I think pretty much people here mistakenly 'rm -rf
'ed the wrong directory, and hopefully it did not cause a huge damage.. Is there any way to prevent users from doing a similar unix horror story?? Someone mentioned (in the comments section of the previous link) that
… I am pretty sure now every unix course or company using unix sets
rm -fr to disable accounts of people trying to run it or stop them
from running it …
Is there any implementation of that in any current Unix or Linux distro? And what is the common practice to prevent that error even from a sysadmin (with root access)?
It seems that there was some protection for the root directory (/
) in Solaris (since 2005) and GNU (since 2006). Is there anyway to implement the same protection way to some other folders as well??
To give it more clarity, I was not asking about general advice about rm
usage (and I've updated the title to indicate that more), I want something more like the root folder protection: in order to rm -rf /
you have to pass a specific parameter: rm -rf --no-preserve-root /
.. Is there similar implementations for customized set of directories? Or can I specify files in addition to /
to be protected by the preserve-root option?
Best Answer
To avoid a mistaken
rm -rf
, do not typerm -rf
.If you need to delete a directory tree, I recommend the following workflow:
mv directory-to-delete DELETE
DELETE
and check that it is indeed what you wanted to deleterm -rf DELETE
Never call
rm -rf
with an argument other thanDELETE
. Doing the deletion in several stages gives you an opportunity to verify that you aren't deleting the wrong thing, either because of a typo (as inrm -rf /foo /bar
instead ofrm -rf /foo/bar
) or because of a braino (oops, no, I meant to deletefoo.old
and keepfoo.new
).If your problem is that you can't trust others not to type
rm -rf
, consider removing their admin privileges. There's a lot more that can go wrong thanrm
.Always make backups.
Periodically verify that your backups are working and up-to-date.
Keep everything that can't be easily downloaded from somewhere under version control.
With a basic unix system, if you really want to make some directories undeletable by
rm
, replace (or better shadow)rm
by a custom script that rejects certain arguments. Or byhg rm
.Some unix variants offer more possibilities.
chmod +a 'group:everyone deny delete_child' somedir
(this doesn't prevent the deletion of files in subdirectories: if you want that, set the ACL on the subdirectory as well).rm
to modify certain directories.