I haven't tried this command on Ubuntu (for obvious reasons) so I am not sure if Ubuntu will allow its execution. But it's famous for deleting everything. Just out of curiosity, what happens when the kernel and /bin are deleted? How does rm maintain a run time stack? How does rm manage to communicate with the file system and complete deletion? How does it communicate with hardware?
Filesystem – How ‘rm -rf /’ Deletes All Files in the System
filesystemkernelrm
Best Answer
It doesn't matter that
/bin/rmis deleted. It's only being run once and by that point it's all loaded in memory, as is everything else required to keep sending deletes to the filesystem and disk.Sidebar/Update: Per David Hoelzer's answer (and mentioned in the comments), the inode the hardlink
/bin/rmused to point to would remain right up untilrmfinished (because Linux holds in an open state) but that fact is irrelevant; the state of the disk doesn't matter at all.The binary is loaded into memory before it is run. Even if you could manually destroy the
rmdisk data, it wouldn't affect or stop the deletion from completing (assuming you don't otherwise make the disk unavailable).No idea what an inode or hardlink are? This is the answer where I worked it out.
Anyway, this is also why you can delete the package for the current kernel without the computer imploding. As long as you install a different version, it'll be able to boot up.
Again, this works because
rmis only called once. The following would fail after/bin/rmdied because it calls it once for every filename:That said,
find / -exec rm -rf {} +andfind / -print0 | xargs -0 rm -rfwould also both likely fail because they both have argument limits, meaning they would only delete a number of files before being called again. At some point along the journey,/bin/rmcould expire (and be released) before the rest of the files were deleted. It's not guaranteed though. If/bin/were the last directory entered, these methods could work.