Disabling RM command

If you disable rm you'll end up with all manner of subtle breakage, as many tools use rm.

Also if you do this any code running system calls like unlink() or find -delete or many other rm type technologies, will no be effected by disabling rm, so you'll likely still have problems.

Expanding Alex's comment, likely best to open a 2nd question describing the problem you're trying to resolve, then ask EE'ers how they've solved similar problems in the past.

You might find an answer to this problem which will work far better than attempting to disable rm.

Tip: The likely fix will be to arrange your file permissions, so incorrect rm operations are blocked at the system call level by the permission system. Taking this approach fixes every type of file deletion which might occur, no matter what tool initiates the deletion.

Rename "/usr/bin/rm" to "/usr/bin/somethingelse".  Write a shell script named "rm" that checks for root privilege.  If the user doesn't have it, dump the command and "Sorry, you can't do that."  If the user has root, pass through the command to "somethingelse."   Then hope the users don't figure it out.

But as David says, this is going to break a colossal number of things which depend on rm, including startup scripts.

+1 for Dr. Klahn's use of the term Colossal Breakage.

Users are limited to using rm on files, directories to which they gave access.
A person who is familiar with the command, will take the extra step to see why rn is not working. And will recognized that it has been replaced eother sonething.

You of course can limit delegated (sudo users) from being able to run rm in elevated mode.

By default I need disabled using RM command for all or group of users except root user.

change the permission
by default it is 755; change to 700 and then only root can use it

chmod 700 /usr/bin/rm

Select allOpen in new window

This is an exercise in futility.

What is it you are trying to achive.
If I gave access to a file, I X an have it REMOVED from where it is without using the rm command.
Will you gave to restrict the user from the other commands?

A person who can delete the fire using rm, can zero out the file.

A backup, versioning ....

Another thing: what are you going to do about other commands like mv?!
Imagine this nice line:

mv /home/user/* /dev/null

Select allOpen in new window

You get the point, don't you?!

The example Alex gave is a really good one.

The point here, as arnold mentioned, is this... approach is an exercise in futility... if you have very smart users... or users who can use browser searches to defeat your disabling of rm.

Better to open a new question describing the exact problem you're trying to solve.

Almost certain some EE'er can provide you good direction to some alternative fix approach.

I tried to avoid giving explicit examples.

Without knowing what the problem the user is trying to solve, the only way to be sure is to deny the specific user or users access to the system.

In the past when situations like this came up and the issue was due to unsophisticated users, the solution was often to lock up the users inside a restricted menu such that they had options 1 through x and nothing else.

<opinion>
If the back story is that management feels users can't be trusted ... then there's bigger problems to deal with than disabling the use of rm.
</opinion>

Hi Experts,
                  I would like to thankyou every one for your comments, and explaining the pros and constrains in disabling rm command.
                  I had a incident were a user deleted(rm) some important files, which has resulted in production impact.
My goal is to achieve,  except root users no one should use rm command and also by disabling rm command I should not end up with some other issues.  

The only way to minimize user errors is to have good backups.
Removing functions a user may use is a never ending ..

Consider a construction site where a worker used a hammer and broke windows.
Policy, only supervisors can wielded a hammer.

Depending on the environment and sharing documents, files consider using a tool like github, cvs, subversion, etc. deals with managing data repository which includes versioning and effectively handles maining copies as backups.....