maggioni.xyz/_site/linux/2016/07/28/how-to-rickroll-people-launching-rm-rf-on-your-system.html

192 lines
12 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>How to rickroll people that try to run &quot;rm -rf&quot; on your system</title>
<meta name="description" content="WARNING: The method showed here could not prevent the actual execution of “rm -rf” if the “UNIX vandal” is clever enough. Proceed at your own risk, and make ...">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/skeleton/2.0.4/skeleton.min.css">
<link rel="stylesheet" href="/css/main.css">
<link href='https://fonts.googleapis.com/css?family=Hammersmith+One' rel='stylesheet' type='text/css'>
<link rel="canonical" href="http://praticamentetilde.github.io/linux/2016/07/28/how-to-rickroll-people-launching-rm-rf-on-your-system.html">
<link rel="alternate" type="application/rss+xml" title="Ramblings of an archer archer" href="http://praticamentetilde.github.io/feed.xml">
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">
<script src="https://rawgit.com/snaptortoise/konami-js/master/konami.js"></script>
<!-- Favicon -->
<link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
<link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
<link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
<link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
<link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
<link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
<link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
<link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
<link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
<link rel="icon" type="image/png" sizes="192x192" href="/android-icon-192x192.png">
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
<link rel="manifest" href="/manifest.json">
<meta name="msapplication-TileColor" content="#ffffff">
<meta name="msapplication-TileImage" content="/ms-icon-144x144.png">
</head>
<body>
<header class="header">
<section class="head">
<h2 class="title">Ramblings of an archer archer</h2>
<p>Things which an Arch Linux user that also owns an recurve bow can write.
</p>
</section>
<nav class="navbar">
<div class="container">
<ul class="navbar-list">
<li class="navbar-item">
<a href="/">home</a>
</li>
<li class="navbar-item">
<a href="/about/">About</a>
</li>
<li class="navbar-item">
<a href="http://www.burarco.it">My archery club</a>
</li>
<li class="navbar-item">
<a href="/feed.xml">RSS</a>
</li>
</ul>
</div>
</nav>
</header>
<main class="container">
<article class="post" itemscope itemtype="http://schema.org/BlogPosting">
<header class="post-header">
<h2 class="post-title" itemprop="name headline">How to rickroll people that try to run "rm -rf" on your system</h2>
<p class="post-meta"><time datetime="2016-07-28T16:00:00+02:00" itemprop="datePublished">Jul 28, 2016</time></p>
</header>
<div class="post-content" itemprop="articleBody">
<p><strong>WARNING: The method showed here could not prevent the actual execution of “rm -rf” if the “UNIX vandal” is clever enough. Proceed at your own risk, and make backups!</strong></p>
<p>I like Rick Astley late 80s songs, and you can see them here in my Spotify:</p>
<p><img src="https://dl.dropboxusercontent.com/s/t9vywa4yjotxv0o/Screenshot_20160728_154506.png?dl=0" alt="dQw4w9WgXcQ" /></p>
<p>I like rickrolling people myself too, especially if theyre trying to delete my entire <code class="highlighter-rouge">/home</code> directory or, even worse, <code class="highlighter-rouge">/</code>. Since I learned how to use the <code class="highlighter-rouge">alias</code> built-in, I wanted a way to prevent that random people tinkering with my laptop (that I may forgot to lock) could delete potentially important stuff, just for fun or boredom.</p>
<p>The method that Ill show will lock any <code class="highlighter-rouge">rm</code> command runned in both recursive and force mode, so <code class="highlighter-rouge">rm -rf</code>, <code class="highlighter-rouge">rm -f -r</code> and <code class="highlighter-rouge">rm -r --force</code> are all blocked, even if they are launched by <code class="highlighter-rouge">sudo</code>. Im going to alias the rm command in <code class="highlighter-rouge">/etc/profile</code> <code class="highlighter-rouge">/etc/bash.bashrc</code> and in <code class="highlighter-rouge">/etc/zsh/zshrc</code> (Im a zsh user) so that the rickroll will be possible from all users, even root and the ones with a brand new <code class="highlighter-rouge">bashrc</code> or <code class="highlighter-rouge">zshrc</code>. Here is the code I appended to those files:</p>
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="nb">alias </span><span class="nv">rm</span><span class="o">=</span>/bin/rmAlias
<span class="nb">alias </span><span class="nv">sudo</span><span class="o">=</span><span class="s1">'sudo '</span> <span class="c"># this enables aliases in sudo, see http://askubuntu.com/questions/22037/aliases-not-available-when-using-sudo</span></code></pre></figure>
<p>Since <code class="highlighter-rouge">alias</code> is not able to control the flags of the aliases (see <a href="http://apple.stackexchange.com/questions/50963/how-do-i-add-a-flag-to-an-alias">here</a>), were going to redirect each call of <code class="highlighter-rouge">rm</code> to <code class="highlighter-rouge">/bin/rmAlias</code>, that would run the command if its safe. I didnt use a function because its a bit tricky to make that work with <code class="highlighter-rouge">sudo</code>. So, lets see the code I put in <code class="highlighter-rouge">rmAlias</code>:</p>
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c">#! /bin/bash</span>
<span class="c"># Rickroll whoever tries to desert this system, even root.</span>
<span class="c"># To achieve this, set the appropriate aliases even in /etc/profile and similars.</span>
<span class="c"># Video played when rickrolling</span>
<span class="nv">ROLLVIDEO</span><span class="o">=</span>/opt/anti-rm/serious-video.mkv <span class="c"># it's just Never Gonna Give You Up on my system, but be free to customize this!</span>
rickroll<span class="o">(){</span>
<span class="nb">echo</span> <span class="s2">"Never gonna desert this system..."</span>
xdg-open <span class="nv">$ROLLVIDEO</span> 2&gt;&amp;1 &amp;
<span class="nb">exit </span>0
<span class="o">}</span>
<span class="k">while </span><span class="nb">getopts</span> <span class="s2">":rf-"</span> opt; <span class="k">do</span>
<span class="c"># Prevent '--force' to be detected as -r and -f</span>
<span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"-"</span> <span class="o">]</span>; <span class="k">then
</span><span class="nv">OPTIND</span><span class="o">=</span><span class="nv">$OPTIND</span>+1
<span class="k">continue
fi
if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]</span> <span class="o">||</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"f"</span> <span class="o">]</span>; <span class="k">then
if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">""</span> <span class="o">]</span>; <span class="k">then
</span><span class="nv">tmp</span><span class="o">=</span><span class="nv">$opt</span>
<span class="k">continue
elif</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> !<span class="o">=</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">]</span>; <span class="k">then
</span>rickroll
<span class="k">fi
fi
done
for </span>var <span class="k">in</span> <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span>
<span class="k">do
if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$var</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"--force"</span> <span class="o">&amp;&amp;</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]]</span>; <span class="k">then
</span>rickroll
<span class="k">fi
done</span>
<span class="c"># If it's safe, just run rm</span>
/bin/rm <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span>
<span class="nb">exit</span> <span class="nv">$?</span></code></pre></figure>
<p>It may look messy to a UNIX guy more experienced than me, but it works. The <code class="highlighter-rouge">getopts</code> built-in sees if both the <code class="highlighter-rouge">-r</code> and the <code class="highlighter-rouge">-f</code> flags are used and, if so, it starts <code class="highlighter-rouge">rickroll()</code>, which opens with <code class="highlighter-rouge">xdg-open</code> that amazing clip from RickAstleyVEVO. From line 30 and below, the script checks if the <code class="highlighter-rouge">--force</code> flag is used instead of <code class="highlighter-rouge">-f</code>.</p>
<p>Give execute permissions to the script weve just created:</p>
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c"># chmod +x /bin/rmAlias</span></code></pre></figure>
<p>Restart your shell, and enjoy. If you want to test safely, I suggest trying to run <code class="highlighter-rouge">rm -rf</code> with no folders or one nonexistant, since this script stop even these commands.</p>
<p>If you want even more security, you can rename this script to <code class="highlighter-rouge">/bin/rm</code> and move the original one in some other place, getting rid of all the aliases. I prefer the solution above because its tidier: you havent to move anything. In fact, this could be just an AUR package…</p>
</div>
</article>
<div id="disqus_thread"></div>
<script>
/**
* RECOMMENDED CONFIGURATION VARIABLES: EDIT AND UNCOMMENT THE SECTION BELOW TO INSERT DYNAMIC VALUES FROM YOUR PLATFORM OR CMS.
* LEARN WHY DEFINING THESE VARIABLES IS IMPORTANT: https://disqus.com/admin/universalcode/#configuration-variables
*/
/*
var disqus_config = function () {
this.page.url = PAGE_URL; // Replace PAGE_URL with your page's canonical URL variable
this.page.identifier = PAGE_IDENTIFIER; // Replace PAGE_IDENTIFIER with your page's unique identifier variable
};
*/
(function() { // DON'T EDIT BELOW THIS LINE
var d = document, s = d.createElement('script');
s.src = '//ramblingsofanarcherarcher.disqus.com/embed.js';
s.setAttribute('data-timestamp', +new Date());
(d.head || d.body).appendChild(s);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript" rel="nofollow">comments powered by Disqus.</a></noscript>
</main>
<footer class="site-footer">
<div class="icons">
<a class="icon" href="https://github.com/praticamentetilde"><i class="fa fa-github"></i></a>
<a class="icon" href="https://www.reddit.com/user/praticamentetilde"><i class="fa fa-reddit"></i></a>
</div>
<h6 class="author">Claudio Maggioni 2016</h6>
</footer>
<script>
var easter_egg = new Konami();
easter_egg.load("https://www.youtube.com/watch?v=URTcCh6QVwM");
</script>
</body>
</html>