Re: In A UEFI World, "rm -rf /" Can Brick Your System

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, February 1, 2016 1:56 pm, Valeri Galtsev wrote:
>
> On Mon, February 1, 2016 1:33 pm, m.roth@xxxxxxxxx wrote:
>> Excerpt:
>> Running rm -rf / on any UEFI Linux distribution can potentially
>> perma-brick your system.
>
> Yes, I kind of like "rm -rf /". If my memory doesn't fail me, long ago it
> was one of the tricky questions in sysadmin exam (not that anymore if I
> read what you, Michael, write further correctly...). Anyway, let's imagine
> we are back then, then what
>
> rm -rf /
>
> will do you your system? How dramatic this command is?
>
> Well, it definitely will obliterate your /etc with all your settings. Then
> it will start deleting /dev, and once it deletes the block device your
> root filesystem "/" lives on, all trouble ends there. So, you just take
> your drive, and you will be able to mount on different machine /home,
> /usr, /var and what's left of your / partition. /etc is gone, bit this
> only as dramatic as it gets (thanks for alphabetical order the command
> follows).

I just discovered that I couldn't even re-cite alphabet correctly today:
it is /bin that you loose, but /etc alphabetically goes after /dev, so
will not even loose your /etc, all you will need it to restore portion of
your /dev and the whole /bib (which you can do easily if you have "twin"
system around...)

>
> Sorry about long spam message, everybody. I just so liked that tricky
> question from my past, I couldn't hold myself.
>
> Valeri
>
>>
>> As a public service announcement, recursively removing all of your files
>> from / is no longer recommended. On UEFI distributions by default where
>> EFI variables are accessible via /sys, this can now mean trashing your
>> UEFI implementation.
>>
>> There is this systemd bug report requesting that UEFI variables be
>> mounted
>> as read-only by default. Lennart Poettering had initially responded and
>> simply said, "Well, there are tools that actually want to write it. We
>> also expose /dev/sda accessible for root, even though it can be used to
>> hose your system. The ability to hose a system is certainly reason
>> enought
>> to make sure it's well protected and only writable to root. But beyond
>> that: root can do anything really." He then closed the ticket.
>> --- end excerpt ---
>>
>> <http://www.phoronix.com/scan.php?page=news_item&px=UEFI-rm-root-directory>
>>
>> "And they closed the ticket"? That tuxedo on the cockroach is so
>> elegent!
>>
>> Ok, *now* tell me why we shouldn't hate systemd?
>>
>>        mark
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
> ++++++++++++++++++++++++++++++++++++++++
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
> ++++++++++++++++++++++++++++++++++++++++
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux