What does sudo rm -rf /* do to modern Linux

Показать описание

I explain and run sudo rm -rf /* on Ubuntu 19.10

Рекомендации по теме

Комментарии

So a friend of mine had someone in his team doing that by mistake a few years ago, when they were in the military. He deleted a MASSIVE amount of data stored on their server and it took their team 6 months of intense work to get all of that back.
The really funny part was that they only heard about this the following morning when the cheif officer (who isn't a tech guy) was informed of this in a routinely manner over the morning briefing.
He had no idea what it meant. He wrote it in his diary.
The others knew what it meant. They started crying.

Amir-gcre

Actually, I found two issues in this video:
1. The "root" privilege is not equivalent to the "admin" privilege on windows machines, as there are at least 3 different privileges on Windows:
1) User privilege: the privilege we use every day;
2) Admin privilege: the privilege that we elevate via "command prompt" or "powershell", usually used to grant better accessibility of resources to a program that requires resources not available in User privilege
3) System privilege: the true boss of the Windows, not accessible by normal means but only granted to some reliable and confirmed developers (like the GPU driver developers), this barrier is created to protect the kernel from getting damaged or destroyed (yet can be bypassed by the safety loopholes of the driver programs)
The Linux "root" privilege is equivalent to the "system" privilege. (You cannot delete a *.sys file on a Windows machine even with Admin. Instead, Windows will prompt you to delete it with the System privilege)

2. The "/" directory is not the same thing as the "C:/" on windows, as the "C:/" is basically "/dev/sda1" on Linux, Linux attaches everything to the "/" folder, but windows does the opposite (few relevant information online but it seems that windows do not mount different partitions into the same place).

zhangliangma

Great video. The best, showing the action!
Thanks.

maurolimaok

I actually had this happen on a real production IT system that I was working towards taking over the management of. I was working for an outsourcing company, and the system was in production and being operated and managed by the application vendor.

The reason we hadn't taken it over was because there was zero operational documentation and zero scripted operations. So the vendor was operating it manually based on instructions scribbled on a scrap of paper.

These instructions said: 1. "cd /tmp"; 2. "rm -yr *"; 3. "reboot".

Unfortunately, one evening having done step one, the operator received a telephone support call and as part of answering that he went root (presumably with "sudo -i" which put him back in the root directory). When he finished the call he executed steps 2 and 3 without exiting root thus doing EXACTLY what this video shows.

D'UH!!!

To cap it all, it then turned out that the system backups hadn't been working either and hadn't been tested and it took them 2 or 3 weeks to rebuild this production system. DOUBLE

I might add that this was one of two similar screw ups (the other resulting from deletion of the production SQL database) at the end of a disastrous fixed price application development where the system has already been rejected and redeveloped from scratch and where the initial go live was abandoned twice, once because an untested system timezone change caused it to fail, and once because the system has never been tested on a production sized database, and several missing indexes resulted in use response times on a linked production customer call handling system going from 1sec to over 30mins.

Put simply a fiasco from start to finish from a MAJOR MAJOR software house.

SodalisUK