0

I've faced times when I accidentally ran dangerous commands and lost all my data. How do I set Linux to ask for current user password or root user password when running potentially dangerous commands like rm -rf . or rm -rf / and many other?

Gilles 'SO- stop being evil'
  • 829,060

3 Answers3

2

There isn't really anything you can do beyond making use of sudo so that you're required to provide your password to run commands that have elevated privileges such as root.

The other tip you'll often make use of, is wrapping destructive commands such as rm so that you're prompted with an "are you sure?" or with rm you can make use of the -i switch which will cause rm to be interactive in nature, asking for confirmation before deleting each file.

Be warned though, this typically gets extremely annoying and you'll likely revert to running with it disabled.

slm
  • 369,824
  • Adding the -f will cause the -i to not prompt, so it doesn't really help in the rm -rf example. – jordanm Mar 16 '14 at 21:47
1

The main problem might be to reliably identify a "dangerous command". But let's assume you have a list of dangerous commands.

You can "overwrite" each binary with a function (similar to a shell alias but more powerful):

rm () {
  if is_dangerous rm "$@"; then
    echo "This is a dangerous command!"
    echo -n "Think well and type uppercase YES to really execute it: "
    read answer
    if [ YES = "$answer" ]; then
      executing rm "$@"
      command rm "$@"
    else
      echo "not executed"
    fi
}

is_dangerous would be a script or function which checks the passed command line against a list.

Hauke Laging
  • 90,279
  • i dont think that this will prompt for username and pasword – klerk Mar 16 '14 at 18:22
  • 2
    @vladeli The question is not about prompting for the username. And though I indeed read the question too fast downvoting such an answer is so ridiculous that I am not going to improve my answer. Let's see what you can offer. – Hauke Laging Mar 16 '14 at 18:29
0

Best way is to inform user to use specific directory in the rm command. Just create a wrapper script which will inform user to use directory name. Something like : "rm -rf / or rm -rf ." is not allowed. Please use directory/file name "rm -rf "

Amol
  • 1