The safety expansion for FreeBSD rm(1)
Daichi GOTO
daichi at freebsd.org
Thu Sep 27 04:37:25 PDT 2007
Oliver Fromme wrote:
> Daichi GOTO wrote:
> > Have you any dreams that rm(1) autonomously judges target should
> > be remove or not? To complexify system base command is objectionable
> > behavior but adding some little and simple mechanism to prevent a
> > issue is acceptable I suppose.
>
> I think it could cause confusion for some users or admins.
>
> It could also be dangerous. I remember an emergency case
> when /home was an NFS mount that was dead, i.e. every
> process that tried to access something in /home just hung
> forever in state "D" (disk wait). During the emergency
> actions on the serial console I also needed to use the
> rm(1) command ... Now if it tried to read ~/.rm, it would
> have drawn me mouch deeper into trouble than I already
> were. :-) True, the -f option would have prevented it,
> _if_ I remembered before to use it.
We have realized that issue, but do not understand thats
cause still now. Do you know the reason?
> A common precaution against accidental rm is to establish
> a snapshot rotation system. For example, create hourly
> snapshots (with a cron job) and delete them automatically
> after a while. So if you accidentally remove something,
> you can copy it back from the latest snapshot. NetApp
> Filers have such a feature built-in. You can also easily
> set it up yourself with ZFS, or even with UFS snapshots,
> although the latter are a bit heavyweight, IMHO.
Yes. At the moment ZFS looks a best way of snapshot feature.
I have heard that snapshot of UFS2 is slow under very
mass files and heavy load situation.
> And finally, there is chflags(1). If you know in advance
> that certain files or directories must not be removed,
> then "chflags schg" or "chflags uchg" them. That's the
> same effect as creating a ~/.rm file with your patch.
Yes. It is one of the ways :)
> Another advantage of chflags(1) is that it also protects
> against other kinds of damage. For example when using
> shell redirection ("echo > some/important/file"), cp, dd
> or other commands. In those cases chflags also offers
> protection (and a snapshot would offer recovery), while
> your patch only protects against rm and nothing else.
>
> Just my 2 cents.
>
> Best regards
> Oliver
--
Daichi GOTO, http://people.freebsd.org/~daichi
More information about the freebsd-current
mailing list