如何临时解决sftp客户端会话进程不释放问题?
- By : Will
- Category : FTP & SFTP & FTPS
FTP & SFTP & FTPS
1 前言
一个问题,一篇文章,一出故事。
笔者今天遇到一个非标准的sftp客户端,断开连接后留下部分会话进程不能正常释放。
如果使用命令行查看进程,可见如下显示,
ps -eo pid,lstart,cmd | grep sftp | grep will | grep cmdschool.org
可见如下显示,
#... 1416409 Tue Jan 20 15:35:22 2026 sftpd: cmdschool.org\\will [priv] 1416415 Tue Jan 20 15:35:23 2026 sftpd: will@cmdschool.org@notty 1416416 Tue Jan 20 15:35:23 2026 sftpd: will@cmdschool.org@internal-sftp
基于以上问题于是我总结本章的临时解决方案。
2 最佳实践
2.1 测试环境
2.2 部署监控脚本
2.2.1 创建脚本
vim ~/scripts/killSftpProcess.sh
加入如下配置,
#!/bin/bash
# Config: Target process pattern, username, timeout (1 hour = 3600s)
#processPattern="sftpd: .*@internal-sftp"
#processPattern="sftpd: .*@notty"
processPattern="sftpd: .*\[priv\]"
userName="will"
domainName="cmdschool.org"
timeoutSeconds=86400
logFile="/var/log/sftp/killSftpProcess.log"
# Current timestamp (seconds since epoch)
currentTimestamp=$(date +%s)
# Iterate ps output line by line (IFS = newline)
IFS=$'\n'
psList=$(ps -eo pid,lstart,cmd | grep -E "$processPattern" | grep "$userName" | grep "$domainName")
for psLine in $psList; do
[ -z "$psLine" ] && continue # Skip empty lines
# Extract process info (PID, start time, command)
pid=$(echo "$psLine" | awk '{print $1}')
lstart=$(echo "$psLine" | awk '{print $2" "$3" "$4" "$5" "$6}')
cmd=$(echo "$psLine" | awk '{print $7" "$8}')
# Convert start time to timestamp (suppress errors)
startTimestamp=$(date -d "$lstart" +%s 2>/dev/null)
# Calculate runtime and check timeout
runTime=$((currentTimestamp - startTimestamp))
if [ "$runTime" -le "$timeoutSeconds" ]; then
continue
fi
runHours=$((runTime/3600))
runMinutes=$(((runTime%3600)/60))
echo "$(date +'%Y-%m-%d %H:%M:%S') Process $pid running for $runHours""h $runMinutes""m, terminating" | tee -a "$logFile"
# Kill process (graceful → force)
kill "$pid" 2>/dev/null || kill -9 "$pid" 2>/dev/null
echo "----------------------------------------"
done
2.2.2 测试脚本
bash ~/scripts/killSftpProcess.sh
2.2.3 设置脚本触发
*/5 * * * * bash ~/scripts/killSftpProcess.sh
没有评论