3.6 KiB
| layout | title | date | categories |
|---|---|---|---|
| post | How to rickroll people that try to run "rm -rf" on your system | 2016-07-28 16:00:00 +0200 | linux |
WARNING: The method showed here could not prevent the actual execution of "rm -rf" if the "UNIX vandal" is clever enough. Proceed at your own risk, and make backups!
I like Rick Astley late 80's songs, and you can see them here in my Spotify:
I like rickrolling people myself too, especially if they're trying to delete my entire /home directory or, even worse, /. Since I learned how to use the alias built-in, I wanted a way to prevent that random people tinkering with my laptop (that I may forgot to lock) could delete potentially important stuff, just for fun or boredom.
The method that I'll show will lock any rm command runned in both recursive and force mode, so rm -rf, rm -f -r and rm -r --force are all blocked, even if they are launched by sudo. I'm going to alias the rm command in /etc/profile /etc/bash.bashrc and in /etc/zsh/zshrc (I'm a zsh user) so that the rickroll will be possible from all users, even root and the ones with a brand new bashrc or zshrc. Here is the code I appended to those files:
{% highlight bash %} alias rm=/bin/rmAlias alias sudo='sudo ' # this enables aliases in sudo, see http://askubuntu.com/questions/22037/aliases-not-available-when-using-sudo {% endhighlight %}
Since alias is not able to control the flags of the aliases (see here), we're going to redirect each call of rm to /bin/rmAlias, that would run the command if it's safe. I didn't use a function because it's a bit tricky to make that work with sudo. So, let's see the code I put in rmAlias:
{% highlight bash %} #! /bin/bash
Rickroll whoever tries to desert this system, even root.
To achieve this, set the appropriate aliases even in /etc/profile and similars.
Video played when rickrolling
ROLLVIDEO=/opt/anti-rm/serious-video.mkv # it's just Never Gonna Give You Up on my system, but be free to customize this!
rickroll(){ echo "Never gonna desert this system..." xdg-open $ROLLVIDEO 2>&1 & exit 0 }
while getopts ":rf-" opt; do
Prevent '--force' to be detected as -r and -f
if [ "$opt" = "-" ]; then OPTIND=$OPTIND+1 continue fi if [ "$opt" = "r" ] || [ "$opt" = "f" ]; then if [ "$tmp" = "" ]; then tmp=$opt continue elif [ "$tmp" != "$opt" ]; then rickroll fi fi done
for var in "$@" do if ; then rickroll fi done
If it's safe, just run rm
/bin/rm "$@" exit $? {% endhighlight %}
It may look messy to a UNIX guy more experienced than me, but it works. The getopts built-in sees if both the -r and the -f flags are used and, if so, it starts rickroll(), which opens with xdg-open that amazing clip from RickAstleyVEVO. From line 30 and below, the script checks if the --force flag is used instead of -f.
Give execute permissions to the script we've just created:
{% highlight bash %}
chmod +x /bin/rmAlias
{% endhighlight %}
Restart your shell, and enjoy. If you want to test safely, I suggest trying to run rm -rf with no folders or one nonexistant, since this script stop even these commands.
If you want even more security, you can rename this script to /bin/rm and move the original one in some other place, getting rid of all the aliases. I prefer the solution above because it's tidier: you haven't to move anything. In fact, this could be just an AUR package...