Why is it possible to delete your entire file system?












14















After committing the infamous mistake of deleting my entire file system via sudo rm -rf /*, recovering from the horrendous damage that I had done and coping with the fact that I just lost 6 years off my lifespan, I started wondering why is it even possible to do that, and what could be done to prevent this mistake from happening.



One solution that was suggested to me is revoking root access from my account, but that is inconvenient, because a lot of commands require root access and when you have to run a few dozen commands every day, that gets annoying.



Backing up your system is the obvious way to go, but restoring a backup also requires some downtime, and depending on your system that downtime could be days or weeks, which could be unacceptable in some cases.



My question is: Why not implement a confirmation when the user tries to delete their filesystem? So that when you actually want to do that, you just hit Y or enter, and if you don't at least you don't lose everything.










share|improve this question









New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 21





    That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

    – Pilot6
    14 hours ago






  • 13





    What was the point of using -f? Without it you would get some warning, but it didn't stop you.

    – Pilot6
    14 hours ago






  • 11





    -r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

    – Pilot6
    13 hours ago






  • 10





    "Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

    – chepner
    8 hours ago






  • 5





    @IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

    – xyious
    8 hours ago
















14















After committing the infamous mistake of deleting my entire file system via sudo rm -rf /*, recovering from the horrendous damage that I had done and coping with the fact that I just lost 6 years off my lifespan, I started wondering why is it even possible to do that, and what could be done to prevent this mistake from happening.



One solution that was suggested to me is revoking root access from my account, but that is inconvenient, because a lot of commands require root access and when you have to run a few dozen commands every day, that gets annoying.



Backing up your system is the obvious way to go, but restoring a backup also requires some downtime, and depending on your system that downtime could be days or weeks, which could be unacceptable in some cases.



My question is: Why not implement a confirmation when the user tries to delete their filesystem? So that when you actually want to do that, you just hit Y or enter, and if you don't at least you don't lose everything.










share|improve this question









New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 21





    That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

    – Pilot6
    14 hours ago






  • 13





    What was the point of using -f? Without it you would get some warning, but it didn't stop you.

    – Pilot6
    14 hours ago






  • 11





    -r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

    – Pilot6
    13 hours ago






  • 10





    "Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

    – chepner
    8 hours ago






  • 5





    @IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

    – xyious
    8 hours ago














14












14








14


3






After committing the infamous mistake of deleting my entire file system via sudo rm -rf /*, recovering from the horrendous damage that I had done and coping with the fact that I just lost 6 years off my lifespan, I started wondering why is it even possible to do that, and what could be done to prevent this mistake from happening.



One solution that was suggested to me is revoking root access from my account, but that is inconvenient, because a lot of commands require root access and when you have to run a few dozen commands every day, that gets annoying.



Backing up your system is the obvious way to go, but restoring a backup also requires some downtime, and depending on your system that downtime could be days or weeks, which could be unacceptable in some cases.



My question is: Why not implement a confirmation when the user tries to delete their filesystem? So that when you actually want to do that, you just hit Y or enter, and if you don't at least you don't lose everything.










share|improve this question









New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












After committing the infamous mistake of deleting my entire file system via sudo rm -rf /*, recovering from the horrendous damage that I had done and coping with the fact that I just lost 6 years off my lifespan, I started wondering why is it even possible to do that, and what could be done to prevent this mistake from happening.



One solution that was suggested to me is revoking root access from my account, but that is inconvenient, because a lot of commands require root access and when you have to run a few dozen commands every day, that gets annoying.



Backing up your system is the obvious way to go, but restoring a backup also requires some downtime, and depending on your system that downtime could be days or weeks, which could be unacceptable in some cases.



My question is: Why not implement a confirmation when the user tries to delete their filesystem? So that when you actually want to do that, you just hit Y or enter, and if you don't at least you don't lose everything.







command-line rm






share|improve this question









New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 2 hours ago









Sparhawk

5,13062965




5,13062965






New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 14 hours ago









Mister_FixMister_Fix

7415




7415




New contributor




Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Mister_Fix is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 21





    That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

    – Pilot6
    14 hours ago






  • 13





    What was the point of using -f? Without it you would get some warning, but it didn't stop you.

    – Pilot6
    14 hours ago






  • 11





    -r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

    – Pilot6
    13 hours ago






  • 10





    "Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

    – chepner
    8 hours ago






  • 5





    @IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

    – xyious
    8 hours ago














  • 21





    That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

    – Pilot6
    14 hours ago






  • 13





    What was the point of using -f? Without it you would get some warning, but it didn't stop you.

    – Pilot6
    14 hours ago






  • 11





    -r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

    – Pilot6
    13 hours ago






  • 10





    "Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

    – chepner
    8 hours ago






  • 5





    @IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

    – xyious
    8 hours ago








21




21





That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

– Pilot6
14 hours ago





That "confirmation" won't stop anyone. If you use sudo in a terminal, you should know what you are doing. Period.

– Pilot6
14 hours ago




13




13





What was the point of using -f? Without it you would get some warning, but it didn't stop you.

– Pilot6
14 hours ago





What was the point of using -f? Without it you would get some warning, but it didn't stop you.

– Pilot6
14 hours ago




11




11





-r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

– Pilot6
13 hours ago





-r for recursive would be sufficient, no need to force. But as soon as you forced it, there is noone to blame. You need to learn what these options mean.

– Pilot6
13 hours ago




10




10





"Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

– chepner
8 hours ago





"Why is it even possible to do that?" Why should't it be possible? There are perfectly good reasons to delete the contents of a directory hierarchy, and there are plenty of subsets of / that would be nearly as bad to delete (/etc/, for example). It simply is not the job of rm to decide which directories can or can't easily be deleted.

– chepner
8 hours ago




5




5





@IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

– xyious
8 hours ago





@IliyaGolik "In my case i needed to get rid of a directory with a lot of files in sub directories, around 100,000 of them in total." Why did you need sudo to delete these files ? Shouldn't you have had access to these files ? I think your main problem is access control, not the fact that you can delete what you shouldn't. You shouldn't have to use sudo when you're not making changes to the system.

– xyious
8 hours ago










6 Answers
6






active

oldest

votes


















31














Meet safe-rmInstall safe-rm, the “wrapper around the rm command to prevent accidental deletions”:




safe-rm prevents the accidental deletion of important files by
replacing rm with a wrapper
which checks the given arguments against a configurable blacklist of files and directories
which should never be removed.



Users who attempt to delete one of these protected files or directories will not be able
to do so and will be shown a warning message instead. (man safe-rm)




If the installation link above doesn’t work for you just use sudo apt install safe-rm instead.
The default configuration already contains the system directories, let’s try rm /* for example:



$ rm /*
safe-rm: skipping /bin
safe-rm: skipping /boot
safe-rm: skipping /dev
safe-rm: skipping /etc
safe-rm: skipping /home
safe-rm: skipping /lib
safe-rm: skipping /proc
safe-rm: skipping /root
safe-rm: skipping /sbin
safe-rm: skipping /sys
safe-rm: skipping /usr
safe-rm: skipping /var





For the cases where you run rm without sudo (which ignores aliases) and the -f flag it’s a good idea to add an alias for your shell that makes rm’s -i flag the default. This way rm asks for every file before deleting it:



alias rm='rm -i'


A similarly useful flag is -I:




prompt once before removing more than three files, or when removing
recursively;
less intrusive than -i, while still giving protection against most mistakes







share|improve this answer


























  • When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

    – Ferrybig
    8 hours ago











  • @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

    – Doug O'Neal
    5 hours ago











  • I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

    – Peter Cordes
    1 hour ago











  • Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

    – Peter Cordes
    1 hour ago



















12














Confirmation is already there, the problem is the f of the command, that is --force; When user force an operation it is suppose it's know what is doing (obviously a mistake could always append).



an example:



 rm -r ./*
rm: remove write-protected regular file './mozilla_mvaschetto0/WEBMASTER-04.DOC'? N
rm: cannot remove './mozilla_mvaschetto0': Directory not empty
rm: descend into write-protected directory './pulse-PKdhtXMmr18n'? n
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-bolt.service-rZWMCb'? n
rm: descend into write-protected directory './systemd-private- 890f5b31987b4910a579d1c49930a591-colord.service-4ZBnUf'? n
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-fwupd.service-vAxdbk'? n
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-minissdpd.service-9G8GrR'?
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-ModemManager.service-s43zUX'? nn
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-rtkit-daemon.service-cfMePv'? n
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-systemd-timesyncd.service-oXT4pr'? n
rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-upower.service-L0k9rT'? n


it is different with --force option, I will not get any confirmation and files are deleted.



The Problem is to know the command and its parameters, navigate more in the man of a command (also if the command is found in a tutorial) for examples: the first time I sow the command tar xzf some.tar.gz I'm asking to my self, what xzf mean?



Then I red the man of tar and discover it.





share
























  • I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

    – Jonas Schäfer
    11 hours ago











  • So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

    – Captain Man
    10 hours ago






  • 2





    Rmdir is the safest way to delete a folder

    – AtomiX84
    10 hours ago



















4














If your system file space usage isn't immense (and these days 'immense' means 'hundreds of gigabytes or more') create some virtual machine instances, and always work inside of one. Recovery would just entail using a backup instance.



Or you could create a chroot jail, and work inside it. You'd still need some recovery if it got trashed, but that would be easier with a running (enclosing) system to work from.






share|improve this answer
























  • This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

    – PyRulez
    9 hours ago











  • Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

    – Loren Rosen
    9 hours ago











  • "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

    – PyRulez
    9 hours ago











  • My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

    – Loren Rosen
    9 hours ago











  • ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

    – Loren Rosen
    8 hours ago



















1














Well the short answer is to not run such a command.



The long story is that it's part of the customization. Essentially there are two factors at play here. One is the fact that you are free to modify all files.



The second is that the rm command offers the helpful syntactic sugar to delete all files under a folder.



Effectively this could be restated as a singe simple tenet of Unix machines. Everything is a file. To make matters better, there are access controls, but there are overridden by your usage of




sudo




I guess you could add an alias or a function to ensure that this can never be run.






share|improve this answer































    1














    Be wary of using /* with the rm at all. It might be tedious to remove things one folder at a time, but remove all could create a tedious restore from backup. Because of course you backed up.






    share|improve this answer








    New contributor




    Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.
















    • 1





      Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

      – dessert
      6 hours ago





















    0














    Running without backups means you have to be super careful to never make any mistakes. And hope your hardware never fails. (Even RAID can't save you from filesystem corruption caused by faulty RAM.) So that's your first problem. (Which I assume you've already realized and will be doing backups in the future.)





    But there are things you can do to reduce the likelihood of mistakes like this:




    • alias rm='rm -I' to prompt if deleting more than 3 things.

    • alias mv and cp to mv -i and cp -i (many normal use-cases for these don't involve overwriting a destination file).

    • alias sudo='sudo ' to do alias expansion on the first argument to sudo


    I find rm -I is a lot more useful than rm -i. It usually don't prompt during normal use, so tetting prompted when you didn't expect it is a lot more noticeable / better warning. With -i (before I discovered -I), I got used to typing rm to disable alias expansion, after being sure I'd typed the command correctly.



    You don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, or I'm not sure if my glob might match some extra files, I manually type rm -i .../*whatever*. (Also a good habit in case you're ever in an environment without your aliases).



    Defend against fat-fingering Enter by typing ls -d /*foo* first, then up-arrow and change that to rm -r after you've finished typing. So the command line never contains rm -rf ~/ or similar dangerous commands at any point. You only "arm" it by changing ls to rm with control-a, alt-d to go to the start of the line and adding the -r or the -f after you've finished typing the ~/some/sub/dir/ part of the command.



    Depending on what you're deleting, actually run the ls -d first, or not if that wouldn't add anything to what you see with tab-completion. You might start with rm (without -r or -rf) so it's just control-a / control-right (or alt+f) / space / -r.



    (Get used to bash/readline's powerful editing keybindings for moving around quickly, like control-arrows or alt+f/b to move by words, and killing whole words with alt+backspace or alt+d, or control-w. And control-u to kill to the beginning of the line. And control-/ to undo an edit if you go one step too far.
    And of course up-arrow history that you can search with control-r / control-s.)



    Avoid -rf unless you actually need it to silence prompts about removing read-only files.



    Take extra time to think before pressing return on a sudo command. Especially if you don't have full backups, or now would be a bad time to have to restore from them.






    share|improve this answer























      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "89"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });






      Mister_Fix is a new contributor. Be nice, and check out our Code of Conduct.










      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1117684%2fwhy-is-it-possible-to-delete-your-entire-file-system%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      6 Answers
      6






      active

      oldest

      votes








      6 Answers
      6






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      31














      Meet safe-rmInstall safe-rm, the “wrapper around the rm command to prevent accidental deletions”:




      safe-rm prevents the accidental deletion of important files by
      replacing rm with a wrapper
      which checks the given arguments against a configurable blacklist of files and directories
      which should never be removed.



      Users who attempt to delete one of these protected files or directories will not be able
      to do so and will be shown a warning message instead. (man safe-rm)




      If the installation link above doesn’t work for you just use sudo apt install safe-rm instead.
      The default configuration already contains the system directories, let’s try rm /* for example:



      $ rm /*
      safe-rm: skipping /bin
      safe-rm: skipping /boot
      safe-rm: skipping /dev
      safe-rm: skipping /etc
      safe-rm: skipping /home
      safe-rm: skipping /lib
      safe-rm: skipping /proc
      safe-rm: skipping /root
      safe-rm: skipping /sbin
      safe-rm: skipping /sys
      safe-rm: skipping /usr
      safe-rm: skipping /var





      For the cases where you run rm without sudo (which ignores aliases) and the -f flag it’s a good idea to add an alias for your shell that makes rm’s -i flag the default. This way rm asks for every file before deleting it:



      alias rm='rm -i'


      A similarly useful flag is -I:




      prompt once before removing more than three files, or when removing
      recursively;
      less intrusive than -i, while still giving protection against most mistakes







      share|improve this answer


























      • When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

        – Ferrybig
        8 hours ago











      • @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

        – Doug O'Neal
        5 hours ago











      • I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

        – Peter Cordes
        1 hour ago











      • Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

        – Peter Cordes
        1 hour ago
















      31














      Meet safe-rmInstall safe-rm, the “wrapper around the rm command to prevent accidental deletions”:




      safe-rm prevents the accidental deletion of important files by
      replacing rm with a wrapper
      which checks the given arguments against a configurable blacklist of files and directories
      which should never be removed.



      Users who attempt to delete one of these protected files or directories will not be able
      to do so and will be shown a warning message instead. (man safe-rm)




      If the installation link above doesn’t work for you just use sudo apt install safe-rm instead.
      The default configuration already contains the system directories, let’s try rm /* for example:



      $ rm /*
      safe-rm: skipping /bin
      safe-rm: skipping /boot
      safe-rm: skipping /dev
      safe-rm: skipping /etc
      safe-rm: skipping /home
      safe-rm: skipping /lib
      safe-rm: skipping /proc
      safe-rm: skipping /root
      safe-rm: skipping /sbin
      safe-rm: skipping /sys
      safe-rm: skipping /usr
      safe-rm: skipping /var





      For the cases where you run rm without sudo (which ignores aliases) and the -f flag it’s a good idea to add an alias for your shell that makes rm’s -i flag the default. This way rm asks for every file before deleting it:



      alias rm='rm -i'


      A similarly useful flag is -I:




      prompt once before removing more than three files, or when removing
      recursively;
      less intrusive than -i, while still giving protection against most mistakes







      share|improve this answer


























      • When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

        – Ferrybig
        8 hours ago











      • @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

        – Doug O'Neal
        5 hours ago











      • I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

        – Peter Cordes
        1 hour ago











      • Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

        – Peter Cordes
        1 hour ago














      31












      31








      31







      Meet safe-rmInstall safe-rm, the “wrapper around the rm command to prevent accidental deletions”:




      safe-rm prevents the accidental deletion of important files by
      replacing rm with a wrapper
      which checks the given arguments against a configurable blacklist of files and directories
      which should never be removed.



      Users who attempt to delete one of these protected files or directories will not be able
      to do so and will be shown a warning message instead. (man safe-rm)




      If the installation link above doesn’t work for you just use sudo apt install safe-rm instead.
      The default configuration already contains the system directories, let’s try rm /* for example:



      $ rm /*
      safe-rm: skipping /bin
      safe-rm: skipping /boot
      safe-rm: skipping /dev
      safe-rm: skipping /etc
      safe-rm: skipping /home
      safe-rm: skipping /lib
      safe-rm: skipping /proc
      safe-rm: skipping /root
      safe-rm: skipping /sbin
      safe-rm: skipping /sys
      safe-rm: skipping /usr
      safe-rm: skipping /var





      For the cases where you run rm without sudo (which ignores aliases) and the -f flag it’s a good idea to add an alias for your shell that makes rm’s -i flag the default. This way rm asks for every file before deleting it:



      alias rm='rm -i'


      A similarly useful flag is -I:




      prompt once before removing more than three files, or when removing
      recursively;
      less intrusive than -i, while still giving protection against most mistakes







      share|improve this answer















      Meet safe-rmInstall safe-rm, the “wrapper around the rm command to prevent accidental deletions”:




      safe-rm prevents the accidental deletion of important files by
      replacing rm with a wrapper
      which checks the given arguments against a configurable blacklist of files and directories
      which should never be removed.



      Users who attempt to delete one of these protected files or directories will not be able
      to do so and will be shown a warning message instead. (man safe-rm)




      If the installation link above doesn’t work for you just use sudo apt install safe-rm instead.
      The default configuration already contains the system directories, let’s try rm /* for example:



      $ rm /*
      safe-rm: skipping /bin
      safe-rm: skipping /boot
      safe-rm: skipping /dev
      safe-rm: skipping /etc
      safe-rm: skipping /home
      safe-rm: skipping /lib
      safe-rm: skipping /proc
      safe-rm: skipping /root
      safe-rm: skipping /sbin
      safe-rm: skipping /sys
      safe-rm: skipping /usr
      safe-rm: skipping /var





      For the cases where you run rm without sudo (which ignores aliases) and the -f flag it’s a good idea to add an alias for your shell that makes rm’s -i flag the default. This way rm asks for every file before deleting it:



      alias rm='rm -i'


      A similarly useful flag is -I:




      prompt once before removing more than three files, or when removing
      recursively;
      less intrusive than -i, while still giving protection against most mistakes








      share|improve this answer














      share|improve this answer



      share|improve this answer








      edited 8 hours ago

























      answered 14 hours ago









      dessertdessert

      23.3k565103




      23.3k565103













      • When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

        – Ferrybig
        8 hours ago











      • @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

        – Doug O'Neal
        5 hours ago











      • I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

        – Peter Cordes
        1 hour ago











      • Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

        – Peter Cordes
        1 hour ago



















      • When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

        – Ferrybig
        8 hours ago











      • @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

        – Doug O'Neal
        5 hours ago











      • I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

        – Peter Cordes
        1 hour ago











      • Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

        – Peter Cordes
        1 hour ago

















      When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

      – Ferrybig
      8 hours ago





      When I click the link to "safe-rm" it says "Please wait The package you requested will install shortly." How do I get to the instructions how to install it?

      – Ferrybig
      8 hours ago













      @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

      – Doug O'Neal
      5 hours ago





      @Ferrybig Better yet, the link tries to use apt to install the package. Doesn't help for those or use using rpm-based distributions.

      – Doug O'Neal
      5 hours ago













      I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

      – Peter Cordes
      1 hour ago





      I find rm -I is a lot more useful than rm -i. Getting prompted when you didn't expect it is a lot more noticeable / better warning than expecting to be prompted anyway. With -i, I got used to adding a rm to disable the alias after being sure I'd typed the command correctly. I switched to -I as soon as I discovered it, and have been happy with it. mv -i and cp -i are very nice, though. Those have saved me a couple times from wiping out a destination file accidentally.

      – Peter Cordes
      1 hour ago













      Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

      – Peter Cordes
      1 hour ago





      Of course, you don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, I manually type rm -i. (Good habit in case you're ever in an environment without your aliases). You can use alias sudo='sudo ' to trigger alias expansion on sudo commands.

      – Peter Cordes
      1 hour ago













      12














      Confirmation is already there, the problem is the f of the command, that is --force; When user force an operation it is suppose it's know what is doing (obviously a mistake could always append).



      an example:



       rm -r ./*
      rm: remove write-protected regular file './mozilla_mvaschetto0/WEBMASTER-04.DOC'? N
      rm: cannot remove './mozilla_mvaschetto0': Directory not empty
      rm: descend into write-protected directory './pulse-PKdhtXMmr18n'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-bolt.service-rZWMCb'? n
      rm: descend into write-protected directory './systemd-private- 890f5b31987b4910a579d1c49930a591-colord.service-4ZBnUf'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-fwupd.service-vAxdbk'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-minissdpd.service-9G8GrR'?
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-ModemManager.service-s43zUX'? nn
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-rtkit-daemon.service-cfMePv'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-systemd-timesyncd.service-oXT4pr'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-upower.service-L0k9rT'? n


      it is different with --force option, I will not get any confirmation and files are deleted.



      The Problem is to know the command and its parameters, navigate more in the man of a command (also if the command is found in a tutorial) for examples: the first time I sow the command tar xzf some.tar.gz I'm asking to my self, what xzf mean?



      Then I red the man of tar and discover it.





      share
























      • I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

        – Jonas Schäfer
        11 hours ago











      • So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

        – Captain Man
        10 hours ago






      • 2





        Rmdir is the safest way to delete a folder

        – AtomiX84
        10 hours ago
















      12














      Confirmation is already there, the problem is the f of the command, that is --force; When user force an operation it is suppose it's know what is doing (obviously a mistake could always append).



      an example:



       rm -r ./*
      rm: remove write-protected regular file './mozilla_mvaschetto0/WEBMASTER-04.DOC'? N
      rm: cannot remove './mozilla_mvaschetto0': Directory not empty
      rm: descend into write-protected directory './pulse-PKdhtXMmr18n'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-bolt.service-rZWMCb'? n
      rm: descend into write-protected directory './systemd-private- 890f5b31987b4910a579d1c49930a591-colord.service-4ZBnUf'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-fwupd.service-vAxdbk'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-minissdpd.service-9G8GrR'?
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-ModemManager.service-s43zUX'? nn
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-rtkit-daemon.service-cfMePv'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-systemd-timesyncd.service-oXT4pr'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-upower.service-L0k9rT'? n


      it is different with --force option, I will not get any confirmation and files are deleted.



      The Problem is to know the command and its parameters, navigate more in the man of a command (also if the command is found in a tutorial) for examples: the first time I sow the command tar xzf some.tar.gz I'm asking to my self, what xzf mean?



      Then I red the man of tar and discover it.





      share
























      • I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

        – Jonas Schäfer
        11 hours ago











      • So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

        – Captain Man
        10 hours ago






      • 2





        Rmdir is the safest way to delete a folder

        – AtomiX84
        10 hours ago














      12












      12








      12







      Confirmation is already there, the problem is the f of the command, that is --force; When user force an operation it is suppose it's know what is doing (obviously a mistake could always append).



      an example:



       rm -r ./*
      rm: remove write-protected regular file './mozilla_mvaschetto0/WEBMASTER-04.DOC'? N
      rm: cannot remove './mozilla_mvaschetto0': Directory not empty
      rm: descend into write-protected directory './pulse-PKdhtXMmr18n'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-bolt.service-rZWMCb'? n
      rm: descend into write-protected directory './systemd-private- 890f5b31987b4910a579d1c49930a591-colord.service-4ZBnUf'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-fwupd.service-vAxdbk'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-minissdpd.service-9G8GrR'?
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-ModemManager.service-s43zUX'? nn
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-rtkit-daemon.service-cfMePv'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-systemd-timesyncd.service-oXT4pr'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-upower.service-L0k9rT'? n


      it is different with --force option, I will not get any confirmation and files are deleted.



      The Problem is to know the command and its parameters, navigate more in the man of a command (also if the command is found in a tutorial) for examples: the first time I sow the command tar xzf some.tar.gz I'm asking to my self, what xzf mean?



      Then I red the man of tar and discover it.





      share













      Confirmation is already there, the problem is the f of the command, that is --force; When user force an operation it is suppose it's know what is doing (obviously a mistake could always append).



      an example:



       rm -r ./*
      rm: remove write-protected regular file './mozilla_mvaschetto0/WEBMASTER-04.DOC'? N
      rm: cannot remove './mozilla_mvaschetto0': Directory not empty
      rm: descend into write-protected directory './pulse-PKdhtXMmr18n'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-bolt.service-rZWMCb'? n
      rm: descend into write-protected directory './systemd-private- 890f5b31987b4910a579d1c49930a591-colord.service-4ZBnUf'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-fwupd.service-vAxdbk'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-minissdpd.service-9G8GrR'?
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-ModemManager.service-s43zUX'? nn
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-rtkit-daemon.service-cfMePv'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-systemd-timesyncd.service-oXT4pr'? n
      rm: descend into write-protected directory './systemd-private-890f5b31987b4910a579d1c49930a591-upower.service-L0k9rT'? n


      it is different with --force option, I will not get any confirmation and files are deleted.



      The Problem is to know the command and its parameters, navigate more in the man of a command (also if the command is found in a tutorial) for examples: the first time I sow the command tar xzf some.tar.gz I'm asking to my self, what xzf mean?



      Then I red the man of tar and discover it.






      share











      share


      share










      answered 14 hours ago









      AtomiX84AtomiX84

      835111




      835111













      • I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

        – Jonas Schäfer
        11 hours ago











      • So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

        – Captain Man
        10 hours ago






      • 2





        Rmdir is the safest way to delete a folder

        – AtomiX84
        10 hours ago



















      • I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

        – Jonas Schäfer
        11 hours ago











      • So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

        – Captain Man
        10 hours ago






      • 2





        Rmdir is the safest way to delete a folder

        – AtomiX84
        10 hours ago

















      I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

      – Jonas Schäfer
      11 hours ago





      I don’t think that’s relevant here. At the point where rm first asks for a write-protected or whatever file, it may already have deleted a whole bunch of important files.

      – Jonas Schäfer
      11 hours ago













      So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

      – Captain Man
      10 hours ago





      So personally, I have always thought -f was required to delete folders. I even opened a prompt to confirm and complain but learned that just -r is needed. I suppose rm -rf has become the norm since it is so useful in a script (you don't want the script to fail just because you're trying to delete things that don't exist) so you see it often, but I suppose we need to be vigilant about just using rm -r as our "default" when in a shell (understandably there should be no "default" assumptions you don't understand, especially with sudo, but people will be people and at least this is safer).

      – Captain Man
      10 hours ago




      2




      2





      Rmdir is the safest way to delete a folder

      – AtomiX84
      10 hours ago





      Rmdir is the safest way to delete a folder

      – AtomiX84
      10 hours ago











      4














      If your system file space usage isn't immense (and these days 'immense' means 'hundreds of gigabytes or more') create some virtual machine instances, and always work inside of one. Recovery would just entail using a backup instance.



      Or you could create a chroot jail, and work inside it. You'd still need some recovery if it got trashed, but that would be easier with a running (enclosing) system to work from.






      share|improve this answer
























      • This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

        – PyRulez
        9 hours ago











      • Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

        – Loren Rosen
        9 hours ago











      • "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

        – PyRulez
        9 hours ago











      • My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

        – Loren Rosen
        9 hours ago











      • ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

        – Loren Rosen
        8 hours ago
















      4














      If your system file space usage isn't immense (and these days 'immense' means 'hundreds of gigabytes or more') create some virtual machine instances, and always work inside of one. Recovery would just entail using a backup instance.



      Or you could create a chroot jail, and work inside it. You'd still need some recovery if it got trashed, but that would be easier with a running (enclosing) system to work from.






      share|improve this answer
























      • This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

        – PyRulez
        9 hours ago











      • Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

        – Loren Rosen
        9 hours ago











      • "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

        – PyRulez
        9 hours ago











      • My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

        – Loren Rosen
        9 hours ago











      • ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

        – Loren Rosen
        8 hours ago














      4












      4








      4







      If your system file space usage isn't immense (and these days 'immense' means 'hundreds of gigabytes or more') create some virtual machine instances, and always work inside of one. Recovery would just entail using a backup instance.



      Or you could create a chroot jail, and work inside it. You'd still need some recovery if it got trashed, but that would be easier with a running (enclosing) system to work from.






      share|improve this answer













      If your system file space usage isn't immense (and these days 'immense' means 'hundreds of gigabytes or more') create some virtual machine instances, and always work inside of one. Recovery would just entail using a backup instance.



      Or you could create a chroot jail, and work inside it. You'd still need some recovery if it got trashed, but that would be easier with a running (enclosing) system to work from.







      share|improve this answer












      share|improve this answer



      share|improve this answer










      answered 12 hours ago









      Loren RosenLoren Rosen

      463




      463













      • This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

        – PyRulez
        9 hours ago











      • Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

        – Loren Rosen
        9 hours ago











      • "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

        – PyRulez
        9 hours ago











      • My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

        – Loren Rosen
        9 hours ago











      • ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

        – Loren Rosen
        8 hours ago



















      • This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

        – PyRulez
        9 hours ago











      • Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

        – Loren Rosen
        9 hours ago











      • "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

        – PyRulez
        9 hours ago











      • My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

        – Loren Rosen
        9 hours ago











      • ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

        – Loren Rosen
        8 hours ago

















      This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

      – PyRulez
      9 hours ago





      This is probably the most effective answer, since it can protect against any damage, even third party scripts. You'd only have to worry about actual malware.

      – PyRulez
      9 hours ago













      Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

      – Loren Rosen
      9 hours ago





      Thought of another angle. It's worth asking why you need to do recursive deletions in the first place. Maybe what's really needed are some scripts to remove a project, etc.

      – Loren Rosen
      9 hours ago













      "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

      – PyRulez
      9 hours ago





      "It's worth asking why you need to do recursive deletions in the first place." Well, just because there's not built in command doesn't mean you still can't make a mistake. Third party scripts might delete files one by one from some directory. And there are other ways to bork the system that only touch one file. However, replacing rm with safe-rm helps, at least.

      – PyRulez
      9 hours ago













      My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

      – Loren Rosen
      9 hours ago





      My notion with the script was that it would have a built-in notion of a 'project' or similar. Perhaps you'd have an empty file at the project root called .project_root, or, if the file system supports it, an attribute on the directory itself. Then, the script would go up the file tree looking for the project root, and complain it the current directory wasn't in a project. Or, if the projects all live in same place, the script could require you to name a project. You could still delete the wrong project, but not destroy the entire system.

      – Loren Rosen
      9 hours ago













      ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

      – Loren Rosen
      8 hours ago





      ... also, a variant of chroot would be to use something like Docker (which I think actually uses chroot under the covers). For other files you just need to read, mount a read-only file-system.

      – Loren Rosen
      8 hours ago











      1














      Well the short answer is to not run such a command.



      The long story is that it's part of the customization. Essentially there are two factors at play here. One is the fact that you are free to modify all files.



      The second is that the rm command offers the helpful syntactic sugar to delete all files under a folder.



      Effectively this could be restated as a singe simple tenet of Unix machines. Everything is a file. To make matters better, there are access controls, but there are overridden by your usage of




      sudo




      I guess you could add an alias or a function to ensure that this can never be run.






      share|improve this answer




























        1














        Well the short answer is to not run such a command.



        The long story is that it's part of the customization. Essentially there are two factors at play here. One is the fact that you are free to modify all files.



        The second is that the rm command offers the helpful syntactic sugar to delete all files under a folder.



        Effectively this could be restated as a singe simple tenet of Unix machines. Everything is a file. To make matters better, there are access controls, but there are overridden by your usage of




        sudo




        I guess you could add an alias or a function to ensure that this can never be run.






        share|improve this answer


























          1












          1








          1







          Well the short answer is to not run such a command.



          The long story is that it's part of the customization. Essentially there are two factors at play here. One is the fact that you are free to modify all files.



          The second is that the rm command offers the helpful syntactic sugar to delete all files under a folder.



          Effectively this could be restated as a singe simple tenet of Unix machines. Everything is a file. To make matters better, there are access controls, but there are overridden by your usage of




          sudo




          I guess you could add an alias or a function to ensure that this can never be run.






          share|improve this answer













          Well the short answer is to not run such a command.



          The long story is that it's part of the customization. Essentially there are two factors at play here. One is the fact that you are free to modify all files.



          The second is that the rm command offers the helpful syntactic sugar to delete all files under a folder.



          Effectively this could be restated as a singe simple tenet of Unix machines. Everything is a file. To make matters better, there are access controls, but there are overridden by your usage of




          sudo




          I guess you could add an alias or a function to ensure that this can never be run.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 13 hours ago









          HaoZekeHaoZeke

          8113




          8113























              1














              Be wary of using /* with the rm at all. It might be tedious to remove things one folder at a time, but remove all could create a tedious restore from backup. Because of course you backed up.






              share|improve this answer








              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.
















              • 1





                Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

                – dessert
                6 hours ago


















              1














              Be wary of using /* with the rm at all. It might be tedious to remove things one folder at a time, but remove all could create a tedious restore from backup. Because of course you backed up.






              share|improve this answer








              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.
















              • 1





                Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

                – dessert
                6 hours ago
















              1












              1








              1







              Be wary of using /* with the rm at all. It might be tedious to remove things one folder at a time, but remove all could create a tedious restore from backup. Because of course you backed up.






              share|improve this answer








              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.










              Be wary of using /* with the rm at all. It might be tedious to remove things one folder at a time, but remove all could create a tedious restore from backup. Because of course you backed up.







              share|improve this answer








              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              share|improve this answer



              share|improve this answer






              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              answered 7 hours ago









              ZachZach

              114




              114




              New contributor




              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.





              New contributor





              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.






              Zach is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.








              • 1





                Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

                – dessert
                6 hours ago
















              • 1





                Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

                – dessert
                6 hours ago










              1




              1





              Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

              – dessert
              6 hours ago







              Linux Mint is not a “bad word” here, but simply off topic on this site, see the help center – if you have a question about your Linux Mint system, feel free to post it on a site where it’s on topic, e.g. Unix & Linux or the Linux Mint forums.

              – dessert
              6 hours ago













              0














              Running without backups means you have to be super careful to never make any mistakes. And hope your hardware never fails. (Even RAID can't save you from filesystem corruption caused by faulty RAM.) So that's your first problem. (Which I assume you've already realized and will be doing backups in the future.)





              But there are things you can do to reduce the likelihood of mistakes like this:




              • alias rm='rm -I' to prompt if deleting more than 3 things.

              • alias mv and cp to mv -i and cp -i (many normal use-cases for these don't involve overwriting a destination file).

              • alias sudo='sudo ' to do alias expansion on the first argument to sudo


              I find rm -I is a lot more useful than rm -i. It usually don't prompt during normal use, so tetting prompted when you didn't expect it is a lot more noticeable / better warning. With -i (before I discovered -I), I got used to typing rm to disable alias expansion, after being sure I'd typed the command correctly.



              You don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, or I'm not sure if my glob might match some extra files, I manually type rm -i .../*whatever*. (Also a good habit in case you're ever in an environment without your aliases).



              Defend against fat-fingering Enter by typing ls -d /*foo* first, then up-arrow and change that to rm -r after you've finished typing. So the command line never contains rm -rf ~/ or similar dangerous commands at any point. You only "arm" it by changing ls to rm with control-a, alt-d to go to the start of the line and adding the -r or the -f after you've finished typing the ~/some/sub/dir/ part of the command.



              Depending on what you're deleting, actually run the ls -d first, or not if that wouldn't add anything to what you see with tab-completion. You might start with rm (without -r or -rf) so it's just control-a / control-right (or alt+f) / space / -r.



              (Get used to bash/readline's powerful editing keybindings for moving around quickly, like control-arrows or alt+f/b to move by words, and killing whole words with alt+backspace or alt+d, or control-w. And control-u to kill to the beginning of the line. And control-/ to undo an edit if you go one step too far.
              And of course up-arrow history that you can search with control-r / control-s.)



              Avoid -rf unless you actually need it to silence prompts about removing read-only files.



              Take extra time to think before pressing return on a sudo command. Especially if you don't have full backups, or now would be a bad time to have to restore from them.






              share|improve this answer




























                0














                Running without backups means you have to be super careful to never make any mistakes. And hope your hardware never fails. (Even RAID can't save you from filesystem corruption caused by faulty RAM.) So that's your first problem. (Which I assume you've already realized and will be doing backups in the future.)





                But there are things you can do to reduce the likelihood of mistakes like this:




                • alias rm='rm -I' to prompt if deleting more than 3 things.

                • alias mv and cp to mv -i and cp -i (many normal use-cases for these don't involve overwriting a destination file).

                • alias sudo='sudo ' to do alias expansion on the first argument to sudo


                I find rm -I is a lot more useful than rm -i. It usually don't prompt during normal use, so tetting prompted when you didn't expect it is a lot more noticeable / better warning. With -i (before I discovered -I), I got used to typing rm to disable alias expansion, after being sure I'd typed the command correctly.



                You don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, or I'm not sure if my glob might match some extra files, I manually type rm -i .../*whatever*. (Also a good habit in case you're ever in an environment without your aliases).



                Defend against fat-fingering Enter by typing ls -d /*foo* first, then up-arrow and change that to rm -r after you've finished typing. So the command line never contains rm -rf ~/ or similar dangerous commands at any point. You only "arm" it by changing ls to rm with control-a, alt-d to go to the start of the line and adding the -r or the -f after you've finished typing the ~/some/sub/dir/ part of the command.



                Depending on what you're deleting, actually run the ls -d first, or not if that wouldn't add anything to what you see with tab-completion. You might start with rm (without -r or -rf) so it's just control-a / control-right (or alt+f) / space / -r.



                (Get used to bash/readline's powerful editing keybindings for moving around quickly, like control-arrows or alt+f/b to move by words, and killing whole words with alt+backspace or alt+d, or control-w. And control-u to kill to the beginning of the line. And control-/ to undo an edit if you go one step too far.
                And of course up-arrow history that you can search with control-r / control-s.)



                Avoid -rf unless you actually need it to silence prompts about removing read-only files.



                Take extra time to think before pressing return on a sudo command. Especially if you don't have full backups, or now would be a bad time to have to restore from them.






                share|improve this answer


























                  0












                  0








                  0







                  Running without backups means you have to be super careful to never make any mistakes. And hope your hardware never fails. (Even RAID can't save you from filesystem corruption caused by faulty RAM.) So that's your first problem. (Which I assume you've already realized and will be doing backups in the future.)





                  But there are things you can do to reduce the likelihood of mistakes like this:




                  • alias rm='rm -I' to prompt if deleting more than 3 things.

                  • alias mv and cp to mv -i and cp -i (many normal use-cases for these don't involve overwriting a destination file).

                  • alias sudo='sudo ' to do alias expansion on the first argument to sudo


                  I find rm -I is a lot more useful than rm -i. It usually don't prompt during normal use, so tetting prompted when you didn't expect it is a lot more noticeable / better warning. With -i (before I discovered -I), I got used to typing rm to disable alias expansion, after being sure I'd typed the command correctly.



                  You don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, or I'm not sure if my glob might match some extra files, I manually type rm -i .../*whatever*. (Also a good habit in case you're ever in an environment without your aliases).



                  Defend against fat-fingering Enter by typing ls -d /*foo* first, then up-arrow and change that to rm -r after you've finished typing. So the command line never contains rm -rf ~/ or similar dangerous commands at any point. You only "arm" it by changing ls to rm with control-a, alt-d to go to the start of the line and adding the -r or the -f after you've finished typing the ~/some/sub/dir/ part of the command.



                  Depending on what you're deleting, actually run the ls -d first, or not if that wouldn't add anything to what you see with tab-completion. You might start with rm (without -r or -rf) so it's just control-a / control-right (or alt+f) / space / -r.



                  (Get used to bash/readline's powerful editing keybindings for moving around quickly, like control-arrows or alt+f/b to move by words, and killing whole words with alt+backspace or alt+d, or control-w. And control-u to kill to the beginning of the line. And control-/ to undo an edit if you go one step too far.
                  And of course up-arrow history that you can search with control-r / control-s.)



                  Avoid -rf unless you actually need it to silence prompts about removing read-only files.



                  Take extra time to think before pressing return on a sudo command. Especially if you don't have full backups, or now would be a bad time to have to restore from them.






                  share|improve this answer













                  Running without backups means you have to be super careful to never make any mistakes. And hope your hardware never fails. (Even RAID can't save you from filesystem corruption caused by faulty RAM.) So that's your first problem. (Which I assume you've already realized and will be doing backups in the future.)





                  But there are things you can do to reduce the likelihood of mistakes like this:




                  • alias rm='rm -I' to prompt if deleting more than 3 things.

                  • alias mv and cp to mv -i and cp -i (many normal use-cases for these don't involve overwriting a destination file).

                  • alias sudo='sudo ' to do alias expansion on the first argument to sudo


                  I find rm -I is a lot more useful than rm -i. It usually don't prompt during normal use, so tetting prompted when you didn't expect it is a lot more noticeable / better warning. With -i (before I discovered -I), I got used to typing rm to disable alias expansion, after being sure I'd typed the command correctly.



                  You don't want to get in the habit of relying on rm -i or -I aliases to save you. It's your safety line that you hope never gets used. If I actually want to interactively select which matches to delete, or I'm not sure if my glob might match some extra files, I manually type rm -i .../*whatever*. (Also a good habit in case you're ever in an environment without your aliases).



                  Defend against fat-fingering Enter by typing ls -d /*foo* first, then up-arrow and change that to rm -r after you've finished typing. So the command line never contains rm -rf ~/ or similar dangerous commands at any point. You only "arm" it by changing ls to rm with control-a, alt-d to go to the start of the line and adding the -r or the -f after you've finished typing the ~/some/sub/dir/ part of the command.



                  Depending on what you're deleting, actually run the ls -d first, or not if that wouldn't add anything to what you see with tab-completion. You might start with rm (without -r or -rf) so it's just control-a / control-right (or alt+f) / space / -r.



                  (Get used to bash/readline's powerful editing keybindings for moving around quickly, like control-arrows or alt+f/b to move by words, and killing whole words with alt+backspace or alt+d, or control-w. And control-u to kill to the beginning of the line. And control-/ to undo an edit if you go one step too far.
                  And of course up-arrow history that you can search with control-r / control-s.)



                  Avoid -rf unless you actually need it to silence prompts about removing read-only files.



                  Take extra time to think before pressing return on a sudo command. Especially if you don't have full backups, or now would be a bad time to have to restore from them.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered 1 hour ago









                  Peter CordesPeter Cordes

                  921714




                  921714






















                      Mister_Fix is a new contributor. Be nice, and check out our Code of Conduct.










                      draft saved

                      draft discarded


















                      Mister_Fix is a new contributor. Be nice, and check out our Code of Conduct.













                      Mister_Fix is a new contributor. Be nice, and check out our Code of Conduct.












                      Mister_Fix is a new contributor. Be nice, and check out our Code of Conduct.
















                      Thanks for contributing an answer to Ask Ubuntu!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1117684%2fwhy-is-it-possible-to-delete-your-entire-file-system%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                      Alcedinidae

                      Origin of the phrase “under your belt”?