Date: Tue, 25 Sep 2007 20:00:47 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-current@FreeBSD.ORG, Masanori OZAWA <ozawa@ongs.co.jp>, Masanori OZAWA <ozawa@ongs.co.jp> Subject: Re: The safety expansion for FreeBSD rm(1) Message-ID: <200709251800.l8PI0lof013108@lurza.secnetix.de> In-Reply-To: <46F905FD.9060208@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Daichi GOTO wrote: > Have you any dreams that rm(1) autonomously judges target should > be remove or not? To complexify system base command is objectionable > behavior but adding some little and simple mechanism to prevent a > issue is acceptable I suppose. I think it could cause confusion for some users or admins. It could also be dangerous. I remember an emergency case when /home was an NFS mount that was dead, i.e. every process that tried to access something in /home just hung forever in state "D" (disk wait). During the emergency actions on the serial console I also needed to use the rm(1) command ... Now if it tried to read ~/.rm, it would have drawn me mouch deeper into trouble than I already were. :-) True, the -f option would have prevented it, _if_ I remembered before to use it. A common precaution against accidental rm is to establish a snapshot rotation system. For example, create hourly snapshots (with a cron job) and delete them automatically after a while. So if you accidentally remove something, you can copy it back from the latest snapshot. NetApp Filers have such a feature built-in. You can also easily set it up yourself with ZFS, or even with UFS snapshots, although the latter are a bit heavyweight, IMHO. And finally, there is chflags(1). If you know in advance that certain files or directories must not be removed, then "chflags schg" or "chflags uchg" them. That's the same effect as creating a ~/.rm file with your patch. Another advantage of chflags(1) is that it also protects against other kinds of damage. For example when using shell redirection ("echo > some/important/file"), cp, dd or other commands. In those cases chflags also offers protection (and a snapshot would offer recovery), while your patch only protects against rm and nothing else. Just my 2 cents. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "It combines all the worst aspects of C and Lisp: a billion different sublanguages in one monolithic executable. It combines the power of C with the readability of PostScript." -- Jamie Zawinski, when asked: "What's wrong with perl?"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709251800.l8PI0lof013108>