Linux prevents "RM-RF/" accidental deletion

Description: No explanation, operations should be configured on each server to configure this problem to reduce the occurrence of disasters

Method:

1, SAFE-RM

SAFE-RM is an open source software used to replace the less secure RM, you can configure the path blacklist in /etc/safe-rm.conf , define which cannot be deleted by SAFE-RM.

You can rename the Safe-rm to RM and place it in the $path before the original RM program, or use the alias setting. The use of full path/bin/rm in some scripts is not affected by this.

$ rm-rf/etc/
#提示safe-rm:skipping/etc/

Official address: Http://freecode.com/projects/safe-rm,Ubuntu can be installed directly apt-get, CentOS to download the source code installation.

2, (recommended this way) Establish Recycle Bin mechanism

It does not actually perform the delete operation, but instead moves the file to a specific directory, can set the time to clear the Recycle Bin, or in the Recycle Bin when the size of the file reaches a certain capacity (or when the decision is made by The times) to make room for the deletion.

You can either write a shell script to replace the RM command, or use the MV command to move the file to the Recycle Bin when you need to delete the file.

1) Create a new directory under/home/username/directory, named:. Trash

2) in the/home/username/tools/Directory, create a new shell file named: remove.sh

Trash_dir= "/home/username/.trash" for    I in $*, do      stamp= ' date +%s '      filename= ' basename $i '      mv $i $TRASH _dir/$fileName. $STAMP done    

3) Modify ~/.BASHRC, add a line

Alias rm="sh/home/username/tools/remove.sh"

Replace the RM command with our self-built remove.sh

4) Set the/etc/crontab and empty the bins regularly, such as:

0 0 * * * rm-rf/home/username/.trash * *

Empty the trash bin at 0 o ' Day

5) source ~/.BASHRC make the substitution take effect immediately

3, pay attention to the use of RM-RF variables in the script

In the script try not to use RM-RF $FOO/, please use RM-RF $FOO, in addition delete try not to write relative path, do not take the variable.

4. root file system settings read-only mount

Noauto,ro

5. Various backup

You can remotely back up important data, using Dump's incremental backup mechanism, LVM snapshots, snapshots in virtualized environments, RAID5, and so on.

Reference:

Https://www.cnblogs.com/langdashu/p/5404595.html (the above content is transferred from this article)

Https://serverfault.com/questions/337082/how-do-i-prevent-accidental-rm-rf

https://www.zhihu.com/question/29438735

Linux prevents "RM-RF/" accidental deletion