP fork
You will get a error message like resources not avaliable so you cannot run that. You can run it with exec.
exec killall -STOP fork
exec killall -9 fork
That will stop the fork bomb.