Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2200
  • Last Modified:

Restrict "rm -rf *" command in Linux/Unix ?

Hi All,

Can anyone suggest me how to restrict the "rm -rf *" command.

I want to restrict some users accidently typing the "rm -rf *" command from a login at unintended directory. (Say if i want to delete log files in log directory and uses "rm -rf *" command and later found out that i was in HOME ?????)

I tried <<alias rm "rm -i">>. The above command interactively asks me before deleting.
But the problem comes when the -f option is used. It overrides others and just deletes.

Just needs to know, how i can restrict this command.

Thanks for your valuable suggestions...
0
satishex
Asked:
satishex
2 Solutions
 
Haris DjulicCommented:
maybe you can try with the sudo command + sudoers file... i that file you can restrict/allow commands per user, group, host.

more details can be found here

http://linux.about.com/od/commands/l/blcmdl8_sudo.htm

0
 
fosiul01Commented:
Hi yah
normal user who does not have root priviligies would not able to delete any log file , he would only able to delete his own home directory file and the file he created

so all those user you are talking about, are the root priviligies user ?? in that case you would not be able to restrict them

only way to use sudo file as samo4fun said
0
 
0renCommented:
you can create a script named rm and replace the original rm.
inside the new script create if condition that check and pass the flags to the rm.

0
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

 
Monis MontherSystem ArchitectCommented:
There are some othe solutions you might make use of

1- use the sticky bit , it will prevent any one from deleting a file if he is not he owner , even if the file had rwx for other

chmod 1777 /pubdir

2- use extended attributes imune bit, it prevents a file from being modified , deleted or linked

chattr +i filename

0
 
Kerem ERSOYPresidentCommented:
It seesm to me that all users are logging on using the same account. If this is the case try to create separate accounts for all the users and try further restrict  their file owning rights.

Make sure that they go root using su / sudo only but not login as root.

Make use od Sticky bit if a directory contains files from different users.

Apart from that feed them with enuogh coffee to ensure that they have at least RDA amount of caffeine and kept awake during their shift :)
0
 
satishexAuthor Commented:
Thanks all for your valuable replies :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now