[CentOS] In A UEFI World, "rm -rf /" Can Brick Your System

Valeri Galtsev galtsev at kicp.uchicago.edu
Mon Feb 1 19:56:46 UTC 2016 

On Mon, February 1, 2016 1:33 pm, m.roth at 5-cent.us wrote:
> Excerpt:
> Running rm -rf / on any UEFI Linux distribution can potentially
> perma-brick your system.

Yes, I kind of like "rm -rf /". If my memory doesn't fail me, long ago it
was one of the tricky questions in sysadmin exam (not that anymore if I
read what you, Michael, write further correctly...). Anyway, let's imagine
we are back then, then what

rm -rf /

will do you your system? How dramatic this command is?

Well, it definitely will obliterate your /etc with all your settings. Then
it will start deleting /dev, and once it deletes the block device your
root filesystem "/" lives on, all trouble ends there. So, you just take
your drive, and you will be able to mount on different machine /home,
/usr, /var and what's left of your / partition. /etc is gone, bit this
only as dramatic as it gets (thanks for alphabetical order the command
follows).

Sorry about long spam message, everybody. I just so liked that tricky
question from my past, I couldn't hold myself.

Valeri

>
> As a public service announcement, recursively removing all of your files
> from / is no longer recommended. On UEFI distributions by default where
> EFI variables are accessible via /sys, this can now mean trashing your
> UEFI implementation.
>
> There is this systemd bug report requesting that UEFI variables be mounted
> as read-only by default. Lennart Poettering had initially responded and
> simply said, "Well, there are tools that actually want to write it. We
> also expose /dev/sda accessible for root, even though it can be used to
> hose your system. The ability to hose a system is certainly reason enought
> to make sure it's well protected and only writable to root. But beyond
> that: root can do anything really." He then closed the ticket.
> --- end excerpt ---
>
> <http://www.phoronix.com/scan.php?page=news_item&px=UEFI-rm-root-directory>
>
> "And they closed the ticket"? That tuxedo on the cockroach is so elegent!
>
> Ok, *now* tell me why we shouldn't hate systemd?
>
>        mark
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the CentOS mailing list