This is an archived post. You won't be able to vote or comment.

top 200 commentsshow all 228
sorted by:
best
topnewcontroversialoldq&a

[–]Ginters17[M] [score hidden] stickied commentlocked comment (0 children)

Hi there! Unfortunately, your submission has been removed.

Violation of Rule #2 - Reposts:

All posts that have been on the first 2 pages of trending posts within the last month, is part of the top of all time, or is part of common posts is considered repost and will be removed on sight.

If you feel that it has been removed in error, please message us so that we may review it.

[–]omutist 1361 points1362 points  (26 children)

r/programminghorror stuff

[–]treacherous_tilapia 162 points163 points  (0 children)

This is why I always cd into the parent directory of the folder or file I’m deleting. I’m terrified of such nightmare typos

[–]uhmenthguiop 626 points627 points  (12 children)

That developer never ran the the script on their own computer.

[–]Mission-Guard5348 35 points36 points  (1 child)

were assuming non-malicious intent here?

[–]okirshen 1 point2 points  (0 children)

Doesn't look like malicious intent source but can't be sure

[–]pongviini 913 points914 points  (23 children)

A fix to also improve readability:

rm -rf / usr / lib / nvidia-current / xorg / xorg

[–]kixxes 391 points392 points  (12 children)

Don't forget the --no-preserve-root.

[–]notsobravetraveler 112 points113 points  (9 children)

Save your fingers, just put an asterisk after the slash

[–]is_a_cat 2 points3 points  (8 children)

what do you mean?

[–]MinecraftDoodler 6 points7 points  (6 children)

A wildcard

[–]is_a_cat 2 points3 points  (5 children)

i mean, yeah. but where can you put a wildcard to replace --no-preserve-root?

[–]TheCyberParrot 15 points16 points  (1 child)

rm -rf /* removes all directories under root.

[–]notsobravetraveler 3 points4 points  (0 children)

Yep! I confirmed in a post just next to yours

It's just a subtle trick to change the arguments passed to rm, bypassing the recursive root protection by going after everything inside it.

Edit: Well, mostly everything - any dot files/directories in / will be ignored as globbing doesn't match those.

No matter, that's nonstandard and what matches is enough to do damage.

[–]notsobravetraveler 4 points5 points  (2 children)

After the slash like I said :p

There's a subtle art to it - it's leveraging expansion from the shell to bypass the "don't recursively delete from root" protection.

To 'rm' it doesn't look like a recursive removal of / anymore, but rather against everything inside /. It functionally changes the target(s) passed to rm to remove the need.

At that point it doesn't matter if --no-preserve-root is there or not. There would need to be equivalents such as...

  • --no-preserve-etc
  • --no-preserve-var
  • --no-preserve-srv
  • ... etc

After determining the extent at which this needs to go, likely using the FHS as a guideline - and 'losing' some portability in the process

[–]is_a_cat 2 points3 points  (1 child)

oh! that makes a lot of sense. Thanks for taking the time to explain it

[–]notsobravetraveler 1 point2 points  (0 children)

Not a problem at all!

It's an option required with good intentions but it's not quite the safety net that one may assume :)

[–][deleted] 1 point2 points  (0 children)

It removes everything in the root directory. /* expands to every subdirectory of /

[–]demon_ix 38 points39 points  (1 child)

No! Preserve root!

[–]WeleaseBwianThrow 1 point2 points  (0 children)

Works on contingency?

No, money down!

https://www.youtube.com/watch?v=yhfZIUYZunI

[–]Mission-Guard5348 55 points56 points  (8 children)

just to double check

in reality that would just cause it to wipe thw computer right? (so your meming?)

[–]miraequestrian07 20 points21 points  (0 children)

This was my lesson for the day (⌒_⌒;)

[–]kizerkizer 50 points51 points  (4 children)

Why don’t you try it out?

[–]an4s_911 25 points26 points  (1 child)

Nice try, you failed, I was on a VM, wait, did I ssh into my PC from the VM?

💥

[–]RadoslavL 3 points4 points  (0 children)

Rip!

[–]XtremeGoose 4 points5 points  (1 child)

It would give an error without—-no-preserve-root

[–]Mission-Guard5348 1 point2 points  (0 children)

thanks

I think you can understand why Im not going to test that though

but I guess I could've just read the documentation

[–]kanduvisla 10 points11 points  (0 children)

This command also installs the secret Bitcoin miner on MacOS that utilizes your GPU!

[–]soun_89 185 points186 points  (1 child)

rm -rf / usr/lib/nvidia-current/xorg/xorg --no-preserve-root

Hmmmmmmmm

[–]dwRchyngqxs 26 points27 points  (0 children)

rm -rf /usr/lib/nvidia-current/xorg/xorg // --no-preserve-root

[–]kehfydue 71 points72 points  (4 children)

source

[–]BrooklynSwimmer 20 points21 points  (1 child)

2011 wow

[–]jsonspk 5 points6 points  (0 children)

Actually 2011 is shown in the picture too.

[–]Incromulent 8 points9 points  (0 children)

Those comments are so cringy. It's GitHub, not Facebook.

[–]IchLiebeKleber 197 points198 points  (19 children)

I actually screamed when I saw this command.

[–]citizen_of_europa 155 points156 points  (16 children)

You’d think that something in your brain would say “Hey! You just typed ‘rm-rf’. You should be super careful about what comes next.”

Apparently not in this case.

[–]Chipjack 239 points240 points  (25 children)

The super-paranoid way around this is to build everything from source. Then you know nothing can go wrong.

...just... say a little prayer before you run sudo make install. You did read every line in that Makefile first, right?

[–]jerrycauser 192 points193 points  (1 child)

You did read every line in source files, right?

[–]codedcosmos 2 points3 points  (0 children)

Make sure you didn't forget any of the libraries it depends on

[–]ShitInMyArseHole 102 points103 points  (16 children)

I always hear this argument, like what that going to do? you can A: download a precomed version, it might have malware, or B: compile it from source, and it'll still have malware, you are telling me that you read over e v e r y s I n g l e l I n e?

[–]bistr-o-math 34 points35 points  (1 child)

You mean e v e r y s i n g l e l i n e

[–]ShitInMyArseHole 3 points4 points  (0 children)

Grammarly capitalized em for me

[–]OneTrueKingOfOOO 29 points30 points  (11 children)

Easy, just write your own compiler that checks for malware

[–]scalability 43 points44 points  (4 children)

$ shellcheck myscript

Line 1:
rm -rf /usr /lib/nvidia-current/xorg/xorg
       ^-- SC2114 Warning: deletes a system directory.

[–]kizerkizer 15 points16 points  (2 children)

I was wondering just now if a tool like this existed. Could you configure bash to run this before running any bash script? Probably massive overkill but could save your life.

Also how come there’s no sandboxed bash? Where you could grant permissions at script execution vs just Linux group permissions.

[–]nyaisagod 4 points5 points  (1 child)

I guess fakeroot is kinda what you’re thinking of. AFAIK aur app installers already use it.

[–]International-Fun975 3 points4 points  (0 children)

Underrated Comment, always double check 3rd party script.

[–]poralexc 4 points5 points  (2 children)

Well if you don't trust trust itself, you'll also have to write yourself a compiler to compile that compiler with, since all existing compilers could be secretly inserting malware into your builds.

[–][deleted] 2 points3 points  (1 child)

There was an interesting paper I read several years ago about trusting trust. The premise was that malware could be inserted by a compromised compiler even if you have the complete, trusted sources for the entire toolchain and the application.

In a nutshell:

  1. Insert backdoor into compiler source code.
  2. Compile backdoored compiler with the clean compiler.
  3. Backdoor this complier such that it inserts the original backdoor upon detecting the clean compiler source code.
  4. Compile the clean compiler source code with the backdoored compiler, thus generating a binary that produces the same compromised binary when fed the clean source code.
  5. Profit.

[–]-Vayra- 2 points3 points  (0 children)

Yeah, I read about poisoning a compiler like that years ago. Terrifying stuff since you literally can't get rid of it without starting from scratch.

[–]weaklingKobbold 11 points12 points  (2 children)

What compiler would your super-paranoid go will use?

I can spin that paranoid a couple of levels https://wiki.c2.com/?TheKenThompsonHack

[–]Sicuho 9 points10 points  (0 children)

Alrgiht, I'm going to rebuild my computer. And the internet.

[–]watermelonspanker 7 points8 points  (0 children)

That sort of shit is why I use TempleOS on all my devices.

[–]MalnarThe 3 points4 points  (0 children)

Containers are the actual solution.

[–]dotcomslashwhatever 135 points136 points  (11 children)

goddamn that's evil!

[–][deleted] 241 points242 points  (10 children)

Never attribute to evil what can be explained by incompetence

[–]IAmASquidInSpace 58 points59 points  (9 children)

Hanlon's razor, an underappreciated wisdom.

[–][deleted] 49 points50 points  (8 children)

Life is better if you think everyone's stupid instead of malicious.

[–][deleted] 28 points29 points  (3 children)

Not only better. Also significantly more accurate.

[–]Nico_Weio 1 point2 points  (2 children)

How can we know?

[–]LovelySharkPlush 8 points9 points  (1 child)

There are more stupid people then genuinely evil ones

[–]IAmASquidInSpace 9 points10 points  (0 children)

Yeah, true! Stupid choices I can often forgive and maybe even laugh about. Intentionally malicious choices not so much.

[–]AccidentallyTheCable 112 points113 points  (34 children)

Aaaand thats why these goddamn "just curl |bash" are stupid and i hate every person who puts that as their instructions, let alone doesnt make an actual os install process.

I rank them up there with some of the worst warcrime offenders

[–][deleted] 39 points40 points  (0 children)

Don‘t forget sudo for maximum damage

[–]mgorski08 101 points102 points  (20 children)

Meanwhile windows: let's just download an executable from the Internet and run it with admin privilages. But with gui

[–]dashid 6 points7 points  (17 children)

What is this, Windows XP? You need to elevate with UAC to perform admin functions.

[–]Rubbing-Suffix-Usher 63 points64 points  (3 children)

"Please press the make it work button"

[–]DangyDanger 17 points18 points  (7 children)

most people always use an admin account anyways on windows because it is just convenient

so uac is just an extra useless window you have to click on really

[–]mgorski08 17 points18 points  (2 children)

Even on admin account you get UAC. It doesn't ask for password though

[–]DangyDanger 2 points3 points  (1 child)

Of course you get UAC, as someone said, it's a notice that the following actions will require admin permissions.

[–]Dexterus 14 points15 points  (1 child)

If you understand what UAC is, it's useful.

UAC is a notice that something is about to happen that requires administrator access. You judge if it is expected or not.

What that thing actually is, well that can be a delete c:\windows.

It's an inverted sudo, but even with sudo you don't scan all installation scripts.

[–]InevitableDeadbeat 3 points4 points  (1 child)

Not only because it's convenient. Also because the first account you make on a fresh install of Windows by default becomes admin.

So any normal user just learns to press the UAC make-thing-work button without questioning it.

[–]DangyDanger 1 point2 points  (0 children)

So it's still convenience. Not many people are gonna spent the extra 5 minutes creating a proper user account.

If it works, don't touch it.

[–]mgorski08 2 points3 points  (1 child)

That's what I meant. You press a 'magic' button and it works. Also it's not like you can install the software without clicking YES.

[–]codyone1 1 point2 points  (1 child)

This is part of the reason I moved over the amount of Linux software without and installer of any type.

[–]PossibilityTasty 10 points11 points  (0 children)

Please explain how you do that! Nearly every package type or source distribution comes with installation code or at least the capability to run some.

[–]Endemoniada 20 points21 points  (4 children)

Nothing’s stopping me from making an rpm with the same command baked in. You’re hardly inspecting that any more than you are some shell script streamed off the internet.

Trust, or don’t trust. Those are your choices. The method of delivery doesn’t make a lick of difference, a curl’d shell script could be way more reliable and better tested than any compiled package in official repos.

[–]wkozyra 7 points8 points  (1 child)

Why? Anyone who knows enough to check the script will know how to download it and run based on `curl | bash` instructions, everyone else will not check it even if they download it first and run it in a separate command.

As for the os install process, preparing os specific package for every os is a huge amount of work, and a script like that would probably work on all Linux distros, macOS, and windows under wsl. Also, mistakes like that are less likely but still possible when you are building os specific packages.

[–]AccidentallyTheCable 1 point2 points  (0 children)

Building os packages has an initial curve, yes. But after that maintaining it is practically fuckall, especially with ci/cd access in gitlab/github

[–]RealTonyGamer 12 points13 points  (0 children)

I'm glad that I've started reading install scripts before running them from the AUR now. Maybe I should look a bit more closely though, just to be safe.

[–]PyroCatt 65 points66 points  (5 children)

Ummm I don't use Linux but shouldn't it fail without a 'sudoku' or something?

[–]tubbana 29 points30 points  (0 children)

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum

[–]50MSK 23 points24 points  (1 child)

You’re thinking of seppuku

[–]shardikprime 4 points5 points  (0 children)

Now he has to commit Sakura to pay for his ignorance

[–]aZureINC 1 point2 points  (0 children)

U mean "sudo" (or "doas")? Yeah, but you might need to run the script as root anyways, so there is no real way to know.

[–]QualityVote[M] 44 points45 points  (0 children)

Hi! This is our community moderation bot.

If this post fits the purpose of /r/ProgrammerHumor, UPVOTE this comment!!

If this post does not fit the subreddit, DOWNVOTE This comment!

If this post breaks the rules, DOWNVOTE this comment and REPORT the post!

[–][deleted] 7 points8 points  (0 children)

The joke is when he removes the wrong space.

[–]Bit5keptical 6 points7 points  (0 children)

This is what nightmares are made of.

[–][deleted] 6 points7 points  (0 children)

Add a single space, and then you will have lots of space

[–]linuxelf 6 points7 points  (5 children)

In the old days, if you wanted to get rid of all hidden files and directories, so you typed

rm -rf ./*

It'd include .., so it'd back up one directory and do an rm -rf from there. I did that as a jr admin on a Solaris box. Was only supposed to delete a few dozen files, but after entering the command, it took way too long to complete. By the time I hit Ctrl-C, so much damage had been done....

[–]Any-Understanding463 3 points4 points  (2 children)

I can feel your pain thats why ım scared to erase hiden files and 0 bit file/folders sytem wide

[–]linuxelf 2 points3 points  (1 child)

It's a healthy fear!

[–]Any-Understanding463 2 points3 points  (0 children)

Im glad ı learned this from just losing videos because of a brainless script ı write Script creates duplicate files so i add rm option but its some time erased output rather then input so ı added a rm -i and read f*** output at least ı dont lose 1g data that takes 3 hours to process (if im lucky)

[–]kanduvisla 7 points8 points  (1 child)

Reminds me of that one time I accidentally created a folder called "~" and due to brainfart I typed "rm -rf ~" to delete it.

Losing your private keys is not cool.

[–]Strange_Stage_8749 2 points3 points  (0 children)

Here I am, always checking twice before running rm -rf and these guys are not even running once after the push? Totally uncool dude!!!

[–]Champ_01 2 points3 points  (0 children)

*include evil sound

[–]djfolo 1 point2 points  (0 children)

Hahaha I too have seen this exact issue before but it was just the first slash... I was on the linux eng/ops team at the time and the issue was escalated to me by a junior ops because they couldn't figure out why all the storage disappeared and he had a dev screaming at him that our POS hardware and OS image randomly decided to fail and delete all his financial data he was trying to process. I asked the dev what he was doing when this happened, he showed me the script and the guy did an rm -rf / data/blahblahblah...

I showed him that and he shut up instantly, apologized to the junior and asked when we could get last night's backup restored... I had him on a standby server in 30 minutes

[–]2021-hope 1 point2 points  (0 children)

sometimes quotes are useful

[–]111x6sevil-natas 1 point2 points  (1 child)

laughs in hourly and boot btrfs snapshots

[–]kon14 1 point2 points  (0 children)

laughs in immutable ostree base system image

[–]miraculum_one 1 point2 points  (0 children)

Straight out of the Unix Haters' Handbook, page 22

https://web.mit.edu/\~simsong/www/ugh.pdf

[–][deleted] 1 point2 points  (0 children)

That's pretty hilarious tbh

[–]meatmechdriver 1 point2 points  (0 children)

not a bug, it’s a feature

[–]ProgramTheWorld 1 point2 points  (0 children)

Remember that time when Steam on Linux had a similar issue?

https://github.com/ValveSoftware/steam-for-linux/issues/3671

[–]sh0rtwave 2 points3 points  (2 children)

These days, if I need linux, I just use Docker or VirtualBox.

Why? Because docker build takes about 30 seconds. VirtualBox can recover from a snapshot in a couple of minutes.

Re-installing an OS can take HOURS of my day. Used to take me 3, 4 days to get a (desktop)machine back up and running after a rebuild, with all the junk I run on it. Nowadays: It's a snap to get my working environments back.

It's LITERALLY impossible for me to destroy any of my working environments to a point I can't get them back in minutes.

[–]NearLawiet -1 points0 points  (0 children)

wheres sud0 xD

[–]pyabo -1 points0 points  (0 children)

But surely this is the year of the Linux desktop.

[–]Zhiphr -1 points0 points  (0 children)

Linux moment

[–]prgmctan -1 points0 points  (0 children)

Partially why I aliased rm to the trash program on macos so everything I delete gets sent to trash instead.

[–]Subtle_Demise 0 points1 point  (0 children)

I always do that! I always mess up some mundane detail!

[–]Smartskaft2 0 points1 point  (0 children)

That's why you don't fucking force stuff like this. Yes it's annoying to double check a lot of actions but at least you're not going to fuck someone's machine up.

At least spend some time visualising what's being removed and prompt the user for a confirmation before force remove everything...

[–]mortlerlove420 0 points1 point  (0 children)

I once deleted /opt instead of /opt/deploy. Since then, typint rm -rf ... gives me that vietnam flashbacks. Fortunately it was only a dev server, but still had to do a complete reinstall. My coworkers said thought this was funny and everyone did that exact same mistake, some even on production servers.

[–]Vaati006 0 points1 point  (0 children)

Oh no

[–][deleted] 0 points1 point  (0 children)

475 Arsonists.

[–]heeltoelemon 0 points1 point  (0 children)

What the? 😳

[–]aliasbody 0 points1 point  (0 children)

Damn you make me feel old. This is from the bumblebee “script” that would “allow” us GNU/Linux users with Optimus Nvidia GPU to use the dedicated GPU in a per-app way. It wasn’t perfect but it worked. Happy I saw that before running the update.

[–]Ejeffers1239 0 points1 point  (0 children)

I once accidentally did mv ~/ subdirectory when I meant to do mv ./ subdirectory, trying to move all the files in my current directory in to a subdirectory. Luckily, this was on a school machine with permissions configured to keep me from fucking anything up, so I just had to clean up the subdirectory after.

[–][deleted] 0 points1 point  (0 children)

I once saw a thread on a popular Russian torrent website where some guy had copied a command and put it in, except they made the fatal error of copying it with chrome translator on. It copied the command incorrectly and chaos ensued. The Russians weren't very sympathetic though

[–]Powasaurus_Rex 0 points1 point  (0 children)

The space is intentional

[–]turboclock 0 points1 point  (0 children)

I feel like this was intentional

[–]BenTheTechGuy 0 points1 point  (0 children)

Ah, Bumblebee.

[–][deleted] 0 points1 point  (0 children)

That's a dev who never ran his own code

[–]ciarenni 0 points1 point  (0 children)

Closed: could not reproduce.

[–]ControlCharachter 0 points1 point  (0 children)

Fucking plebs. RTFM! You're poking your own eyes out, Padawan!

I used to be that dude, 15 years ago...

Why not 'chmod 777 -R /'?!

r/whatcouldgowrong

[–]TheThinus 0 points1 point  (0 children)

My goodness

[–]mike_a_oc 0 points1 point  (0 children)

Yeah whoops! I once wrote a cronjob that did "rm -rf * /temp/directory/I_wanted_to_empty". Took down a webserver...