You are not logged in.
Pages: 1
Is there any way to protect certain directories from deletion as root? Today I just installed a second distro along side arch and without due care I rm -rf * (my current working directory was /, I was half asleep). I was lucky that it didn't remove /boot (which has several kernels) or /home which is shared between distros and has some data that would be a pain in the ass to lose. It prompted me to make some changes to my mount, I now only mount partitions holding windows/arch/distroX/boot/foo as needed and with certain mounts (like boot) I can mount as ro.
There are two issues - the first being that I have a /home mount that is shared across distros. Since i need write access for the distro I have currently booted I cannot mount it as ro. Is there a sysctl setting I can use to mark some directories as read only? is there support in the kernel to do so? is there a patch that does so? The second is just /, it would be at least nice to be asked, first, if you want to rm -rf /, I doubt there are many instance where you would want to do that. Is there any protection available for these issues?
Thanks
Offline
alias rm='rm -I' or alias rm='rm -i' if you are really sleeping
Offline
alias rm='rm -I' or alias rm='rm -i' if you are really sleeping
If you run 'rm -rf *' with these aliases, you won't get promped, it will just remove everything:
[karol@black foo2]$ touch 1 2 3 4
[karol@black foo2]$ ls -1
1
2
3
4
[karol@black foo2]$ type rm
rm is aliased to `rm -i'
[karol@black foo2]$ rm 1
rm: remove regular empty file `1'? ^C
[karol@black foo2]$ rm -rfi *
rm: remove regular empty file `1'? ^C
[karol@black foo2]$ rm -rf *
[karol@black foo2]$ ls
[karol@black foo2]$
Offline
If you run 'rm -rf *' with these aliases, you won't get promped, it will just remove everything:
Another good reason to stay awake and test before hand.
Offline
I'm not sure what unintended consequences this might have, but you could set the 'a' or 'i' attribute on the directory. See "man 1 chattr".
Offline
Perhaps this could be a good reason to use sudo?
Offline
Don't think there's really a way to protect yourself. Even aliasing rm -I won't help you much, as it will trigger at nearly every use, so after some you will be confirming it more or less automatically and it will only become a nuisance. As every command, rm will do exactly what you ask it to do, and it doesn't know it was by mistake.
Of course there's something you can do about it though - work around the issue. If you want to remove a whole directory full of files and you're feeling sleepy, don't use rm. Use find instead:
find /path/to/directory/you/want/to/delete/
will list every single file in that place. You might want to |less it if the output is long, so you could carefuly go through it.
And if that list is exactly the same as list of files you actually want deleted, then
find /path/to/directory/you/want/to/delete/ -delete
and it will all be gone. Just append -delete to a command whose output you already saw and checked. Obviously you'll use bash history while doing that, so there's no danger of making a mistake in a path, accidentally pressing enter before you're finished, etc etc.
As foolproof as it gets. Obviously you can adjust it to your needs as much as you want, it's really simple. For example, when you want to delete all contents of current directory, then find will give you the list of its contents, and find -delete will delete everything inside.
Simple, isn't it
Running arch is like raising a puppy - if you spend a bit of time with it each day and do just a bit of training you'll end up with the most loyal partner you could want; if you lock it in a room and don't check on if for several days, it'll tear apart your stuff and poop everywhere.
Offline
I think you'd want safe-rm
http://www.safe-rm.org.nz/
yaourt -Ss safe-rm ~
aur/safe-rm 0.8-1 (11)
A tool intended to prevent the accidental deletion of important files.
it comes default with a config to remove some crazy stuff like rm -rf /
but you can actually configure which directories you'd like protected.
Offline
I think It's easy enough to just use absolute paths (avoid asterisks and ./). After a few reformats you should get in the habit of creating a backup image (cloning) anyway.
I like pie. Especially with a side of Arch.
Offline
I think It's easy enough to just use absolute paths (avoid asterisks and ./). After a few reformats you should get in the habit of creating a backup image (cloning) anyway.
+1 !!
It is not a mistake one makes too many times - I believe I have done it twice in 15 years.
The work involved in getting things back in order makes you automatically think twice before pushing 'Enter' at the end of a rm-command ;-)
Offline
xs wrote:I think It's easy enough to just use absolute paths (avoid asterisks and ./). After a few reformats you should get in the habit of creating a backup image (cloning) anyway.
+1 !!
It is not a mistake one makes too many times - I believe I have done it twice in 15 years.
The work involved in getting things back in order makes you automatically think twice before pushing 'Enter' at the end of a rm-command ;-)
One time is too many in production, and even the best of us mess up sometimes. Why not add the extra safety?
I did this once, can you spot the problem right away?
--
#!/bin/ksh
PARENT_DIR=$1
SUBDIR=$2
if [ -z "$PARENT_DIR" -o -z "$SUBDIR" ]; then
exit 1
fi
ssh -n remotehost 'rm -rf ${PARENT_DIR}/${SUBDIR}'
--
Offline
The second is just /, it would be at least nice to be asked, first, if you want to rm -rf /
Surprised nobody else has posted this:
--preserve-root
do not remove '/' (default)
Offline
https://linuxtidbits.wordpress.com/2011 … moving-rm/
The last part implements a kind of trash folder: files aren't removed, they're just moved.
Offline
And the moment you dodged the Evil rm™, you will run into dd of Doom©.
Offline
The safe-rm utility is a good choice to protect certain directories from deletion. You may also create a "-i" file which is then processed by rm requesting further action to remove a file; for example,
# *** create a test folder
$ mkdir test; cd test; touch A B C D
# *** protect the folder with -i file
$ touch -- -i
# *** rm requests confirmation in protected directories
$ rm *
rm: remove regular empty file `A'?
In contrast to deleting the files you can actually "move" them to a "trash" folder using the utilities available in the desktop environment of your choice. This has the advantage of an easy recovery (or future permanent deletion) using either your desktop environment or your command shell.
A simple "trash" script follows using KDE:
#!/bin/bash
kioclient move "$@" trash:/
Now you can delete any file or folder in the command line using "trash", for example,
# *** create a test folder
$ mkdir test; cd test; touch A B C D; mkdir othertest; cd ..
# *** trash an entire test folder
$ trash test
Next, you can see the test file you deleted, recover it or delete it permanetly using a file manager:
$ dolphin trash:/
You can also restore the file using the ktrash command, although using dolphin should be much simpler to use. For more information use:
$ ktrash --help
$ kioclient --help
This is a second version of trash which lists the files to delete and then it asks for a confirmation before trashing the files.
#!/bin/bash
/bin/ls -- "$@"
echo "The files above will be moved to Trash."
echo "Do you want to proceed [Y/N]?"
read Confirmation
if [ "$Confirmation" == 'Y' ]; then
echo "Executing kioclient move $@ trash:/ "
kioclient move "$@" trash:/
exit 0;
fi
echo "Aborting."
exit 1;
Other desktop environments similar commands. For example, the link below provides some hints in GNOME:
Offline
Pages: 1