h a l f b a k e r yApply directly to forehead.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
The textbook newbie mistake on a UNIX system is to
inadvertently type rm -rf / as the superuser. The effect
of this command is
to remove every single file on every mounted drive (or as
many as possible anyway, before the system crashes or the
user realizes
the terrible mistake and yanks
the power cord out of the
wall). Doing so is generally considered poor practice.
You'd
think it
wouldn't happen all that often, but considering that just
seeing that command typed out likely made anyone with
any
familiarity
with UNIX cringe, it happens often enough that it's high
time
for a fix.
An easy solution to this problem would be to modify the
rm program to raise an error if an attempt is made to
remove the
working directory, or any parent. This is as simple as
applying a pattern match, comparing each of the target
files
(properly
globbed and with paths expanded) to the output of
pwd.
In the (vanishingly unlikely) event that you really DID want
to destroy
the system for some reason, you'd have to cd / first,
then
rm -rf *.
I can't think of any reason you'd ever want to deliberately
erase the working directory, but I grant that some idiot
out
there has
probably written some script that depends on this
functionality. Thus, for the sake of compatibility, you
could
also enable legacy
mode by using the --no-seriously-i-know-what-im-doing-
and-i-really-
want-to-do-this option.
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
This can be done quite simply by ailiasing the
rm command with a shell script. This is
Baked and Widely Known To Exist. |
|
|
[-] for anything that restricts the ultimate,
terrifing power of the SuperUser. |
|
|
If you know enough to be able to alias rm to a shell script, you
probably don't need this protection. Anyway, in single user mode
(which is a prime opportunity for a clueless user to screw things up) your aliases are likely to be disabled anyway. |
|
|
//[-] for anything that restricts the ultimate, terrifing power of the
SuperUser.// |
|
|
It's not a restriction. You can still do it if you REALLY want to. You
just have to know the correct incantation. There are actually quite
a few rm implementations nowadays that simply forbid operating
recursively on / without some override switch (check your man
page for details); this strikes me as a hack. The correct behavior
for rm should be to abort if an attempt is made to remove the
working directory, since doing so leaves the system in an
inconsistent state and there's no legitimate reason for doing it
anyway. |
|
|
[marked-for-deletion] remapping the rm -rf command through the logon script is a common practice. |
|
|
And even SU's do it, in case they step out to use the little sysadmin's room, or their fingers betray them after a long night out or summat. |
|
|
So you're saying it never happens? |
|
|
saying what never happens ? people blow their systems up all the time. And what [8th] said. |
|
|
Anyways, among the various pieces of paper currently plugging holes in the wall and lining the birdcage are quite a few that proclaim I'm a UNIX sysadmin; some of them were even issued by people other than myself. |
|
|
Even though at this point in time I can't remember a damned thing about UNIX, at least two of the courses mentioned that you should remap the rm-rf command first thing. |
|
|
It's not such a common practice then, is it? |
|
|
heh, anno edit interruptus. |
|
|
It's a decent'ish idea, but one that root should be responsible for, not ANSI. |
|
|
Ah, you mean cwd (I suppose occasionally reading more than the Title could be useful) ... extra flag or something I suppose, that could fit into a script. |
|
|
Have you checked the Wikipedia entry for rm ? |
|
|
It's clearly enough of a problem that various ways to
prevent it that have been integrated into some
versions of rm, as pointed out above. This solution is
an alternate method that addresses the problem
indirectly, and solves another problem (albeit a less
serious one) besides. |
|
| |