Identify a memory-hogging process, terminate it gracefully with SIGTERM, and escalate to SIGKILL only when it refuses to exit. Enumerate available signals and use a shell trap to handle SIGINT with a custom message.
A teammate started a background process called
memhog that is consuming excessive memory and
impacting system performance. You need to locate the PID,
attempt a clean stop using SIGTERM, confirm whether
it exited, then force-stop it with SIGKILL if it
continues running.
Signals are an operator’s control surface. Prefer graceful termination for predictable cleanup, but know when to escalate and how to prove what happened with verifiable checks.
memhog process and capture its PID.SIGTERM using signal name or number.SIGKILL when SIGTERM fails.trap so Ctrl+C (SIGINT) prints a message.ps and filtering via grep.
SIGTERM (15) vs SIGKILL (9).
ps -p and pgrep.
kill -l.
SIGINT interactively using trap.
memhog.
ps aux | grep memhog
This gives you the PID plus resource usage context. Expect to
see your grep process too, so focus on the row
that is actually running memhog.
user123 5268 98.1 45.3 1612932 924392 pts/0 R 13:22 2:11 memhogSIGTERM to request a clean shutdown.
kill -SIGTERM 5268
# OR
kill -15 5268
SIGTERM (15) asks the process to exit gracefully.
Many well-behaved programs trap this signal to flush buffers,
close files, and release locks before shutting down.
# Expected result:
# No output on success (most common).ps -p 5268
# OR
pgrep memhogA lingering PID after a reasonable wait means the process either ignored the signal or is stuck. In this lab scenario, the PID still exists, which triggers escalation.
PID TTY TIME CMD
5268 ? 00:02:11 memhogSIGKILL to force-stop it.
SIGKILL cannot be handled. The process is
terminated immediately with no cleanup, which can leave
partial output or locked resources depending on workload.
kill -9 5268
# OR
kill -SIGKILL 5268
Use SIGKILL (9) only when graceful termination
fails and the impact justifies the forced stop.
# Verify again:
ps -p 5268
pgrep memhogps -p 5268
# OR
pgrep memhogYour confirmation is the proof. If there is no PID row and no name match, the process is gone.
# Expected result:
# No such process / no matches returned.kill -l
kill -l prints signal names and numbers for the
platform you are running. This is useful when you remember a
name but not the number (or the other way around).
1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 6) SIGABRT 7) SIGBUS
8) SIGFPE 9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM
15) SIGTERM 16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN
22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH
29) SIGIO 30) SIGPWR 31) SIGSYStrap 'echo Signal caught!' SIGINT
trap lets you define a handler for signals in
your current shell session. After setting this, pressing
Ctrl+C will run your handler instead of immediately interrupting
the shell’s current foreground job.
# Press Ctrl+C to test:
Signal caught!ps aux | grep <pattern>
: Finds matching processes and shows resource usage context.
kill -SIGTERM <pid>
/ kill -15 <pid>
: Requests graceful termination.
kill -SIGKILL <pid>
/ kill -9 <pid>
: Forces immediate termination with no cleanup.
ps -p <pid>
: Checks whether a PID still exists.
pgrep <name>
: Checks whether any processes match a name/pattern.
kill -l
: Lists signal names and numbers available on the system.
trap '<commands>' <signal>
: Runs commands when the shell receives the specified signal.