Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
rocket
Aug 16, 2002

LLLLLLLLLLL
LLLLLLLLLLL
LLLLLADIES!


Comradephate posted:

rm -rf * won't do anything on a modern system.

You have to run rm -rf * --no-preserve-root or rm -rf /* if you want to wipe out the system for some reason.

(congrats on the new job!)

In a previous job, one of the regular maintenance tasks was manually deleting old deleted email from the email servers. You had to go into the directory and do 'rm -rf *' to clear it out and make space when the servers started to get full. the path was something like /taurus/home/users/trash. I accidently did this from one directory above, when I had already been up all night on call. Luckily my genius boss used DRBD to mirror the servers, and figured out how to restore the data from the shadow copy/cache, but it still took more than a day to restore.
I was told the method for doing this maintenance, but was told after the fact there was also a script I could run.

This was even on CentOS, but not with SELinux features turned on.

I had a similar slip-up doing manual SQL database updates in MySQL something like 'update users=suspended where a equals'. Basically I didn't complete the statement and accidently hit enter, so it affected a poo poo-ton of users and froze up the MySQL server for a while.

This was when I thought maybe I had ADHD... (and I did.)

rocket fucked around with this message at 19:41 on Jul 28, 2014

Adbot
ADBOT LOVES YOU

rocket
Aug 16, 2002

LLLLLLLLLLL
LLLLLLLLLLL
LLLLLADIES!


Ok, I guess SELinux is mostly for protecting system memory from malicious programs.

rocket
Aug 16, 2002

LLLLLLLLLLL
LLLLLLLLLLL
LLLLLADIES!


evol262 posted:

SELinux is does a lot more than that, but it's way beyond the scope of this discussion. It doesn't protect you from yourself, though (it can, but not in default config, and Linux facls can also protect the system from root doing this, but also beyond the scope).

Always check (especially in scripts that blindly "cd /somedir; rm -rf *"), never "rm -rf .*", etc.

It's just nice to know that it can be done. Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply