Linux console – prevent accidental deletion of files

linuxrm

Yesterday I deleted /etc by mistake.

I remembered I found a software to prevent this kind of things but I can't find it anymore. I don't remember the name and actually Google is not helping.

It had a configuration file with a list of files/directories of critical files and the program was checking against that list everytime a user was issuing the rm command.

Does anybody know it?

Best Answer

the /etc directory should only be writeable by root. If its not, then there's something wrong with your setup.

And on a non-MAC Unix / POSIX / Linux system root is god. Most people who use such systems do so because they like to be in control of their systems - but "with great power comes great responsibility".

Don't use root access unless your sure you know what you're doing.

Related Solutions

Linux – How to run a server on port 80 as a normal user on Linux

Short answer: you can't. Ports below 1024 can be opened only by root. As per comment - well, you can, using CAP_NET_BIND_SERVICE, but that approach, applied to java bin will make any java program to be run with this setting, which is undesirable, if not a security risk.

The long answer: you can redirect connections on port 80 to some other port you can open as normal user.

Run as root:

# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

As loopback devices (like localhost) do not use the prerouting rules, if you need to use localhost, etc., add this rule as well (thanks @Francesco):

# iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080

NOTE: The above solution is not well suited for multi-user systems, as any user can open port 8080 (or any other high port you decide to use), thus intercepting the traffic. (Credits to CesarB).

EDIT: as per comment question - to delete the above rule:

# iptables -t nat --line-numbers -n -L

This will output something like:

Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8080 redir ports 8088
2    REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 redir ports 8080

The rule you are interested in is nr. 2, so to delete it:

# iptables -t nat -D PREROUTING 2

Efficiently Using rm on a Directory with Millions of Files

The data=writeback mount option deserves to be tried, in order to prevent journaling of the file system. This should be done only during the deletion time, there is a risk however if the server is being shutdown or rebooted during the delete operation.

According to this page,

Some applications show very significant speed improvement when it is used. For example, speed improvements can be seen (...) when applications create and delete large volumes of small files.

The option is set either in fstab or during the mount operation, replacing data=ordered with data=writeback. The file system containing the files to be deleted has to be remounted.

Best Answer

Related Solutions

Linux – How to run a server on port 80 as a normal user on Linux

Efficiently Using rm on a Directory with Millions of Files

Related Topic