128 lines
4.1 KiB
HTML
128 lines
4.1 KiB
HTML
---
|
|
layout: post
|
|
title: "How to rickroll people that try to run \"rm -rf\" on your system"
|
|
date: 2016-07-28 16:00:00 +0200
|
|
categories: linux
|
|
---
|
|
<strong>
|
|
WARNING: The method showed here could not prevent the actual execution of "rm -rf" if the "UNIX vandal" is clever enough. Proceed at your own risk, and make backups!
|
|
</strong>
|
|
|
|
<p>
|
|
I like Rick Astley late 80's songs, and you can see them here in my Spotify:
|
|
</p>
|
|
|
|
<p>
|
|
<img
|
|
src="/images/spotify_rickastley.png"
|
|
alt="My Spotify with a bunch of Rick Astley songs">
|
|
</p>
|
|
|
|
<p>
|
|
I like rickrolling people too, especially if they are trying to delete my entire
|
|
<code>/home</code> directory or, even worse, <code>/</code>. Since I learned
|
|
how to use the <code>alias</code> built-in, I wanted a way to prevent that
|
|
random people tinkering with my laptop (that I may forgot to lock) could
|
|
delete potentially important stuff, just for fun or boredom.
|
|
</p>
|
|
|
|
<p>
|
|
The method that I will show will lock any <code>rm</code> command runned in
|
|
both recursive and force mode, so <code>rm -rf</code>, <code>rm -f -r</code>
|
|
and <code>rm -r --force</code> are all blocked, even if they are runned with
|
|
<code>sudo</code>. I am going to alias the rm command in
|
|
<code>/etc/profile</code>, <code>/etc/bash.bashrc</code> and in
|
|
<code>/etc/zsh/zshrc</code> (I am a zsh user) so that the rickroll will be
|
|
possible from all users, even root and the ones with a brand new
|
|
<code>.bashrc</code> or <code>.zshrc</code>. Here is the code I appended to
|
|
those files:
|
|
</p>
|
|
|
|
<p>
|
|
{% highlight bash %}
|
|
alias rm=/bin/rmAlias
|
|
alias sudo='sudo ' # this enables aliases in sudo, see http://askubuntu.com/questions/22037/aliases-not-available-when-using-sudo
|
|
{% endhighlight %}
|
|
</p>
|
|
|
|
<p>
|
|
Since <code>alias</code> is not able to control the flags of the aliases (see
|
|
<a href="http://apple.stackexchange.com/questions/50963/how-do-i-add-a-flag-to-an-alias">here</a>, we are going to redirect each call of <code>rm</code> to
|
|
<code>/bin/rmAlias</code>, that would run the command if it is safe. I did
|
|
not use a function because it is a bit tricky to make that work with
|
|
<code>sudo</code>. So, let's see the code I put in <code>rmAlias</code>:
|
|
</p>
|
|
|
|
<p>
|
|
{% highlight bash %}
|
|
#! /bin/bash
|
|
# Rickroll whoever tries to desert this system, even root.
|
|
# To achieve this, set the appropriate aliases even in /etc/profile and similars.
|
|
|
|
# Video played when rickrolling
|
|
ROLLVIDEO=/opt/anti-rm/serious-video.mkv # it's just Never Gonna Give You Up on my system, but be free to customize this!
|
|
|
|
rickroll(){
|
|
echo "Never gonna desert this system..."
|
|
xdg-open $ROLLVIDEO 2>&1 &
|
|
exit 0
|
|
}
|
|
|
|
while getopts ":rf-" opt; do
|
|
# Prevent '--force' to be detected as -r and -f
|
|
if [ "$opt" = "-" ]; then
|
|
OPTIND=$OPTIND+1
|
|
continue
|
|
fi
|
|
if [ "$opt" = "r" ] || [ "$opt" = "f" ]; then
|
|
if [ "$tmp" = "" ]; then
|
|
tmp=$opt
|
|
continue
|
|
elif [ "$tmp" != "$opt" ]; then
|
|
rickroll
|
|
fi
|
|
fi
|
|
done
|
|
|
|
for var in "$@"
|
|
do
|
|
if [[ "$var" = "--force" && "$tmp" = "r" ]]; then
|
|
rickroll
|
|
fi
|
|
done
|
|
|
|
# If it's safe, just run rm
|
|
/bin/rm "$@"
|
|
exit $?
|
|
{% endhighlight %}
|
|
</p>
|
|
|
|
<p>
|
|
It may look messy to a <em>UNIX</em> guy more experienced than me, but it
|
|
works. The <code>getopts</code> built-in sees if both the <code>-r</code> and
|
|
the <code>-f</code> flags are used and, if so, it starts
|
|
<code>rickroll()</code>, which opens with <code>xdg-open</code> that amazing
|
|
clip from <em>RickAstleyVEVO</em>. From line 30 and below, the script checks
|
|
if the <code>--force</code> flag is used instead of <code>-f</code>.
|
|
</p>
|
|
|
|
<p>
|
|
Let's give execution permissions to the script we have just created:
|
|
</p>
|
|
|
|
<p>
|
|
{% highlight bash %}
|
|
# chmod +x /bin/rmAlias
|
|
{% endhighlight %}
|
|
</p>
|
|
|
|
<p>
|
|
Restart your shell, and enjoy. If you want to test safely, I suggest trying
|
|
to run <code>rm -rf</code> with no folders or a nonexistant one, since this
|
|
script stops even these commands.
|
|
</p>
|
|
|
|
<p>
|
|
If you want even more security, you can rename this script to
|
|
<code>/bin/rm</code> and move the original one in some other place, getting rid of all the aliases. I prefer the solution above because it's tidier: you haven't to move anything. In fact, this could be just an AUR package...
|
|
</p>
|