Solved

Restrict "rm -rf *" command in Linux/Unix ?

Posted on 2009-05-06
6
2,012 Views
Last Modified: 2013-12-16
Hi All,

Can anyone suggest me how to restrict the "rm -rf *" command.

I want to restrict some users accidently typing the "rm -rf *" command from a login at unintended directory. (Say if i want to delete log files in log directory and uses "rm -rf *" command and later found out that i was in HOME ?????)

I tried <<alias rm "rm -i">>. The above command interactively asks me before deleting.
But the problem comes when the -f option is used. It overrides others and just deletes.

Just needs to know, how i can restrict this command.

Thanks for your valuable suggestions...
0
Comment
Question by:satishex
6 Comments
 
LVL 15

Expert Comment

by:Haris Djulic
ID: 24323060
maybe you can try with the sudo command + sudoers file... i that file you can restrict/allow commands per user, group, host.

more details can be found here

http://linux.about.com/od/commands/l/blcmdl8_sudo.htm

0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24323164
Hi yah
normal user who does not have root priviligies would not able to delete any log file , he would only able to delete his own home directory file and the file he created

so all those user you are talking about, are the root priviligies user ?? in that case you would not be able to restrict them

only way to use sudo file as samo4fun said
0
 
LVL 5

Accepted Solution

by:
0ren earned 30 total points
ID: 24323322
you can create a script named rm and replace the original rm.
inside the new script create if condition that check and pass the flags to the rm.

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 20 total points
ID: 24325024
There are some othe solutions you might make use of

1- use the sticky bit , it will prevent any one from deleting a file if he is not he owner , even if the file had rwx for other

chmod 1777 /pubdir

2- use extended attributes imune bit, it prevents a file from being modified , deleted or linked

chattr +i filename

0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 24325948
It seesm to me that all users are logging on using the same account. If this is the case try to create separate accounts for all the users and try further restrict  their file owning rights.

Make sure that they go root using su / sudo only but not login as root.

Make use od Sticky bit if a directory contains files from different users.

Apart from that feed them with enuogh coffee to ensure that they have at least RDA amount of caffeine and kept awake during their shift :)
0
 

Author Comment

by:satishex
ID: 24327119
Thanks all for your valuable replies :-)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question