Lost Website

I’ve been using the Mercurial Shell Prompt hack for a while until I got annoyed at it. It caused a Python interpeter to start at every prompt, which is expansize especially if your system is already under strain.

This new shell hack is a lot faster much more generic. This small snippet is used to dynamically set the title of the terminal window in the following situation:

• if the terminal is at the prompt, set the title of the window to the name of the current directory
• if a program is running, set the title of the window to the name of the running program

The code is pretty straightforward. It uses prompt expansion and a magical escape sequence which is understood by the terminal.

case $TERM in
    xterm*)
        precmd () {print -Pn "\e]0;%1~\a"}
        preexec () {print -n "\e]0;$1\a"}
        ;;
esac

This is for Zsh. See this page for how to do the same with Bash and other shells.

There are a lot of variants you can make in the format of the title. Check your shell manual for more information.

If you use Konsole or GNOME Terminal, make sure they are configured to actually use what the emulated terminal dumps. Konsole has an option to set the terminal name to what you want so I suppose the GNOME Terminal has a similar feature.

As usual, I’m not claiming I’ve invented this. I probably read this on a blog somewhere, but I don’t remember where. This is too bad for me because I missing on possible pingbacks. Kudos to whoever I’ve picked this from.

Zsh manual links

• Zsh Prompt Expansion
• Zsh Special Functions

In my last post I’ve shown that some people are annoyed at the fact that they can no longer erase their root directory simply by typing rm -rf /. I’m happy that this possibility is removed. I’m not scared that means Linux is being dumbed down. There are already some safeguards in Linux and nobody is complaining about them because they guard even seasoned users to do things that are dangerous or silly.

Proper safeguards

dpkg won’t remove itself

Erasing the primary package manager on your system prevents your from installing any other package. It is hard to argue that it is a good thing to let that happen without warnings.

fdgonthier@moka:~/ > sudo dpkg --purge dpkg
dpkg: error processing dpkg (--purge):
 This is an essential package - it should not be removed.
Errors were encountered while processing:
 dpkg

You can still erase dpkg if you want by using the --force-remove-essential option. I can actually think of reasons somebody might want to do that but this is a bad idea, and probably a mistake, most of the time its attempted. dpkg and apt protect essential and important packages on a Debian system by asking for obscure force options or confirmation, depending on what is attempted.

You can’t unmount /

fdgonthier@moka:~/ > sudo umount /
umount: /: device is busy
umount: /: device is busy

That is akin to removing the wheels of a running car. You can’t even force-unmount it.

You really shouldn’t fsck a drive in use

It is possible to do that, but when you call fsck.ext3 on a mounted partition, it will ask you with a rather serious prompt if you really want to proceed. fsck.ext3 has a force option but it has no effects on this prompt. This speaks volume about how much doing this is discouraged.

In good Unix fashion it is still possible to do it if you really want to but the developer of fsck.ext3 has made clear in the man page that you don’t want to do that.

Some kernel modules can’t be unloaded

modprobe has a force option (-f) too. It can be used to unload reluctant modules. It is clearly documented in modprobe manual page that removing by force may crash your system. I’ve used it a few times, it worked a few times, it crashed a few times, but most of the time it will not work if the module is important.

Why should it be possible to remove the module for the computer chipset while it is running? The answer is left to the imagination of the reader. I think its a good thing this kind of module won’t unload.

You can’t kill the init process

kill -9 1 will do nothing. This is actually hardcoded in the Linux kernel. The init process is the mother of all process in the system. Without it, you won’t be able to boot, or reboot, or use your virtual consoles. It is the reaper of zombies so if it dies, prepare for zombie invasion. There is really no reason to kill this process, ever.

You can’t format a mounted filesystem

fdgonthier@moka:~/ > sudo mkfs.ext3 /dev/sda1
mke2fs 1.41.5 (23-Apr-2009)
/dev/sda1 is mounted; will not make a filesystem here!

mkfs.ext3 offers a way to force this but you have to use the force option (-F)twice.

Files in /dev are dynamically recreated

The health of your system is no longer tied to what is in the mysterious /dev directory. You can delete those files if you wan’t, and, depending what you erase, your currently running system may or may not be affected, but those problems will not survive a reboot or the invocation of /etc/init.d/udev restart.

GUI environment won’t let you in the dark

This is something common now. If for some reason, you change your resolution to something your monitor can’t support and your screen goes blank, desktop environment will automatically switch to your last used resolution. This is a safety mechanism preventing desktop users to set their screen to a resolution that leaves them without graphic display. Any resolution can still be configured statically into the system-wide xorg.conf if necessary.

Conclusion

All the safeguards and behaviors I’ve described above go against the Do What I Mean (DWIM) philosophy of Unix, and the something against the semantic of some option of the command: the kernel won’t let you unload your chipset module because it won’t work without it, mkfs.ext3 won’t let your format a partition that is in use because it’s certainly not what you want to do, dpkg won’t let your remove itself because there is a chance you won’t be able to reinstall it after it was removed.

If you think doing anything of what I’ve named above would be totaly stupid anyway, then you are right. Good safeguards aren’t there to nag you, and won’t ask you to double check everything you do. They simply prevent you from doing things that are possibly catastrophically detrimental to your system. Stop thinking rm -rf / should work because the Unix pilosophy about DYIM, because some command you can type have might no meaning at all.

---

Then a few things surprised me…

While testing potentially destructive commands in my test virtual machine, I’ve found I was able to do things I think I shouldn’t have. There might be some reason those things are possible. If you know why, please comment.

deluser: delete the root user

You can run deluser root as root without problems. This is of no consequences to the system because the root user is always the user with UID 0, but I think many scripts would be broken by that.

mkfs.ext3: tries to formats a directory

I don’t think a directory can hold a ext3 filesystem, yet mkfs.ext3 /etc will still try to proceed, and fail, after showing a warning telling that will probably won’t work.

fdgonthier@moka:~/ > sudo mkfs.ext3 /etc
[sudo] password for fdgonthier:
mke2fs 1.41.5 (23-Apr-2009)
/etc is not a block special device.
Proceed anyway? (y,n) y
mkfs.ext3: Device size reported to be zero.  Invalid partition specified, or
        partition table wasn't reread after running fdisk, due to
        a modified partition being busy and in use.  You may need to reboot
        to re-read your partition table.

Should it even bother to try?

fdisk: delete an active, mounted partition

fsck.ext3 detects that if targeted partition is mounted. I don’t see why fdisk couldn’t do that. I think there is a good chance that deleting a mounted partition is a mistake and there is not even a warning before proceeding.

unmount /proc and /sys

Those pseudofilesystem have become necessary to a lot of program. It’s a bit weird that you can just unmount them without warnings.

More silly things…

cat /dev/urandom > /dev/mem will very quickly crashes your system. There are multiple variant to that, which are all as efficient as rm -rf / at causing harm to a Linux system.

Those silly commands are unlikely to outside forum of Linux users that love to abuse n00bs, so safeguarding against them is of little importance. Still, why should a superuser shell should have such a raw access to disk devices? Is it necessary? Is there a way to mitigate that?

---

If you like that post, please subscribe to my
RSS feed. More readers would motivate me to keep writing at least once a week.

A followup…

This entry now has a followup: Good safeguards.

Update

It was pointed to me from Reddit and from a commenter that the -f flag in rm -rf is the force flag and isn’t part of the command. I’m willing to admit I’m wrong and probably overuse the force flag, but I didn’t remember how I got that bad habit.

I then retried the rm -r command on a directory in /tmp. This directory is owned by me but happens to include some files owned by root. I’m allowed to erase those files, but for each file I don’t own, I get a prompt asking me to confirm. This gets annoying quickly and had this not been a test I would have hit Ctrl+C and re-run the command with -f. If you often work with directories with mixed permissions (and I do), you can quicly get into the habit of running rm using the force flag.

This weakens the value of the -f flag for protecting against the huge mistake that is erasing /.

Original post

Did you know that rm -rf / no longer works on recent Ubuntu version? I bet you did not because this command tends to be a bit destructive.

I did not know that. I’ve never been bitten by an accidental rm -rf / but the possibility scares the hell out of me whenever I do a command in my root directory or whenever I write scripts thats erase files.

I’m a seasoned Linux user, yet I was pleased to know that Ubuntu now has that command refuse to work by default. rm -rf / now comes with the implied --preserve-root switch which returns an error when it attemps to erase the root directory.

I’m happy because that command has little reasons to exists beyond the mere fact that rm -rf is meant to unconditionnally erases files and directory: ie, a sole rmsysroot command would not exists. It would make as much sense as a car designed to only crash into the first tree.

Yet, some people oppose such a safeguard. The people that oppose this are probably the kind that made some people come up with sarcasms such as this lovely t-shirt.

LWN’s John Corbet has made a pretty good article about why its a good thing that rm -rf / is safeguarded against errors so I’m not going to rewrite a whole article about that. Let’s just repeat what I find important:

• unguarded rm -rf / might not just happen on the command line, but in scripts too, and at times where you can’t just hit Ctrl+C to save a part of your day
• its just too easy to make a syntax error in a command and type rm -rf / tmp/* when you meant to type rm -rf /tmp/*
• if you really want to remove /, you can use the --no-preserve-root switch.

Now let’s just look at the people who opposes this. Here are some pearls form people complaining about this new feature. I’ve found them on the Launchpad bug report and a blog funnily named Ubuntard. I think naming the authors of those quotes is useless. Suffice to know and weep that they exists.

Also, this directly conflicts with the functionality of the ‘-f’ switch, without which there ALREADY IS CONFIRMATION OF EVERY DELETION.

Bullshit. The -f is not a confirmation, it’s part of the command. Confirmation should come after the command.

So, what’s next? Patch dd to prevent it from wiping your partition?

Well, yes, dd sucks indeed should probably changed. But that’s the subject for another blog post. The point is that I use rm -rf at work up to several times per hour, and I use dd a few times per year. I doubt this is generalizing to say that rm has a much higher potential for errors for every Linux shell users than dd ever has and ever will.

Couldn’t agree more with you. If people don’t know what they are doing, they shouldn’t be working the command line anyway.[...]

rm is not a gun, dynamite, or C4. It erases files. I’ve got 172583 files on this small computer, chances are some of them are superflous and need to be erased. There should not be any remote risk that I erase all my disk if I want to remove just one.

Safety if for bitches. Knowledge is for winners.

No comments. Let’s just say that I hope this person finds a creative, unsafeguarded, way to nuke his system.

[...] come to think of it, if I’d been given a stupid error message telling me not to do that, I’d probably have punched a hole in my CRT instead.

… or yeah, he can do that too! I could go on for quite a while, but the pearl, that is actually repeated more than once, is the invocation of the “Unix philsophy”.

Changes of this nature are destructive to the philosophy of *nix, and is a step closer to the laughable click-the-dialog-box security of Windows Vista.

This is a safeguard; a satefy cushion. This is the program saying “You can’t really be that stupid so I’m not letting you do that!”

Don’t tell me about this so called Unix philosophy! Unix is evolving and when technology evolves, it also tends to grow features that keep people from shooting themselves in the foot. This is why cars have airbags, this is why some laptops have spill guards and free-fall sensors, and also why your water heater doesn’t blow up your house.

Just like people that want to drive without airbags can just remove them, Unix doesn’t bolt the --preserve-root option onto the rm command. It’s probably easy enough to take the coreutils package, change its build options to disable --preserve-root. I could probably write some instructions to do that in a few paragraphs, but since I think doing that would be stupid, I won’t!

Some other people have mastered the art of pulling numbers out of their ass. This is deadly common on commercial TV where marketers just say things like it improves your performance by 200% percent, or this vaccum sucks twice as good as the other brand. Marketers may have a basis for this number, but they certainly won’t explain them in their costly 30 second break, won’t they?

But commercial break at the time you get up and take a leak afterall, nevermind their content…

What is more worring is when the mainstream media starts throwing numbers around the same way as they are in marketing. This is not a rant about how statistics can be manipulated at anyone’s profit. I’m talking about the generally bad habit the media have to cite number that are totally meanlingless for people uninitiated to the source of the data, that is, most people.

You can compare that to shopping for something without any prior knowledge of the value of the item you are aiming to buy. You usually compare prices of similar items to discover the scale of the numbers. Yet, the media keep throwing at us numbers that are meanlingless for most people.

This is specially obvious lately with the swine flu scare, but as my friend Steven said, and as I will repeat below, we are not coughing up bacon yet.

Here are a few example of numbers cited with comparison, which means, that for most people they could as well have been pulled from thin air.

From CBC:“Around the world, the number of confirmed swine flu cases stood at 1,490, with 29 deaths related to the outbreak of the new H1N1 virus, Keiji Fukuda, assistant director-general of the World Health Organization, said Tuesday.”

Like said above, the estimated number of death of regular flu every where, in US, is 36000. More people die of car bomb in Iraq, daily. Yes, Iraq is far away, but we can also ask ourselves if the deaths are directly or indirectly attributable to swine flu?

From Alternet.org:“the results of a study indicating that 200,000 two- to four-year-olds had been prescribed Ritalin for an “attention disorder” from 1991 to 1995.”.That certainly seems a lot, but it means nothing if I don’t know how many two to four-years old have not been prescribed ritaling.

Finally, you can find at various places that the Iraq War, or that fixing Global Warming, would cost trillions of dollars.

A trillion of dollar is a number very few people can size. You can’t look at anything in the world and say hey, this is worth a trillion bucks. Those numbers are so high that you can theorize that they are subject of heavy estimation, or obtained by calculation so complex that it makes the margin of error of the final result totally uncountable. Anybody can doubt the process by which such a number obtained, even if its by reputable persons or institutions. This weakens the position of whoever put forward such an huge number as an argument in a debate.

At this scale, people comprehend better if you say a shitload of money instead of whatever big number you calculated. Afterall, the shitload might be a relative quantity, but its near the top of the scale for everybody, from the poorest to the richest.