Introduction
Terminal commands are intimidating to new Linux users. Running anything without knowing the result can have irrevocable consequences. On Linux, dangerous commands are often a result of a simple typing mistake.
Knowing what every part of a Linux command does and the potential dangers helps to avoid such situations. A typical example is the sudo rm -rf command, which is very helpful when used correctly but may result in consequences if mistyped or misused.
This article explains the sudo rm -rf command in Linux, what it does, and how to use it properly.
Prerequisites
- Access to the command line/terminal.
- A user with sudo privileges.
- Files or directories to delete.
sudo rm -rf Syntax
The sudo rm -rf command is often avoided by users and cited as a dangerous command. The command syntax is:
sudo rm -rf <directory or file>Below is a breakdown of each part of the command:
sudo- elevates a user's privileges to the root user. Allows removing root-owned files and directories.rm- Linux command for removing files or directories.-r- The option indicates recursive removal and helps remove non-empty directories.-f- The option allows removal without confirmation, even if a file does not exist.<directory or file>- The path of a directory or file to remove.
Use the command to remove files or non-empty directories where the owner is root.
Follow the steps below to create an example use case:
1. Open the terminal (CTRL+ALT+T).
2. Create a test directory with a subdirectory:
sudo mkdir test1 && sudo mkdir test1/test2The creator and owner of both directories is the root user.
3. Attempt to remove the directory as a regular user:
rm -rf test1
The output shows the permission denied message.
4. Use the command with sudo to remove the directory:
sudo rm -rf test1The command does not output a message and automatically deletes the directories without confirmation.
Why Is sudo rm -rf Dangerous?
The sudo rm -rf command is dangerous when not used properly. The rm command does its job to delete, but a typing mistake or not knowing what is being deleted can make it dangerous.
Warning: Do not run the commands in the following examples.
The following examples showcase how and when the rm -rf command is potentially dangerous:
1. When removing directories, the following typo is barely noticeable:
sudo rm -rf / directory/subdirectory
The space after the first forward slash (/) passes the root directory as the deletion parameter. The command deletes the root directory and all subdirectories due to the -r flag. The result is the same as running the following:
sudo rm -rf /
Although most modern systems display a warning message and require additional options, the -f flag overrides confirmation in some scenarios.
2. Deleting multiple files with different names and the same extension using the asterisk sign (*) helps match zero or more characters. The following typo in the command results in a mistake:
sudo rm -rf * .txt
Similar to the previous example, adding an extra space after the asterisk (*) passes the working directory and all its subdirectories for deletion. Therefore, the command runs as follows:
sudo rm -rf *As a result, everything from the current directory is deleted without warning. The command deletes the system if the current working directory is root (/).
3. A dangerous form of sudo -rm rf can occur when deleting directories that end in the same characters:
sudo rm -rf /* -directoryDue to the spacing, the command becomes:
sudo rm -rf /*
Since the command removes content inside the root directory, there are no warnings.
Conclusion
After reading this guide, you know about the dangers of using sudo rm -rf. Although the command is not dangerous and serves a purpose, it could potentially delete your whole system or critical data.
Check out our backup and disaster recovery guide to prevent irrevocable data loss situations.
