190 lines
12 KiB
HTML
190 lines
12 KiB
HTML
<!DOCTYPE html>
|
||
<html>
|
||
<head>
|
||
<meta charset="utf-8">
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||
|
||
<title>How to rickroll people that try to run "rm -rf" on your system</title>
|
||
<meta name="description" content="WARNING: The method showed here could not prevent the actual execution of “rm -rf” if the “UNIX vandal” is clever enough. Proceed at your own risk, and make ...">
|
||
|
||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/skeleton/2.0.4/skeleton.min.css">
|
||
<link rel="stylesheet" href="/css/main.css">
|
||
<link href='https://fonts.googleapis.com/css?family=Hammersmith+One' rel='stylesheet' type='text/css'>
|
||
<link rel="canonical" href="http://praticamentetilde.github.io/linux/2016/07/28/how-to-rickroll-people-launching-rm-rf-on-your-system.html">
|
||
<link rel="alternate" type="application/rss+xml" title="Ramblings of an archer archer" href="http://praticamentetilde.github.io/feed.xml">
|
||
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">
|
||
<script src="https://rawgit.com/snaptortoise/konami-js/master/konami.js"></script>
|
||
<!-- Favicon -->
|
||
<link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
|
||
<link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
|
||
<link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
|
||
<link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
|
||
<link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
|
||
<link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
|
||
<link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
|
||
<link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
|
||
<link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
|
||
<link rel="icon" type="image/png" sizes="192x192" href="/android-icon-192x192.png">
|
||
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
|
||
<link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
|
||
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
|
||
<link rel="manifest" href="/manifest.json">
|
||
<meta name="msapplication-TileColor" content="#ffffff">
|
||
<meta name="msapplication-TileImage" content="/ms-icon-144x144.png">
|
||
</head>
|
||
|
||
<body>
|
||
<header class="header">
|
||
<section class="head">
|
||
<h2 class="title">Ramblings of an archer archer</h2>
|
||
<p>Things which an Arch Linux user that also owns an recurve bow can write.
|
||
</p>
|
||
</section>
|
||
<nav class="navbar">
|
||
<div class="container">
|
||
<ul class="navbar-list">
|
||
<li class="navbar-item">
|
||
<a href="/">home</a>
|
||
</li>
|
||
|
||
|
||
<li class="navbar-item">
|
||
<a href="/about/">About</a>
|
||
</li>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<li class="navbar-item">
|
||
<a href="http://www.burarco.it">My archery club</a>
|
||
</li>
|
||
<li class="navbar-item">
|
||
<a href="/feed.xml">RSS</a>
|
||
</li>
|
||
|
||
</ul>
|
||
</div>
|
||
</nav>
|
||
|
||
</header>
|
||
<main class="container">
|
||
<article class="post" itemscope itemtype="http://schema.org/BlogPosting">
|
||
|
||
<header class="post-header">
|
||
<h2 class="post-title" itemprop="name headline">How to rickroll people that try to run "rm -rf" on your system</h2>
|
||
<p class="post-meta"><time datetime="2016-07-28T16:00:00+02:00" itemprop="datePublished">Jul 28, 2016</time></p>
|
||
</header>
|
||
|
||
<div class="post-content" itemprop="articleBody">
|
||
<p><strong>WARNING: The method showed here could not prevent the actual execution of “rm -rf” if the “UNIX vandal” is clever enough. Proceed at your own risk, and make backups!</strong></p>
|
||
|
||
<p>I like Rick Astley late 80’s songs, and you can see them here in my Spotify:</p>
|
||
|
||
<p><img src="https://dl.dropboxusercontent.com/s/t9vywa4yjotxv0o/Screenshot_20160728_154506.png?dl=0" alt="dQw4w9WgXcQ" /></p>
|
||
|
||
<p>I like rickrolling people myself too, especially if they’re trying to delete my entire <code class="highlighter-rouge">/home</code> directory or, even worse, <code class="highlighter-rouge">/</code>. Since I learned how to use the <code class="highlighter-rouge">alias</code> built-in, I wanted a way to prevent that random people tinkering with my laptop (that I may forgot to lock) could delete potentially important stuff, just for fun or boredom.</p>
|
||
|
||
<p>The method that I’ll show will lock any <code class="highlighter-rouge">rm</code> command runned in both recursive and force mode, so <code class="highlighter-rouge">rm -rf</code>, <code class="highlighter-rouge">rm -f -r</code> and <code class="highlighter-rouge">rm -r --force</code> are all blocked, even if they are launched by <code class="highlighter-rouge">sudo</code>. I’m going to alias the rm command in <code class="highlighter-rouge">/etc/profile</code> <code class="highlighter-rouge">/etc/bash.bashrc</code> and in <code class="highlighter-rouge">/etc/zsh/zshrc</code> (I’m a zsh user) so that the rickroll will be possible from all users, even root and the ones with a brand new <code class="highlighter-rouge">bashrc</code> or <code class="highlighter-rouge">zshrc</code>. Here is the code I appended to those files:</p>
|
||
|
||
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="nb">alias </span><span class="nv">rm</span><span class="o">=</span>/bin/rmAlias
|
||
<span class="nb">alias </span><span class="nv">sudo</span><span class="o">=</span><span class="s1">'sudo '</span> <span class="c"># this enables aliases in sudo, see http://askubuntu.com/questions/22037/aliases-not-available-when-using-sudo</span></code></pre></figure>
|
||
|
||
<p>Since <code class="highlighter-rouge">alias</code> is not able to control the flags of the aliases (see <a href="http://apple.stackexchange.com/questions/50963/how-do-i-add-a-flag-to-an-alias">here</a>), we’re going to redirect each call of <code class="highlighter-rouge">rm</code> to <code class="highlighter-rouge">/bin/rmAlias</code>, that would run the command if it’s safe. I didn’t use a function because it’s a bit tricky to make that work with <code class="highlighter-rouge">sudo</code>. So, let’s see the code I put in <code class="highlighter-rouge">rmAlias</code>:</p>
|
||
|
||
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c">#! /bin/bash</span>
|
||
<span class="c"># Rickroll whoever tries to desert this system, even root.</span>
|
||
<span class="c"># To achieve this, set the appropriate aliases even in /etc/profile and similars.</span>
|
||
|
||
<span class="c"># Video played when rickrolling</span>
|
||
<span class="nv">ROLLVIDEO</span><span class="o">=</span>/opt/anti-rm/serious-video.mkv <span class="c"># it's just Never Gonna Give You Up on my system, but be free to customize this!</span>
|
||
|
||
rickroll<span class="o">(){</span>
|
||
<span class="nb">echo</span> <span class="s2">"Never gonna desert this system..."</span>
|
||
xdg-open <span class="nv">$ROLLVIDEO</span> 2>&1 &
|
||
<span class="nb">exit </span>0
|
||
<span class="o">}</span>
|
||
|
||
<span class="k">while </span><span class="nb">getopts</span> <span class="s2">":rf-"</span> opt; <span class="k">do</span>
|
||
<span class="c"># Prevent '--force' to be detected as -r and -f</span>
|
||
<span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"-"</span> <span class="o">]</span>; <span class="k">then
|
||
</span><span class="nv">OPTIND</span><span class="o">=</span><span class="nv">$OPTIND</span>+1
|
||
<span class="k">continue
|
||
fi
|
||
if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]</span> <span class="o">||</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"f"</span> <span class="o">]</span>; <span class="k">then
|
||
if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">""</span> <span class="o">]</span>; <span class="k">then
|
||
</span><span class="nv">tmp</span><span class="o">=</span><span class="nv">$opt</span>
|
||
<span class="k">continue
|
||
elif</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> !<span class="o">=</span> <span class="s2">"</span><span class="nv">$opt</span><span class="s2">"</span> <span class="o">]</span>; <span class="k">then
|
||
</span>rickroll
|
||
<span class="k">fi
|
||
fi
|
||
done
|
||
|
||
for </span>var <span class="k">in</span> <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span>
|
||
<span class="k">do
|
||
if</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$var</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"--force"</span> <span class="o">&&</span> <span class="s2">"</span><span class="nv">$tmp</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"r"</span> <span class="o">]]</span>; <span class="k">then
|
||
</span>rickroll
|
||
<span class="k">fi
|
||
done</span>
|
||
|
||
<span class="c"># If it's safe, just run rm</span>
|
||
/bin/rm <span class="s2">"</span><span class="nv">$@</span><span class="s2">"</span>
|
||
<span class="nb">exit</span> <span class="nv">$?</span></code></pre></figure>
|
||
|
||
<p>It may look messy to a UNIX guy more experienced than me, but it works. The <code class="highlighter-rouge">getopts</code> built-in sees if both the <code class="highlighter-rouge">-r</code> and the <code class="highlighter-rouge">-f</code> flags are used and, if so, it starts <code class="highlighter-rouge">rickroll()</code>, which opens with <code class="highlighter-rouge">xdg-open</code> that amazing clip from RickAstleyVEVO. From line 30 and below, the script checks if the <code class="highlighter-rouge">--force</code> flag is used instead of <code class="highlighter-rouge">-f</code>.</p>
|
||
|
||
<p>Give execute permissions to the script we’ve just created:</p>
|
||
|
||
<figure class="highlight"><pre><code class="language-bash" data-lang="bash"><span class="c"># chmod +x /bin/rmAlias</span></code></pre></figure>
|
||
|
||
<p>Restart your shell, and enjoy. If you want to test safely, I suggest trying to run <code class="highlighter-rouge">rm -rf</code> with no folders or one nonexistant, since this script stop even these commands.</p>
|
||
|
||
<p>If you want even more security, you can rename this script to <code class="highlighter-rouge">/bin/rm</code> and move the original one in some other place, getting rid of all the aliases. I prefer the solution above because it’s tidier: you haven’t to move anything. In fact, this could be just an AUR package…</p>
|
||
|
||
</div>
|
||
|
||
</article>
|
||
<div id="disqus_thread"></div>
|
||
<script>
|
||
/**
|
||
* RECOMMENDED CONFIGURATION VARIABLES: EDIT AND UNCOMMENT THE SECTION BELOW TO INSERT DYNAMIC VALUES FROM YOUR PLATFORM OR CMS.
|
||
* LEARN WHY DEFINING THESE VARIABLES IS IMPORTANT: https://disqus.com/admin/universalcode/#configuration-variables
|
||
*/
|
||
/*
|
||
var disqus_config = function () {
|
||
this.page.url = PAGE_URL; // Replace PAGE_URL with your page's canonical URL variable
|
||
this.page.identifier = PAGE_IDENTIFIER; // Replace PAGE_IDENTIFIER with your page's unique identifier variable
|
||
};
|
||
*/
|
||
(function() { // DON'T EDIT BELOW THIS LINE
|
||
var d = document, s = d.createElement('script');
|
||
|
||
s.src = '//ramblingsofanarcherarcher.disqus.com/embed.js';
|
||
|
||
s.setAttribute('data-timestamp', +new Date());
|
||
(d.head || d.body).appendChild(s);
|
||
})();
|
||
</script>
|
||
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript" rel="nofollow">comments powered by Disqus.</a></noscript>
|
||
|
||
|
||
</main>
|
||
<footer class="site-footer">
|
||
<div class="icons">
|
||
<a class="icon" href="https://github.com/praticamentetilde"><i class="fa fa-reddit"></i></a>
|
||
<a class="icon" href="https://www.reddit.com/user/praticamentetilde"><i class="fa fa-github"></i></a>
|
||
</div>
|
||
<h6 class="author">Claudio Maggioni 2016</h6>
|
||
</footer>
|
||
|
||
<script>
|
||
var easter_egg = new Konami();
|
||
easter_egg.load("https://www.youtube.com/watch?v=URTcCh6QVwM");
|
||
</script>
|
||
</body>
|
||
</html>
|