What are your favorite *painful* Unix moments

Question

How about sharing your favorite lessons learned moments?

Answer 1

I was curious if chmod 000 / would work.

Well, flawlessly. A few minutes later I was searching for a rescue CD.

Answer 2

When I first started working as a user consultant for the university I was attending, I was given limited sudo rights to help students who had lost/forgotten their passwords. sudo passwd <username> was my new friend. An hour after my orientation, my curiosity got the better of me and I typed in sudo passwd and stared in horror at the prompt for a new password. I was a bit scared to ^C my way out of it, thinking (erroniously, it turns out) that I might leave the account in question in a transient state, so I entered a password and immediately walked upstairs to the hallowed 2nd floor domain of the campus SuperUser and asked if he would like to know the root password of the main system.

Answer 3

Surprised nobody else has mentioned this one yet:

rm -rf .*

(While attempting to remove all hidden files and subdirectories, completely forgetting that it will recurse into . and ..)

Answer 4

Makefile:

clean:
    @rm -f * .o

Which, of course, makes make clean wipe your source code instead of just object files.

Lesson: use version control.

Answer 5

Had a friend run :() { :|:&}; : on a remote server where we didn't have console access to. Couldn't reboot it, completely frozen, production server.

Broken down (by request) to make it a bit more readable.

:() # Define ':' as a function. Every time we say ':' execute the following code block
{ # Start of code block
    : # Call ':' again. 
    | # Pipe output to...
    : # Another ':' 
    & # Disown process. 
    # All on one line this would read :|:&, 
} # End of code block
; # End definition of ':' as a function
: # Call ':'

It might be easier to look at it as

bomb() { bomb|bomb& }; bomb

Answer 6

I meant well, I really did. Trying to chmod recursively a directory and ended up swapping ./ with /.

As root of course, because only with root can true pain (and thus enlightenment) be achieved.

Answer 7

I wiped the partition table of my main drive by accident, thinking I was working on another drive.

With scrollback, careful use of df, memory, and luck I was able to recreate it exactly, rewrite it, reboot, and hope... And it worked.

Answer 8

Not really my moment, but someone else's.

Back when I worked at a nuclear sciences research facility we used to run a number of SunOS, Ultrix and Linux computers and researchers had to share the CPU on those machines. As individual research groups got their own research grants they purchased their own computers, mostly SparcStations and they did the system administration themselves.

SunOS used to ship with the OpenView desktop and a nice file manager, this is what it looked like:

Most of our researchers were running as root, and more than once we had to reinstall their operating systems because someone had decided to tidy-up the root directory and moved /bin, /etc, /tmp and everything else that cluttered the view into either the Trashcan or some subfolder.

Other users chose to tidy up the /bin directory and remove any command they did not know.

The lucky ones had back ups, most had purchased a tape drive, but did not have a tradition of running backups themselves.

Answer 9

rm -f * ~

and

rm -rf ${DIR}/

when DIR was not set!

Answer 10

Back in the mid to late 90s, a friend of mine and I were discussing the folly of rm -rf * and at what point a Linux box would go belly up. We got into statically linked versus dynamically linked libraries and I posited that the system could live quite well without /lib and then proceeded to rename it on my workstation. Bad things happened, but we were left with several open console windows with which to try and fix the damage (shutdown wasn't an option anymore). None of the editors would run. It is amazing the esoteric uses you can find for the echo command.

Answer 11

vi and Caps-Lock vs. /etc/passwd

1. Connect to an old Solaris box using an old serial terminal that doesn't refresh the screen correctly.
2. su -
3. vi /etc/passwd. There is no vipw, and "we're just making minor edits" anyways.
4. Hit Caps-Lock key and don't notice.
5. Hit j a couple times to scroll down. Ignore the fact that you actually just typed J ("Join"), which combines this line with the next line. The serial terminal screen was not refreshing correctly, so you didn't see that you just combined the first 5 lines into one Loooooong line, thereby corrupting the first 5 users ('root', 'daemon', etc).
6. Finish your OTHER intended edits to the file, way down at the bottom.
7. Save file.
8. Log out.

I did this once. Amazingly, the system remained functional for months. Cronjobs ran fine, no errors stood out in the logfiles.

We didn't notice this problem until we rebooted the system months later and couldn't log in at the console. ps showed a bunch of jobs owned by UID '0' not by user 'root'.

You could not log in as root, nor run su or su -, and there was no sudo on this box. There was no floppy drive, the CD-ROM was busted and no USB ports (so no external CD-ROM). Single user mode did not work, because you need to type in the password for root, and that comes from /etc/passwd.

Answer 12

I remember trying to send a SysRq key sequence to a remote machine...

...but it was captured by the local one.

Answer 13

A simple halt recognizing some seconds later that I'm not on a local shell and having no possibility to power on the production server again.

Lessons learned? The prompt of the machine now looks like

[ --> root <-- @kompost:/home/echox] #

with some nice red markup ;-)

Answer 14

My favourite moment was, when a co-worker, who is an emacs user, wanted to edit an important file.

Because emacs is too much to type he had setup an alias for emacs:

alias em=emacs

Under the influence of not enough or too much coffee he of course mis-typed em ...

Well, this is just another reason to use vi ... ;)

Answer 15

Or another experience, how to feel really stupid in a few easy steps that don't seem all that stupid individually.

Step one: establish an account for the kid, in case he wants to use a Linux box. Give it a trivial password, since after all this is a home system and isn't exposed to the net.

Step two: allow time to elapse, so you don't remember step one.

Step three: open the SSH port in the firewall (actually the NAT on the router) in order to ssh in. After all, my accounts have pretty good passwords, and it isn't like there's anything tremendously valuable.

Step four: get notification from ISP that there's some sort of DOS activity going to a Swedish site. Assume it's probably the Windows boxes, and examine and harden them.

Step five: get notification from ISP that it's still going on. Ask for some detail, get IP address of Swedish site, fire up Wireshark, find which box the attack is coming from.

Step six: clean up Linux box, feeling stupid. Find the login came from a Romanian address. Remove accounts without good passwords.

Answer 16

In the computer labs when I was in college, they had a screen saver that simulated a bunch of balls that would float back and forth. They pulled on each with simulated gravity.

Once, while I was messing around with the settings, it crashed with the error Error: force on balls too great

Answer 17

I was once developing a device driver for Unix. It had a pointer problem and during testing it started to write off the end of an array in kernel memory. I was slow to spot this and didn't hit the reset button immediately. The driver had scribbled all over the disk buffer cache which was then flushed to disk before I hit reset. A lot of the blocks were inodes and directories, and I ended up with a totally trashed filesystem. I think 6000 orphaned files were put into lost+found before I gave up and reinstalled. Fortunately, this was only a test system, not my workstation with all my files on it.

Answer 18

I deleted /etc and then recovered it. I don't think I learned my lesson... I've had to recover from a deleted /bin too. Seems to happen when I've been working with a chroot.

Answer 19

This happened to me last year. I was removing some files from the server using a temporary variable:

rm -rf ${prefix}*

Guess what? The variable $prefix was not defined!
You can imagine the disaster... it resulted in some very critical files deleted.

I almost broke the Control-C and ran to the CPU to remove the network cable!!

Hahaha I'm sure someone had already done this...

Answer 20

Last year, a colleague of mine was using one of our linux workstations to create copies of flash disks using the dd command. He accidentally typed something similar to the following:

dd if=flash-image.img of=/dev/sda1

By the time he realized his mistake - overwriting the machine's hard disk instead of the flash drive - the machine was already hosed. We had to rebuild the box, which incidentally was also the machine hosting all of our development VM's at the time...

Answer 21

While in my 2nd year of studying computer science we were given a homework assignment to write a program in C that would spawn a number of subprocesses with fork and make them communicate with pipes in a "circle" and figure out which one should be the "leader".

We were still quite noobs back then and most of peple didn't have any Linux machines, so we worked on our accounts on our faculty's main server (which was hosting official site and staff accounts and sites as well). Most of the people wrote forkbombs at some stage of trying to do the homework. Over half of my group got to the abusers file. That was the highest load on that server in a looong time :)

Answer 22

I was a lab assistant for a Linux class. One of the students called me over because she could no longer su - because she was getting permission denied. OK, she's misremembered/mistyped the password. Reboot into single-user mode and reset. What?! su STILL doesn't work?! It MUST bow to my will! So I reboot into single user mode to find out what she did. I realized that she ran chmod -R 777 /var/www/html/drupal-6.19 /

Note the space between the directory name and the final slash.

After a few minutes of "I really don't want to have her reinstall, so what is this doing and how.", I managed to find that /bin/su now had file permissions of 777. That can also be read as file permissions of 0777, which removes the setuid bit from /bin/su. A quick chmod u+s /bin/su and I was a hero.

Answer 23

As root on Solaris,

$ kill -9 1

...and everything went down.

My friend got fired because of this.

Answer 24

When my University decided to switch the wireless network to use proprietary Cisco LEAP authentication...

Started a very long battle that ended well enough. Wrote up documentation for others who wanted to run Linux and have access to the internet. Six months later they decided to add PEAP support as well. face slap

It is my favorite because I won. I got it to work.

Answer 25

A company that I used to work for had its product running on SCO. I was doing some debugging about applications getting very slow on our demo server and at the same time there was a bunch of customers being given a demo/lecture about upcoming new features.

So, I ran the application that used to get stuck, did my stuff on it to verify the root cause, but since it was still "stuck", I tried to kill it:

pkill -9 mytestapplication

What I did learn was that pkill doesn't do exactly the same on SCO as it does on linux =)

... It basically kills everything the user has access to, and with root... that's everything =)

Answer 26

Not that painful... But a fun little moment:

I've mistyped ls as sl and found out that the sysadmin had something installed for such case.

(already available in Debian, Ubuntu, Gentoo,... repositories)

Answer 27

git init
git clean -f

This does not remove the repository. This removes everything that is not in the repository.

After trying to get rid of the existing repo and then start source control again (on the completed first version of a project), these two commands nuked my entire code.

Answer 28

On a Debian installation back in 1999. 14 floppy disks for the basic installation.

I tried to get xfree86 working. But X didn't start. I had to find out the settings of my graphics card (memory, horizontal and vertical refresh rate), which was completely undocumented. It turned out superprobe found out the correct amount of internal graphics card memory (1024 kB).

But it took me nearly a week to find out that the resolution setting (1024x768) didn't work. I had to switch it to 640x480 until the graphics card finally worked (at 1024x768... buuuuuug....).

I tried to get the serial port mouse to work on COM1. So I tried to get the mouse to work. Reading a book (back then I had no usable high-speed internet), I tried with

/dev/ttys0

And it didn't work and didn't work. It took me nearly another week to find out this was because I needed to type the S is uppercase, not lowercase...

/dev/ttyS0

It was about then when I finally realized what 'case-sensitive' really means.

Answer 29

My switch from Debian to Ubuntu started the day I tried to delete some files and directories, meaning to type

rm -r /var/tmp/*

Unfortunately, I inserted a space between "/var/tmp/" and "*" and even worse, I was in the root of the filesystem.

root@workstation:/# rm -r /var/tmp/ *

Please don't try that at home!

Answer 30

There's a neat trick to do the equivalent of dirname and basename, respectively, in Bash:

${path%/*}
${path##*/}

Not so funny when $path contains a trailing slash...

Answer 31

I had two drives installed at one point and had the root filesystem of the second drive mounted in a directory within /mnt. I was in that directory and tried to delete var but ended up typing rm -rf /var instead. Some instinct seemed to kick in that said var must be preceded with a slash!

When I realised what I'd done I immediately hit Ctrl-C but it was too late. My rpm database had long since left the building. I spent ages getting everything back to normal.

Now for the painful part.

I go back into that directory in /mnt to resume what I'd been doing. What do I type? Well, let's just say that instinct kicked in again.

At least I was able to restore the system a lot quicker the second time ;)

Answer 32

Mine was chmod -R 777 /: after that I couldn't figure out how to restore the permission on the whole filesystem and then I reinstalled the OS.

Never did that again (and still don't know how to restore such a situation).

Answer 33

First one

One time, I had defined an alias to help me clean temp files:

alias clean_dir_tmp="find /tmp -maxdepth 1 -user **** | grep *** | xargs rm -rf"

and of course one day, when I had forget what the alias was doing I mistyped:

$ clean_dir_tmp *

I think I lost a good couple of seconds before I realized what was happening... :(

Second one

I was working as usual with my Mac laptop and my Ubuntu desktop. When I plugged the external HD of the Mac (HFS+ filesystem) in Ubuntu, I noticed that the owner was ?????. My UID was different on my Mac and on my desktop so since I wanted a nicer output with ls -l, I decided to change that.

So I modified the UID on the mac and launched a big chown -R * on the HD from Ubuntu. The only thing that I didn't know was that the HFS+ driver for Linux was not stable. To this day, I haven't been able to mount this HD on Linux or my Mac again...

Answer 34

I mapped the CapsLock to ESC on the entire system. When I did it, the Capslock was on.

A reboot removed the permanent state of CapsLock. It was mapped to ESC

It wasn't really painful but I felt stupid when I realized what I'd done!

Answer 35

A long time ago, I was installing MkLinux on my Mac, and I wanted to replace the file that governed command processing (not the shell, something more basic, don't remember quite what anymore). The instructions said to do mv x y, so I decided to be cautious and started with rm y. The intention was to mv x y afterwards, but of course that didn't work. I reinstalled.

Answer 36

I don't keep track of errors on my own boxes, but from the last 15 years here are my two work fatalities:

1995: Standard 'rm -rf as root' failure on a single box (not my design!) acting as a combined NIS master server + sole DNS server for the company + primary SMTP/POP3 server for the company. It was SunOS 4.1.3_U1 as I recall. Unsurprisingly, like the witness to a horiffic crime, I do not remember the ensuing 48 hours.

1998: Ran newfs (SunOS) on a production AFS (now OpenAFS) file server instead of the replacement we were standing up. Spent the afternoon and night restoring from tape.

Answer 37

chown nobody:nobody /*

As root of course....

Answer 38

Debian dist-upgrade to unstable (or was it testing?) on a remote production server.

Ignored warning about libc switching to nptl threads.

Not sure where installation actually failed, but I was left with one root console on a dial-up line with every single app exploding. Just one running ssh and bash.

Had a lot of fun of recovering it. Uploaded statically linked dpkg, rolled back libc, built a custom kernel with RAID support. I think that took around 3 hours with my dial-up line. When I finally rebooted it, fsck took like 10 minutes. Quite painful 10 minutes I should say.

Answer 39

Back in the day you had to do erase the first 512 bytes of a partition to properly format FAT drives from Linux. This is done using the dd command.

dd if=/dev/zero of=/dev/hda1 bs=512 count=1

Except the FAT partition was /dev/hdb1

I didn't realize what had happened until after I rebooted. Luckily I was able to recover it by re-installing Lilo, or something.

Answer 40

Twenty minutes ago, I was painstakingly recreating a complex directory structure from files I had on my other PC. I decided to run du to see if it was near completion. Given the size, I knew it would take few minutes, so went to get some coffee.

On my return I noticed, to my severe dismay, that instead of running

du -hs /path/to/important/folder

I had absent-mindedly run

rm -r  /path/to/important/folder

Answer 41

I wanted to delete a file and its backup copy (file and file~) on a SuSE system I rarely used and didn't notice that command completion was configured differently. I typed rm fi<tab> and expected the cursor to be after the last letter. The system ignored ~ files and inserted a space after the file name.

So I wanted to type

rm file*

and I did

rm file *

Now I am always checking what the suggested completion is.

Answer 42

The first time I installed GNU Linux on my desktop, I installed Debian, no help, I only installed the basic system, no GUI. And I was like:

"OMFG OMFG WHAT DO I HAVE TO DO NOW?... I will need to go back to Windows"

But then I remembered how to install packages (first time in GNU Linux, only a jose@debian:$ output and only read some things from Debian) and the name of an IRC Client: IRSSI and the name: GNOME and then I installed them... since that day, I install IRSSI and GNOME in every machine...

It feels... good experimenting with your computer xD

Answer 43

Somehow managed to unmount /dev and thought I would be screwed forever if I rebooted the machine.

Nerve wracking hour ensued trying to figure out if it would be safe to reboot it. It was, nothing bad happened.

Answer 44

Many web apps like magento or eZ Publish have a var/cache/ folder and a way to clear the cache that is faster than going in the app backend is to do this:

rm -rf var/cache

After doing this a couple of times, it is scientifically proven that you always end up:

• Either doing this in the root of your server; or
• Adding a / before var

Lesson learned: create an alias for this command with an absolute path in it.

Answer 45

Trying to get the Xwindows driver for my Nvidia card working when Fedora initially released the Nouveau driver. I had downloaded the Nvidia source to compile and install myself as I had many times in the past, but this release, I could just not get it to work. There were quite a few steps to find in the Fedora Forums to completely disable the Nouveau driver, and get the Nvidia driver working. Quite painful to say the least.

Answer 46

Wanted to make an archive:

tar -cvzf mydir/* mydir.tar.gz

Of course, mydir/* expanded to mydir/myfile.cpp mydir/myfile.h

Remember that the archive name follows the -f option of tar!

Answer 47

My favorite is when I was building the new Solaris system for an Oracle database installation. Everything was in place including the high priced oracle consultant right in the middle of the DB optimization work he was doing. I was in the server room checking on another server, when I tripped over the power cord to the server.

Answer 48

1st ex employee: How do I do (something trivial)?
2nd ex employee: sudo rm -rf /
1st ex employee: Haha ok
...
1st ex employee (Having forgotten that he'd just sudoed something else, so it didn't ask for his password again) : oh F**K!!!

Answer 49

I was once trying to zero out a USB thumbdrive using dd.

Needless to say, when tty1 started spitting out ReiserFS errors from my root partition, I had to reinstall...

Answer 50

Installing Debian (with net-install) on a computer and realise after rebooting that I had somehow skipped the part where one is supposed to choose which packages to install.

Sure, a non-graphical system with basically only pwd, ls and cd is working just fine ;).

Answer 51

I did chown -R /usr. Somehow, I thought it was a good idea. Subsequently, a puppet script did some bad stuff, and somehow I lost sudo rights.

Our qualified sysadmin wasn't able to recover my sudo rights, and I had to re-image the machine.

Answer 52

A while ago, I needed to do some extensive configuration on one of my machines, that mostly involved editing bunch of files in /etc. I decided to be really careful about it, so I created an etc directory in my $HOME, copied the files that needed editing in there, spent couple hours doing the edits. I carefully checked all the files, made sure that all the edits were exactly the way they were supposed to be, logged in as root and copied the edited files back to /etc. By then, it was very late at night. Still as root, I decided to clean up, and instead of rm -rf etc, I typed in rm -rf /etc. I did not get much sleep that night.

Answer 53

I was on the phone with a colleague who was out at a customer site. She was working on their systems and I was telling her stroke for stroke what to type, she misheard me when I told her rm -rf .??* and typed rm -rf .?*. But she wasn't in the directory she had told me, she was in the root directory. Wiped not only the dot files, but the entire OS.

Back when I was "learning as a sysadmin", I was writing my own adduser script (didn't have it on early SysV). A shell error in the script (cat /etc/passwd; echo ...) > /etc/passwd which of course wiped the passwd file and then, by accident, I hit Ctrl-D to exit the su shell. Had to go in to the office at 1am Saturday morning to get the boot diskettes.