ops-jrz1/scripts/killswitch

#!/run/current-system/sw/bin/bash
# killswitch - Immediately terminate all processes for a user
# Usage: killswitch <username> [reason]

set -euo pipefail

# NixOS paths
PATH="/run/current-system/sw/bin:$PATH"

if [ $# -lt 1 ]; then
    echo "Usage: killswitch <username> [reason]" >&2
    exit 1
fi

TARGET_USER="$1"
REASON="${2:-manual kill}"

if ! id "$TARGET_USER" &>/dev/null; then
    echo "User not found: $TARGET_USER" >&2
    exit 1
fi

# Don't allow killing root or system users
UID_NUM=$(id -u "$TARGET_USER")
if [ "$UID_NUM" -lt 1000 ]; then
    echo "Refusing to kill system user: $TARGET_USER (uid $UID_NUM)" >&2
    exit 1
fi

logger -t killswitch "Killing all processes for $TARGET_USER: $REASON"

# Kill all processes
pkill -u "$TARGET_USER" 2>/dev/null || true

# Terminate login session
loginctl terminate-user "$TARGET_USER" 2>/dev/null || true

echo "Killed $TARGET_USER: $REASON"