Solved

Restrict "rm -rf *" command in Linux/Unix ?

Posted on 2009-05-06
6
1,977 Views
Last Modified: 2013-12-16
Hi All,

Can anyone suggest me how to restrict the "rm -rf *" command.

I want to restrict some users accidently typing the "rm -rf *" command from a login at unintended directory. (Say if i want to delete log files in log directory and uses "rm -rf *" command and later found out that i was in HOME ?????)

I tried <<alias rm "rm -i">>. The above command interactively asks me before deleting.
But the problem comes when the -f option is used. It overrides others and just deletes.

Just needs to know, how i can restrict this command.

Thanks for your valuable suggestions...
0
Comment
Question by:satishex
6 Comments
 
LVL 15

Expert Comment

by:Haris Djulic
ID: 24323060
maybe you can try with the sudo command + sudoers file... i that file you can restrict/allow commands per user, group, host.

more details can be found here

http://linux.about.com/od/commands/l/blcmdl8_sudo.htm

0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24323164
Hi yah
normal user who does not have root priviligies would not able to delete any log file , he would only able to delete his own home directory file and the file he created

so all those user you are talking about, are the root priviligies user ?? in that case you would not be able to restrict them

only way to use sudo file as samo4fun said
0
 
LVL 5

Accepted Solution

by:
0ren earned 30 total points
ID: 24323322
you can create a script named rm and replace the original rm.
inside the new script create if condition that check and pass the flags to the rm.

0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 14

Assisted Solution

by:small_student
small_student earned 20 total points
ID: 24325024
There are some othe solutions you might make use of

1- use the sticky bit , it will prevent any one from deleting a file if he is not he owner , even if the file had rwx for other

chmod 1777 /pubdir

2- use extended attributes imune bit, it prevents a file from being modified , deleted or linked

chattr +i filename

0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 24325948
It seesm to me that all users are logging on using the same account. If this is the case try to create separate accounts for all the users and try further restrict  their file owning rights.

Make sure that they go root using su / sudo only but not login as root.

Make use od Sticky bit if a directory contains files from different users.

Apart from that feed them with enuogh coffee to ensure that they have at least RDA amount of caffeine and kept awake during their shift :)
0
 

Author Comment

by:satishex
ID: 24327119
Thanks all for your valuable replies :-)
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question