How to use sudo rm -rf safely
[.inline-code]sudo rm -rf[.inline-code] is a highly destructive action. Typically, the meaning of [.inline-code]sudo rm-rf[.inline-code] is that you are force-deleting all directories and files as a superuser. We are going to break down this command and understand what each step does. Understanding its components can help you create a safer, simpler command - or make sure you only run it in the most controlled environments.
[#sudo-rm-usage][.inline-code]sudo[.inline-code] and [.inline-code]rm[.inline-code] usage[#sudo-rm-usage]
The first part of the command is [.inline-code]sudo[.inline-code], [.inline-code]sudo[.inline-code] allows us to execute a command as another user. By default [.inline-code]sudo[.inline-code] will run anything after [.inline-code]sudo[.inline-code] as the [.inline-code]root[.inline-code] super user. Running as the root user means that this command can pretty much do anything as it has access to all files on the file system.
The second part of the command is [.inline-code]rm[.inline-code]. [.inline-code]rm[.inline-code] is used to delete files and directories on the file system. How does [.inline-code]rm[.inline-code] work? Let’s look at an example:
As we can see, we can successfully delete files, but we cannot use the plain [.inline-code]rm[.inline-code] command to delete directories. Let’s see how we can delete directories using the [.inline-code]rm[.inline-code] command.
Above, we show that we can delete directories by passing the [.inline-code]-r[.inline-code] flag.
Let’s have a look at an example of what using the [.inline-code]-f[.inline-code] flag means.
[.inline-code]-f[.inline-code] is the force flag, it attempts to remove files without any prompt regardless of permissions.
[#deleting-mult-files-and-directories]Deleting multiple files and directories[#deleting-mult-files-and-directories]
The examples above illustrate when we should use [.inline-code]-r[.inline-code] and when we should use [.inline-code]-f[.inline-code]. Essentially, [.inline-code]-rf[.inline-code] is us saying “I don’t care if it’s files or directories; just delete it”.
[#be-careful]Be Careful With its Usage[#be-careful]
So when does it turn destructive? When using [.inline-code]rm[.inline-code], the feedback from the terminal is minimal when a file is deleted. It is very easy to delete files, meaning you can end up deleting important files by mistake.
Here’s an example of a particularly scary command:
On Unix systems, the operating system is on the [.inline-code]/[.inline-code] path. If someone runs the above command, [.inline-code]rm[.inline-code] will attempt to delete ALL files and directories under the root of your filesystem. Since [.inline-code]sudo[.inline-code] has been passed, the command is run as the superuser, typically [.inline-code]root[.inline-code]. This means that all your system files, applications and binaries will be deleted without any prompts, silently. The only way to recover is to restore from a backup or snapshot. Be extra wary and make sure to avoid using [.inline-code]sudo rm -rf[.inline-code] within any scripts or automation - especially when the path argument is parameterized.