the linux-file-deletion is used as a example for good software design. It has a very simple interface with little room for error while doing exactly what the caller intended.
In John Ousterhout’s “software design philosophy” a chapter is called “define errors out of existence”. In windows “delete” is defined as “the file is gone from the HDD”. So it must wait for all processes to release that file. In Linux “unlink” is defined as “the file can’t be accessed anymore”. So the file is gone from the filesystem immediately and existing file-handles from other processes will life on.
The trade-off here is: “more errors for the caller of delete” vs “more errors due to filehandles to dead files”. And as it turns out, the former creates issues for both developers and for users, while the later creates virtually no errors in practice.
Exactly type rm -rf / instead of rm -rf ./ and you ducked up. Well you messed up a long time ago by having privileges to delete everything, but then again, you are human, some mistakes will be made.
Deleting the current directory via ./ seems contrived since you would just use . or more likely the directory name from outside the directory. What does happen is rm -rf ${FOO}/ while ${FOO} is an empty string.
The trade-off here is: “more errors for the caller of delete” vs “more errors due to filehandles to dead files”. And as it turns out, the former creates issues for both developers and for users, while the later creates virtually no errors in practice.
the linux-file-deletion is used as a example for good software design. It has a very simple interface with little room for error while doing exactly what the caller intended.
In John Ousterhout’s “software design philosophy” a chapter is called “define errors out of existence”. In windows “delete” is defined as “the file is gone from the HDD”. So it must wait for all processes to release that file. In Linux “unlink” is defined as “the file can’t be accessed anymore”. So the file is gone from the filesystem immediately and existing file-handles from other processes will life on.
The trade-off here is: “more errors for the caller of delete” vs “more errors due to filehandles to dead files”. And as it turns out, the former creates issues for both developers and for users, while the later creates virtually no errors in practice.
No, no. Exactly what the user told it to do. Not what they intended. There’s a difference.
Exactly type
rm -rf /
instead ofrm -rf ./
and you ducked up. Well you messed up a long time ago by having privileges to delete everything, but then again, you are human, some mistakes will be made.Deleting the current directory via
./
seems contrived since you would just use.
or more likely the directory name from outside the directory. What does happen isrm -rf ${FOO}/
while${FOO}
is an empty string.Even so,
.
and/
are right next to each other so it’s a likely typo. You might press enter before you catch it.The double check before you rm things 🤷.
${Insert meme of qwertz ganz not having that problem here}
Not sure if you’re referencing the Steam incident, but Steam did exactly that: https://www.theregister.com/2015/01/17/scary_code_of_the_week_steam_cleans_linux_pcs/
yup, did that one on a server at work. had to go cap in hand to my manager to get him to fix it
Don’t modern versions of rm block calling on / unless you pass a separate flag?
Yup I think it’s --preserve-root
Machines will always do what you tell them to do, as long as you do what they say.
What do they say?
Yes, the file itself (so the data and inode) is not gone as long as the handles live on. Only the reference is gone. You canstill recover the file. https://superuser.com/questions/283102/how-to-recover-deleted-file-if-it-is-still-opened-by-some-process#600743
Tell that to my dded porn collection.