Posts RSS Comments RSS 48 Posts and 155 Comments till now

Using Applescript to kill off a process

I use AppleScript to clean up some temp spaces on my lab machines. It’s easy to use and gives me most of what I need without a lot of shell programming. However, to do some of the cleaning I have to call up the Finder. That’s fine if the machine is already logged in but what if it isn’t? My cleanup script runs around 2 AM each morning when no ones around and no one’s logged in.

The issue with that is since the script runs as root it launchs the Finder as root. And leaves it running as root. So if you were to go to one of those machines in the morning you’d see the Finder running underneath the Login window. If you log in as a normal user it doesn’t restart the Finder, just leaves it running as Root. So, anybody could come along, log in and have complete root privileges to the entire system until they log out. Can you say security issue?

So, I have a small script that I keep around for just such an occasion. It does a search and destroy for the Finder process ID and kills it at the end of the script so we aren’t leaving root hanging around.

[codesyntax lang=”applescript” lines=”no”]
set app_name to “Finder”
set the_pid to (do shell script “ps ax | grep ” & (quoted form of app_name) & ” | grep -v grep | awk ‘{print $1}'”)
if the_pid is not “” then do shell script (“kill -9 ” & the_pid)
[/codesyntax]

First we set the variable “app_name” to the name of the process we want to kill.

Next we set the variable “the_pid” to the process ID of that process. It takes a little fancy shell scripting and text manipulation to get that.

Finally, if we did find it then we send the “kill -9” command with the process ID to kill it off. Using “kill -9” is basically saying “Die and no back talk”.

Now you’ve successfully killed off the Finder running as root and closed the hole. You can use this script to kill off other processes as well.

:: Jul.18.2007 :: Applescript, Scripts :: 13 Comments »

13 Responses to “Using Applescript to kill off a process”

  1. on 13 Jul 2010 at 10:17 am1liam

    really cool 🙂

  2. on 02 Sep 2010 at 11:27 am2Jeff

    Thanks a lot! It’s very useful!

  3. on 14 Mar 2011 at 9:43 pm3harbot

    Very nice Thank you!!!

  4. on 05 Nov 2011 at 8:23 pm4karotto

    Thank you SOO much. It helped me to do something important

  5. on 08 Feb 2012 at 1:28 am5matt

    I like this little script – thanks.

    However, what if you have multiple instances of the same app running?

    The script currently errors out with…

    error “sh: line 0: kill: 29972
    29974: arguments must be process or job IDs” number 1

    where 29972 and 29974 are the two instances of the same app

    any way to have the script run kill -9 on multiple instances?

  6. on 25 Feb 2012 at 1:48 am6Nick Lightbody

    Hi

    Thanks very much – exactly what I needed just to stop a single java process from within Filemaker Pro, works perfectly.

    Best regards

    Nick

  7. on 05 Apr 2012 at 5:08 pm7mg

    it gave me error “sh: line 0: kill: (4812) – Operation not permitted” number 1

  8. on 06 Apr 2012 at 9:51 am8webmaster

    That usually means you’re trying to kill a process that your currently logged in account doesn’t own. Try adding “with administrator privileges” to the end of the last line. It will then prompt for an admin name and password before executing.

  9. on 10 May 2013 at 8:26 pm9ben

    Im going to second #5’s comment that this only works if there is only one process with that name, or (I’d add) the process has no children. In this case we’ll need to make them comma separated process ID’s and and treat the_pid as a list and loop though it.

    Not sure how to go about the comma separated bit. There’s a lot of pipes and grep going on there 🙂

  10. on 30 Jul 2013 at 1:14 pm10George

    Here is a version that handles multiple (or no) matching processes.

    set app_name to “Finder”
    set the_pids to (do shell script “ps ax | grep ” & (quoted form of app_name) & “| grep -v grep | awk ‘{printf \”%d \”, $1}'”)
    do shell script (“for PID in ” & the_pids & “; do kill -9 $PID; done “)

    The change from “print” to “printf” in the awk command outputs all found PIDs on a single line. That in-line list is then used in a for loop to kill any/all of the processes in sequence.

  11. on 10 Oct 2013 at 12:57 pm11djk

    @george

    tried your version on snow leopard.

    I get the following message.

    “Expected expression but found unknown token”

  12. on 12 Dec 2014 at 7:09 pm12notMe

    @djk
    George’s Version is ok with SnoLeo, but after copying the script, you have first to replace all single (this one ‘ ) and double quotes (this one ” ). Probably a matter of keyboards or encodings (or something else….:)

  13. on 24 Jan 2016 at 11:55 am13Les

    Doesn’t the good ol’ UNIX process, killall, do the trick as well?