digg

You know what's just as bad?
# chmod 777 -r
...And you're one directory too high. Ouch.

i would reply, if you press enter on that keyboard i will pound you with my fists until you bleed out your ears...

It was okay, they had an instance of Emacs running. Problem solved!

"If any of you ever have the same problem, here's the hex for future reference:
070100002c000000000000000000000000000000000000000000000000000000
0000dd8fff010000dd8f27000000fb02ef07000000fb01ef070000000000bc8f
8800040000bc012f65746300
"

Yeah, we'll just ya know execute this binary and recover evry motha ***** thing.
***** ! I wish i have 1 % of his unix skill

I'm going back to my reading of BOFH now.

One time while messing around in /public_html on a client's site I accidentally deleted index.htm.

I didn't have a backup of index.htm. His site was effectively destroyed. No index, no backup. Yeah, I thought I was dead.

I calmly remembered that I had visited it in IE for compatibility reasons, and that IE notoriously caches things. I unplugged the net, went to IE and navigated to the site. It came up. View Source> Copy>paste upload as index.htm and no one was the wiser.

Don't panic.

word of advice for linux users: if you want to advertise linux, never, I repeat, never let anyone read that thing.

"I owe a debt of thanks to David Korn for making echo a built-in of his shell; needless to say, /bin, together with /bin/echo, had been deleted. What transpired in the next few minutes was that /dev, /etc and /lib had also gone in their entirety; fortunately Neil had interrupted rm while it was somewhere down below /news, and /tmp, /usr and /users were all untouched."

Once I reached this paragraph, I seized to understand anything. It's like a chinese guy talking in binary code.

"Have you ever left your terminal logged in, only to find when you came back to it that a (supposed) friend had typed "rm -rf ~/*" and was hovering over the keyboard with threats along the lines of "lend me a fiver 'til Thursday, or I hit return"?"

Uhhhhhh. No.

What is it with Digg and obssessing over this command?

Is Unix a part if Vista?

This wouldn't be nearly so devastating if he followed the cardinal user's rule, and NEVER had a shell open as root. sudo is your friend, and imo, you should ALWAYS use that, and never su. The only time I use a root shell is when I need to boot into single-user mode to do some recovery oslt.

If you carouse around your filesystem with a root shell, and aren't ***** EXTREMELY careful with any command you issue, then your darwinified ass deserves to get his system hosed.

Here's one: when you are working on an application and too lazy to do a proper "make clean" and decide that "rm -f *.o" will do. Yea, except my partner-in-crime/administration forgot that important "*.o" and took out the entire core of source code for an upcoming application. Thankfully we did backups every 6 hours - but it could've sucked badly.

As for advertising Linux, just show any Windows administrator a backup utility like rSnapshot (http://www.rsnapshot.org/) - and watch them first be amazed, then angry that they can't do that as easily or for free, and then make up a reason why Linux sucks because we have a free, easy way to back up an entire file system with simple restoration that doesn't even require an administrator to babysit if the user needs to "self-restore" something they deleted by accident. (P.S. There are ports to Mac OS X Server, but I can't pimp them since I use it on RHEL 4 and 5).

No, because I never logged in as root :)

And I never left an open console.

lockvt , lockout, and a lockit were and are my friends.

once I put a logout command at the bottom of my friends login script. It was pretty funny. Took him a little bit to figure out what the hell is going on! ;-)

I think this article pretty much sums up why the general public isn't quite ready to move to linux yet.

My first thought was rebooting with a linux live cd. I'm assuming /home is on a different partition, so you could just do a temporary linux disk install on the / partition and then use that to restore the unix file system from tape backup.

I think some of you overlooked that this happened in 1986..

Because it might go down any second:

Unix Recovery Legend
This classic article from Mario Wolczko first appeared on Usenet in 1986.

Have you ever left your terminal logged in, only to find when you came back to it that a (supposed) friend had typed "rm -rf ~/*" and was hovering over the keyboard with threats along the lines of "lend me a fiver 'til Thursday, or I hit return"? Undoubtedly the person in question would not have had the nerve to inflict such a trauma upon you, and was doing it in jest. So you've probably never experienced the worst of such disasters....

It was a quiet Wednesday afternoon. Wednesday, 1st October, 15:15 BST, to be precise, when Peter, an office-mate of mine, leaned away from his terminal and said to me, "Mario, I'm having a little trouble sending mail." Knowing that msg was capable of confusing even the most capable of people, I sauntered over to his terminal to see what was wrong. A strange error message of the form (I forget the exact details) "cannot access /foo/bar for userid 147" had been issued by msg. My first thought was "Who's userid 147?; the sender of the message, the destination, or what?" So I leant over to another terminal, already logged in, and typed

grep 147 /etc/passwd

only to receive the response

/etc/passwd: No such file or directory.

Instantly, I guessed that something was amiss. This was confirmed when in response to

ls /etc

I got

ls: not found.

I suggested to Peter that it would be a good idea not to try anything for a while, and went off to find our system manager.

When I arrived at his office, his door was ajar, and within ten seconds I realised what the problem was. James, our manager, was sat down, head in hands, hands between knees, as one whose world has just come to an end. Our newly-appointed system programmer, Neil, was beside him, gazing listlessly at the screen of his terminal. And at the top of the screen I spied the following lines:

# cd
# rm -rf *

Oh, *****, I thought. That would just about explain it.

I can't remember what happened in the succeeding minutes; my memory is just a blur. I do remember trying ls (again), ps, who and maybe a few other commands beside, all to no avail. The next thing I remember was being at my terminal again (a multi-window graphics terminal), and typing

cd /
echo *

I owe a debt of thanks to David Korn for making echo a built-in of his shell; needless to say, /bin, together with /bin/echo, had been deleted. What transpired in the next few minutes was that /dev, /etc and /lib had also gone in their entirety; fortunately Neil had interrupted rm while it was somewhere down below /news, and /tmp, /usr and /users were all untouched.

Meanwhile James had made for our tape cupboard and had retrieved what claimed to be a dump tape of the root filesystem, taken four weeks earlier. The pressing question was, "How do we recover the contents of the tape?". Not only had we lost /etc/restore, but all of the device entries for the tape deck had vanished. And where does mknod live? You guessed it, /etc. How about recovery across Ethernet of any of this from another VAX? Well, /bin/tar had gone, and thoughtfully the Berkeley people had put rcp in /bin in the 4.3 distribution. What's more, none of the Ether stuff wanted to know[work?] without /etc/hosts at least. We found a version of cpio in /usr/local, but that was unlikely to do us any good without a tape deck.

Alternatively, we could get the boot tape out and rebuild the root filesystem, but neither James nor Neil had done that before, and we weren't sure that the first thing to happen would be that the whole disk would be re-formatted, losing all our user files. (We take dumps of the user files every Thursday; by Murphy's Law this had to happen on a Wednesday). Another solution might be to borrow a disk from another VAX, boot off that, and tidy up later, but that would have entailed calling the DEC engineer out, at the very least. We had a number of users in the final throes of writing up PhD theses and the loss of a maybe a weeks' work (not to mention the machine down time) was unthinkable.

So, what to do? The next idea was to write a program to make a device descriptor for the tape deck, but we all know where cc, as and ld live. Or maybe make skeletal entries for /etc/passwd, /etc/hosts and so on, so that /usr/bin/ftp would work. By sheer luck, I had a gnuemacs still running in one of my windows, which we could use to create passwd, etc., but the first step was to create a directory to put them in. Of course /bin/mkdir had gone, and so had /bin/mv, so we couldn't rename /tmp to /etc. However, this looked like a reasonable line of attack.

By now we had been joined by Alasdair, our resident UNIX guru, and as luck would have it, someone who knows VAX assembler. So our plan became this: write a program in assembler which would either rename /tmp to /etc, or make /etc, assemble it on another VAX, uuencode it, type in the uuencoded file using my gnu, uudecode it (some bright spark had thought to put uudecode in /usr/bin), run it, and hey presto, it would all be plain sailing from there. By yet another miracle of good fortune, the terminal from which the damage had been done was still su'd to root (su is in /bin, remember?), so at least we stood a chance of all this working.

Off we set on our merry way, and within only an hour we had managed to concoct the dozen or so lines of assembler to create /etc. The stripped binary was only 76 bytes long, so we converted it to hex (slightly more readable than the output of uuencode), and typed it in using my editor. If any of you ever have the same problem, here's the hex for future reference:
070100002c000000000000000000000000000000000000000000000000000000
0000dd8fff010000dd8f27000000fb02ef07000000fb01ef070000000000bc8f
8800040000bc012f65746300

I had a handy program around (doesn't everybody?) for converting ASCII hex to binary, and the output of /usr/bin/sum tallied with our original binary. But hang on---how do you set execute permission without /bin/chmod? A few seconds thought (which as usual, lasted a couple of minutes) suggested that we write the binary on top of an already existing binary, owned by me...problem solved.

So along we trotted to the terminal with the root login, carefully remembered to set the umask to 0 (so that I could create files in it using my gnu), and ran the binary. So now we had a /etc, writable by all. From there it was but a few easy steps to creating passwd, hosts, services, protocols, (etc), and then ftp was willing to play ball. Then we recovered the contents of /bin across the ether (it's amazing how much you come to miss ls after just a few, short hours), and selected files from /etc. The key file was /etc/rrestore, with which we recovered /dev from the dump tape, and the rest is history.

Now, you're asking yourself (as I am), what's the moral of this story? Well, for one thing, you must always remember the immortal words, DON'T PANIC. Our initial reaction was to reboot the machine and try everything as single user, but it's unlikely it would have come up without /etc/init and /bin/sh. Rational thought saved us from this one.

The next thing to remember is that UNIX tools really can be put to unusual purposes. Even without my gnuemacs, we could have survived by using, say, /usr/bin/grep as a substitute for /bin/cat.

And the final thing is, it's amazing how much of the system you can delete without it falling apart completely. Apart from the fact that nobody could login (/bin/login?), and most of the useful commands had gone, everything else seemed normal. Of course, some things can't stand life without say /etc/termcap, or /dev/kmem, or /etc/utmp, but by and large it all hangs together.

I shall leave you with this question: if you were placed in the same situation, and had the presence of mind that always comes with hindsight, could you have got out of it in a simpler or easier way? Answers on a postage stamp to:

Mario Wolczko
------------------------------------------------------------------------
Dept. of Computer Science ARPA: miw%uk.ac.man.cs.ux@cs.ucl.ac.uk
The University USENET: mcvax!ukc!man.cs.ux!miw
Manchester M13 9PL JANET: miw@uk.ac.man.cs.ux
U.K. 061-273 7121 x 5699
------------------------------------------------------------------------

I don't have any friends that are smart enough to know how to spell UNIX much rather type/know "rm -rf /"

For everyones sake, http://www.miek.nl/projects/hdup2/ and http://www.miek.nl/projects/rdup/

i really really want to disable the use of "rm -rf" on my systems.
possible?
and i mean, without recompiling a lot of things to have rm removed or something...

I want to know if they found out who typed it in the first place...

Great story, pure heroism.

My first thought would be to take the drive containing home dirs out, throw it in another machine, and back it the ***** up immediately, before messing with any assembly code or any other such thing... Then work on rebuilding the machine. but maybe I'm being overly simplistic. Also things were different in 1986 I guess.

The year was 1992, on an NCR Unix server. I hit the return key too fast and it was all too late when i noticed the extra space after the '*'.

rm -f * .ext

I still find myself staring to double and triple check the the command before executing an rm operation up to this day.

Loan him the fiver, then next week blow his f*ckin head off

I've recently got into the habit of triple-checking my tar command line, after some unpleasantness where I typed "tar xzf filename.tar.gz directory/" instead of "tar czf filename.tar.gz directory/", and thus reverted everything in directory/ back to the way it was when the previous tarball was made.

Is it just me or
# cd
# rm -rf *
would only clean the content of /root/ ? (cd bringing to current user home)
That smells fake.

what kind of lama uses unix leaving his terminal with root logged in.

Since ssh and scp are in /usr/bin, you shouldn't have any trouble scping binaries over to /bin so that you don't have to write assembly. If it isn't a network enabled computer, then you should have no problem booting off a CD. If you don't want to lose your 400 days of uptime, you can use Python, Perl or any language with OS bindings for chmod, file access, etc. One of the great things about working with an open source system is if you don't want to do something one way, you can do it another way.

And a voice was crying out, "Holy Jesus, what are these goddamn animals!?"

Why, oh why, were you logged in as root?
I guess it's an old story (1996) and obviously a lot has changed in 12 years; but these days, I'd just boot from my Linux live CD, mount the hard drive, and fix everything using the tools found on the live CD. Just makes sense, and no harm no foul. I'd expect even that the /home for the Dept. of Computer Science would be on a separate RAID than the core OS, making even a complete OS reinstallation a breeze without losing any user data. Too many options, and doesn't sound like much of a horror story to me, other than the bit of time it would take to restore with a live CD.

I did not understand hardly anything in that article..

That is why you have backups that work.

I think this is why girls don't like us