The Original Instant Messenger System
With the advent of instant messaging or chat programs we seem to have conquered the ubiquitous challenge of maintaining a real time exchange of information while not getting distracted by voice communication. But are these only in the domain of the fancy programs?

The instant messaging or chat concept has been available on *nix for quite a while. In fact, you have a full fledged secure IM system built right into Linux. It allows you to securely talk to anyone connected to the system; no internet connection is required. The chat is enabled through the commands – write, mesg, wall and talk. Let’s examine each of them.

The write command can write to a user’s terminal. If the user has logged in more than one terminal, you can address a specific terminal. Here is how you write a message “Beware of the virus” to the user “oracle” logged in on terminal “pts/3”:

# write oracle pts/3
Beware of the virus

The Control-D key combination ends the message, returns the shell prompt (#) to the user and sends to the user’s terminal. When the above is sent, the user “oracle” will see on terminal pts/3 the messages:

Beware of the virus
Each line will come up as the sender presses ENTER after the lines. When the sender presses Control-D, marking the end of transmission, the receiver sees EOF on the screen. The message will be displayed regardless of the current action of the user. If the user is editing a file in vi, the message comes and the user can clear it by pressing Control-L. If the user is on SQL*Plus prompt, the message still comes but does not affect the keystrokes of the user.

What if you don’t want that slight inconvenience? You don’t want anyone to send a message to you – akin to “leave the phone off the hook”. You can do that via the mesg command. This command disables others ability to send you a message. The command without any arguments shows the ability:

# mesg
is y
It shows that others can write to you. To turn it off:

# mesg n
Now to confirm:

# mesg
is n
When you attempt to write to the users’ terminals, you may want to know which terminals have disabled this writing from others. The who -T command (described earlier in this installment) shows you that:

# who -TH
NAME       LINE          TIME         COMMENT
oracle   + pts/2        Jan 11 12:08 (
oracle   + pts/3        Jan 11 12:08 (
oracle   – pts/4        Jan 11 12:08 (
root     + pts/1        Dec 26 13:42 (:0.0)
root     ? :0           Oct 23 15:32
The + sign before the terminal name indicates that it accepts write commands from others; the “-“ sign indicates that it doesn’t. The “?” indicates that the terminal does not support writing to it, e.g. an X-window session.

What if you want to write to all the logged in users? Instead of typing to each user, use the wall command:

# wall
hello everyone
When sent, the following shows up on the terminals of all logged in users:

Broadcast message from oracle  (pts/2) (Thu Jan  8 16:37:25 2009):
hello everyone
This is very useful for root user. When you want to shutdown the system, unmount a filesystem or perform similar administrative functions you may want all users to log off. Use this command to send a message to all.

Finally, the program talk allows you to chat in real time.  Just type the following:

# talk oracle pts/2
If you want to talk to a user on a different server – prolin2 – you can use

# talk oracle@prolin2 pts/2
It brings up a chat window on the other terminal and now you can chat in real time. Is it that different from a “professional” chat program you are using now? Probably not. Oh, by the way, to make the talk work, you should make sure the talkd daemon is running, which may not have been installed.

Yes, it’s a command, even if it’s just one letter long! The command w is a combination of uptime and who commands given one immediately after the other, in that order. Let’s see a very common output without any arguments and options.

# w
 17:29:22 up 672 days, 18:31,   2 users,  load average: 4.52,  4.54, 4.59
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
oracle   pts/1    16:43    0.00s   0.06s  0.01s w
oracle   pts/2    17:26   57.00s   3.17s  3.17s sqlplus   as sysdba
… and so  on …
The output has two distinct parts. The first part shows the output of the uptime command (described above in this installment) which shows how long the server has been up, how many users have logged in and the load average for last 1, 5 and 15 minutes. The parts of the output have been explained under the uptime command. The second part of the output shows the output of the who command with the option -H (also explained in this installment). Again, these various columns have been explained under the who command.

If you rather not display the header, use the -h option.

#  w -h
oracle   pts/1    16:43    0.00s   0.02s  0.01s w -h
This removes the header from the output. It’s useful in shell scripts where you want to read and act on the output without the additional burden of skipping the header.

The -s option produces a compact (short) version of the output, removing the login time, JPCU and PCPU times.

# w -s
 17:30:07 up 672 days, 18:32,   2 users,  load average: 5.03,  4.65, 4.63
USER     TTY      FROM               IDLE WHAT
oracle   pts/1     0.00s w -s
oracle   pts/2     1:42  sqlplus   as sysdba
You might find that the “FROM” field is really not very useful. It shows the IP address of the same server, since the logins are all local. To save the space on the output, you may want to suppress that. The -f option disables printing of the FROM field:

# w -f
 17:30:53 up 672 days, 18:33,   2 users,  load average: 4.77,  4.65, 4.63
oracle   pts/1      16:43    0.00s  0.06s   0.00s w -f
oracle   pts/2      17:26    2:28   3.17s   3.17s sqlplus   as sysdba
The command accepts only one parameter: the name of a user. By default w shows the process and logins for all users. If you put a username, it shows the logins for that user only. For instance, to show logins for root only, issue:

# w -h root
root     pts/1    :0.0             26Dec08 13days 0.01s   0.01s bash
root     :0       –                23Oct08 ?xdm?   21:13m  1.81s  /usr/bin/gnome-session
The -h option was used to suppress displaying header.

A process is running and you want the process to be terminated. What should you do? The process runs in the background so there is no going to the terminal and pressing Control-C; or, the process belongs to another user (using the same userid, such as “oracle”) and you want to terminate it. The kill command comes to rescue; it does what its name suggests – it kills the process. The most common use is:

# kill
Suppose you want to kill a process called sqlplus issued by the user oracle, you need to know its processid, or PID:

# ps -aef|grep sqlplus|grep ananda
oracle    8728 23916  0 10:36 pts/3    00:00:00 sqlplus
oracle    8768 23896  0 10:36 pts/2    00:00:00  grep sqlplus
Now, to kill the PID 8728:

# kill 8728
That’s it; the process is killed. Of course, you have to be the same user (oracle) to kill a process kicked off by oracle. To kill processes kicked off by other users you have to be super user – root.

Sometimes you may want to merely halt the process instead of killing it. You can use the option -SIGSTOP with the kill command.

# kill -SIGSTOP 9790
# ps -aef|grep sqlplus|grep oracle
oracle    9790 23916   0 10:41 pts/3    00:00:00 sqlplus   as sysdba
oracle    9885 23896  0 10:41 pts/2    00:00:00  grep sqlplus
This is good for background jobs but with the foreground processes, it merely stops the process and removes the control from the user. So, if you check for the process again after issuing the command:

# ps -aef|grep sqlplus|grep oracle
oracle    9790 23916  0 10:41 pts/3    00:00:00 sqlplus   as sysdba
oracle   10144 23896  0 10:42 pts/2    00:00:00  grep sqlplus
You see that the process is still running. It has not been terminated. To kill this process, and any stubborn processes that refuse to be terminated, you have to pass a new signal called SIGKILL. The default signal is SIGTERM.

# kill -SIGKILL 9790
# ps -aef|grep sqlplus|grep oracle
oracle   10092 23916  0 10:42 pts/3    00:00:00 sqlplus   as sysdba
oracle   10198 23896  0 10:43 pts/2    00:00:00  grep sqlplus
Note the options -SIGSTOP and -SIGKILL, which pass a specific signal (stop and kill, respectively) to the process. Likewise there are several other signals you can use. To get a listing of all the available signals, you can use the -l (that’s the letter “L”, not the numeral “1”) option:

# kill -l
 1) SIGHUP       2) SIGINT       3) SIGQUIT      4) SIGILL
 5) SIGTRAP      6) SIGABRT      7) SIGBUS       8) SIGFPE
 9) SIGKILL     10) SIGUSR1     11) SIGSEGV     12) SIGUSR2
13) SIGPIPE     14) SIGALRM     15) SIGTERM     17) SIGCHLD
18) SIGCONT     19) SIGSTOP     20) SIGTSTP     21) SIGTTIN
22) SIGTTOU     23) SIGURG      24) SIGXCPU     25) SIGXFSZ
30) SIGPWR      31) SIGSYS      34) SIGRTMIN    35) SIGRTMIN+1
You can also use the numeral equivalent of the signal in place of the actual signal name. For instance, instead of kill -SIGKILL 9790, you can use kill -9 9790.

By the way, this is an interesting command. Remember, almost all Linux commands are usually executable files located in /bin, /sbin/, /user/bin and similar directories. The PATH executable determines where these command files can be found. Some other commands are an actually “built-in” command, i.e. they are part of the shell itself. One such example is kill. To demonstrate, give the following:

# kill -h
-bash: kill: h: invalid signal  specification
Note the output that came back from the bash shell. The usage is incorrect since the -h argument was not expected. Now use the following:

# /bin/kill -h
usage: kill [ -s signal | -p ]  [ -a ] pid …
       kill -l [ signal ]
Aha! This version of the command kill as an executable in the /bin directory accepted the option -h properly. Now you know the subtle difference between the shell built-in commands and their namesake utilities in the form of executable files.

Why is it important to know the difference? It’s important because the functionality varies significantly across these two forms. The kill built-in has lesser functionality than its utility equivalent. When you issue the command kill, you are actually invoking the built-in, not the utility. To add the other functionality, you have to use the /bin/kill utility.

The kill utility has many options and arguments. The most popular is the kill command used to kill the processes with process names, rather than PIDs. Here is an example where you want to kill all processes with the name sqlplus:

# /bin/kill sqlplus
[1]   Terminated              sqlplus
[2]   Terminated              sqlplus
[3]   Terminated              sqlplus
[4]   Terminated              sqlplus
[5]   Terminated              sqlplus
[6]   Terminated              sqlplus
[7]-  Terminated              sqlplus
[8]+  Terminated              sqlplus
Sometimes you may want to see all the process IDs kill will terminate. The -p option accomplishes that. It prints all the PIDs it would have killed, without actually killing them. It serves as a confirmation prior to action:

#  /bin/kill -p sqlplus
The output shows the PIDs of the processes it would have killed. If you reissue the command without the -p option, it will kill all those processes.

At this time you may be tempted to know which other commands are “built-in” in the shell, instead of being utilities.

# man -k builtin
. [builtins]         (1)   – bash built-in commands, see bash(1)
: [builtins]         (1)   – bash built-in commands, see bash(1)
[ [builtins]         (1)   – bash built-in commands, see bash(1)
alias [builtins]     (1)   – bash built-in commands, see bash(1)
bash [builtins]      (1)   – bash built-in commands, see bash(1)
bg [builtins]        (1)   – bash built-in commands, see bash(1)
… and so on …
Some entries seem familiar – alias, bg and so on. Some are purely built-ins, e.g. alias. There is no executable file called alias.

Usage for Oracle Users
Killing a process has many uses – mostly to kill zombie processes, processes that are in the background and others that have stopped responding to the normal shutdown commands. For instance, the Oracle database instance is not shutting down as a result of some memory issue. You have to bring it down by killing one of the key processes like pmon or smon. This should not be an activity to be performed all the time, just when you don’t have much choice.

You may want to kill all sqlplus sessions or all rman jobs using the utility kill command. Oracle Enterprise Manager processes run as perl processes; or DBCA or DBUA processes run, which you may want to kill quickly:

# /bin/kill perl rman perl dbca  dbua java
There is also a more common use of the command. When you want to terminate a user session in Oracle Database, you typically do this:

Find the SID and Serial# of the session
Kill the session using ALTER SYSTEM command
Let’s see what happens when we want to kill the session of the user SH.

SQL> select sid, serial#,  status
  2  from v$session
  3* where username = ‘SH’;
———- ———- ——–
       116       5784  INACTIVE
SQL> alter system kill  session ‘116,5784’
  2  /
System altered.
It’s killed; but when you check the status of the session:
———- ———- ——–
       116       5784 KILLED
It shows as KILLED, not completely gone. It happens because Oracle waits until the user SH gets to his session and attempts to do something, during which he gets the message “ORA-00028: your session has been killed”. After that time the session disappears from V$SESSION.

A faster way to kill a session is to kill the corresponding server process at the Linux level. To do so, first find the PID of the server process:

SQL> select spid
  2  from v$process
  3  where addr =
  4  (
  5     select paddr
  6     from v$session
  7     where username =  ‘SH’
  8  );
The SPID is the Process ID of the server process. Now kill this process:

# kill -9 30986
Now if you check the view V$SESSION, it will be gone immediately. The user will not get a message immediately; but if he attempts to perform a database query, he will get:

ERROR at line 1:
ORA-03135: connection lost  contact
Process ID: 30986
Session ID: 125 Serial number:  34528
This is a faster method to kill a session but there are some caveats. The Oracle database has to perform a session cleanup–rollback changes and so on. So this should be performed only when the sessions are idle. Otherwise you can use one of the two other ways to kill a session immediately:

alter system disconnect session  ‘125,35447’ immediate;
alter system disconnect session  ‘125,35447’ post_transaction;

Unlike the dual nature of kill, killall is purely a utility, i.e. this is an executable program in the /usr/bin directory. The command is similar to kill in functionality but instead of killing a process based on its PID, it accepts the process name as an argument. For instance, to kill all sqlplus processes, issue:

# killall sqlplus
This kills all processes named sqlplus (which you have the permission to kill, of course). Unlike the kill built-in command, you don’t need to know the Process ID of the processes to be killed.

If the command does not terminate the process, or the process does not respond to a TERM signal, you can send an explicit SIGKILL signal as you saw in the kill command using the -s option.

# killall -s SIGKILL sqlplus
Like kill, you can use -9 option in lieu of -s SIGKILL. For a list of all available signals, you can use the -l option.

# killall -l
To get a verbose output of the killall command, use the -v option:

# killall -v sqlplus
Killed sqlplus(26448) with signal 15
Killed sqlplus(26452) with signal 15
Killed sqlplus(26456) with signal 15
Killed sqlplus(26457) with signal 15
… and so on …
Sometimes you may want to examine the process before terminating it. The -i option allows you run it interactively. This option prompts for your input before killing it:

# killall -i sqlplus
Kill sqlplus(2537) ? (y/n) n
Kill sqlplus(2555) ? (y/n) n
Kill sqlplus(2555) ? (y/n) y
Killed sqlplus(2555) with signal 15
What happens when you pass a wrong process name?

# killall wrong_process
wrong_process: no process  killed
There is no such running process called wrong_process so nothing was killed and the output clearly showed that. To suppress this complaint “no process killed”, use the -q option. That option comes handy in shell scripts where you can’t parse the output. Rather, you want to capture the return code from the command:

# killall -q wrong_process
# echo $?
The return code (shown by the shell variable $?) is “1”, instead of “0”, meaning failure. You can check the return code to examine whether the killall process was successful, i.e. the return code was “0”.

One interesting thing about this command is that it does not kill itself. Of course, it kills other killall commands given elsewhere but not itself.

Usage for Oracle Users
Like the kill command, the killall command is also used to kill processes. The biggest advantage of killall is the ability to display the processid and the interactive nature. Suppose you want to kill all perl, java, sqlplus, rman and dbca processes but do it interactively; you can issue:

# killall -i -p perl sqlplus  java rman dbca
Kill sqlplus(pgid 7053) ? (y/n) n
Kill perl(pgid 31233) ? (y/n) n
… and so on …
This allows you to view the PID before you kill them, which can be very useful.

In this installment you learned about these commands (shown in alphabetical order)

dig             A newer version of nslookup
ifconfig       To display information on network interfaces
kill              Kill a specific process
killall            Kill a specific process, a group of processes and names matching a pattern
mesg          To turn on or off the ability of others to display something on one’s terminal.
netstat       To display statistics and other metrics on network interface usage
nslookup     To lookup a hostname for its IP address or lookup IP address for its hostname on the DNS
talk            To establish an Instant Message system between two users for realtime chat
uptime        How long the system has been up and its load average for 1, 5 and 15 minutes
w               Combination of uptime and who
wall            To display some text on the terminals of all the logged in users
who           To display the users logged into the system and what they are doing
write          To instantly display something on a specific user’s terminal session

(Extracted from oracle technet notes author Arup Nanda)