Skip to content
Documentation menu

Configuration

The optional config file • location, precedence, every key, and the protected-process list.

Kickoutchi runs fine with no config file at all. When you want different defaults, drop a small TOML file in place.

Location

By default Kickoutchi looks in your platform config directory:

Platform Path
Linux $XDG_CONFIG_HOME/kickoutchi/config.toml (usually ~/.config/kickoutchi/config.toml)
macOS ~/Library/Application Support/kickoutchi/config.toml
Windows %APPDATA%\kickoutchi\config.toml

Point at a different file with the global --config FILE flag.

Precedence

Settings have layers, like any self-respecting swamp: built-in defaults at the bottom, then the config file, then CLI flags on top. Most keys override their default; protected_processes extends it (see below).

Keys

Every key is optional. Anything you leave out keeps its default.

Key Type Default Meaning
refresh_interval_seconds integer (1–3600) 3 How often the TUI re-collects ports.
default_sort string "port" Default sort for the CLI and TUI. One of port, pid, protocol, process, parent, scope.
hide_system_processes boolean false Hide conservative system/service rows from the default view.
confirm_force_kill boolean true Require the typed force confirmation for force kills (when --yes is absent).
protected_processes string[] (see below) Extra process names that require stronger confirmation. Added to the built-in list.

Example

~/.config/kickoutchi/config.toml
refresh_interval_seconds = 5
default_sort = "scope"
hide_system_processes = true
confirm_force_kill = true
protected_processes = ["redis", "mysqld"]

Protected processes

protected_processes is additive: your names are added on top of the built-in safety set, never instead of it. Adding redis can’t accidentally strip protection from systemd or postgres.

Matching is exact • case-sensitive on Linux/macOS, case-insensitive on Windows • and never a substring, so postgres-backup-helper doesn’t inherit postgres’s protection. Linux also accepts the kernel’s 15-byte /proc/<pid>/comm truncation for longer protected names when that is the only process name available.

The built-in list covers load-bearing processes whose accidental termination takes your containers, database, init system, or desktop with them:

docker, docker.exe, dockerd, dockerd.exe, docker-proxy, docker-proxy.exe,
Docker Desktop.exe, com.docker.backend, com.docker.backend.exe, postgres,
postgres.exe, systemd, System, smss.exe, csrss.exe, wininit.exe, services.exe,
lsass.exe, svchost.exe, winlogon.exe, explorer.exe, dwm.exe, WindowServer

The list is capped at 256 entries and rejects empty names. See Safety for what “protected” actually changes at kill time.

Hiding system processes

With hide_system_processes = true, the default view drops conservative system/service rows: PID 0 and 1, direct children of PID 1, and a short list of well-known OS process names (plus PID ≤ 4 and children of services.exe on Windows). It’s deliberately cautious • a protected app like postgres is not treated as a system process just because it’s protected; those are two different ideas.