> Perhaps rm -rf / should be replaced with something with more verbose flags set. That way, when you run a bad command, you are told immediately that things are being deleted
This gives me an idea: Hell Linux. In Hell Linux, the operating system does its best to pretend that nothing is wrong, so it takes you as long as possible to realize that you've made a mistake. Commands ignore all unrecognized flags. In shell scripts, if one branch exits with a nonzero exit code, the other branch is taken. stderr is always redirected to /dev/null. 0 exit code is reported for all processes, no matter how they terminate. If you try to exec a file that doesn't exist, it runs a process that does nothing and immediately exits, unless it is part of a pipeline, in which case it consumes standard in. If you try to read a .json file that doesn't exist, you get the bytes "{}". When you read a log file, any lines containing "ERROR" or "WARN" are skipped. If you try to connect to a port that nothing is listening on, it does its best to behave like the service that should be listening there. Oh, the possibilities....
I've actually wished for something that takes it the other direction: Technically, everything it does is allowed, but it's designed to stress-test your assumptions. So, a distro that replaces half of coreutils with busybox, the other half with toybox or BSD ports or something, the system libc is musl, build tools are patched to randomly switch between using gcc or clang (both of which have `-Werror` enabled by default), user home directories are created like `/home/First Last/` (and if it doesn't have a last name for you it'll just leave a trailing space in the name), mktemp likewise is patched to stick temporary files somewhere other than `/tmp` by default (and always somewhere with a space in the name), /bin/sh is provided by dash (this isn't super rare, but some stuff still assumes that BASH is /bin/sh), normal programs are all in PATH but /usr/bin is empty (or maybe chmodded 000 or something)...
The idea is, if your code builds and works on this system, it'll run anywhere, correctly, because the system leaves no room for "oh, everybody does it this way, so it's fine to rely on this non-standard behavior".
I could imagine this being very useful in the form of a tool like debootstrap(8), intended for conformance fuzz-testing. Feed it a set of switches/enum values, and it'll install these various different odd technically-conformant things into a chroot for you, in any combination you like. Feed it a random seed instead, and it'll select the setup flags based on seeded PRNG output.
Now, set up your CI system so that your "POSIX build" builds N times, each time in a new one of these randomly-generated "technically POSIX" chroots.
IBM's z/OS UNIX System Services is very nearly this. Many UNIX systems have tons of utilities that more resemble BusyBox than GNU coreutils, and AFAIK no C compiler is anywhere near as compatible with GCC as clang (including, notably, slightly older versions of GCC itself).
But AFAIK z/OS is the only UNIX[1] variant that offers a "POSIX" environment
Where no subset of the native character set even resembles ASCII.
Where "everything is a file", but where many of these "files" — including, notably, both shared libraries and executable programs — are mostly inaccessible using anything resembling traditional byte-oriented UNIX utilities, library functions, and system calls.
Where process creation is not only "not cheap", but where it can in fact be so cripplingly expensive vis-à-vis conventional UNIX systems that the z/OS designers have (wisely) not only resurrected something akin to the traditional meaning of the "sticky bit" on executables, but have also made extensive provisions to allow both "subshell" scripts and executable subprocesses to be created within one's own address space, both via system calls and from within the POSIX shell itself[2].
On a related note, I was thinking the other day that an "evil", yet at least minimally standards-compliant filesystem in the spirit of your system might actually useful to have around for testing. Or, if not, would at least be fun to design.
Think a filesystem that imposes random per-directory length limitations on filenames and or file sizes, and occasionally allocates space for files in terms of random, per-file allocation unit sizes just because it can.
Or imagine a filesystem that flushes the overwhelming majority of data to disk promptly, but which also maintains a large "evil cache" containing a few blocks out out of the middle of every few million write calls that is flushed as infrequently as is permissible by the relevant standards.
And why let previously-allocated free space go to waste when, given careful planning, its contents could be used to present stale, yet technically "valid" data to applications that use I/O operations whose ordering with respect to one another is not formally defined for IPC (e.g., POSIX only explicitly defines ordering between its own read() and write() calls, so I/O by any means not passing through particular versions of these functions explicitly designated as POSIX-compliant can, in terms of standards-compliance, be "safely" ignored).
It does about half of what I want, which is to rip away implicit assumptions about where stuff lives, that's true. I don't think nix is inherently going to help with the other half, which is to leave gotchas for what is visible/accessible (i.e. lots of files with spaces in their names, maybe a few files named ex. `-h` or `-rf` sitting in common directories, or for that matter have something available by the same name, but a different version, ex. your PATH contains a grep, but it's from busybox, not GNU).
Just like the web (W3C?) was a front for microsoft taking over from Netscape, and now Google taking over from everyone else, the linux foundation et al are just fronts for Google et al to have whatever they want on the kernel and to prevent any and all GPL3 "corruption" of their take-take-take business practices.
GNU/Linux is old news, everyone runs BIGCORP/Linux today. You probably have more code from Google/Amazon/etc than GNU in any modern distro.
Just look at all the effort devoted to systemd (which is a blatant copy of oracle/windows service management) or everyone eating up the hype of zsh on macs (which is nothing but a spin from apple: Look how this new shell is so much better, oh bash is going to be GPLv3, no this has nothing to do with it, look how shiny is zsh!)
My paranoid thoughts about the state of disorganization in organizations like Mozilla and Gnome is that large corporations like Google and Microsoft clandestinely pay agent provocateurs involved in these organizations to derail progress in the projects.
Systemd is really just the most blatant of these kinds of efforts.
They have certainly made lots of money with that model. You could almost argue this stuff does not really matter because people are effectively forced to use it, as is.1 There is no alternative choice.
1. If you manage to "beat the system", and bend the web to your will, those invested in it will label you an outlier or accuse you of being like Richard Stallman.
The Suicide Linux idea, and in fact, all "rm -rf /" jokes, are still perplexing to me because I always made systems where one could accidentally rm -rf / (still have not done personally that after 20+ years) and would not lose anything of importance, because / is an overlay and any long-term user data is stored on external media, separate from executables, which I unmount after a periodic save completes. I guess I could describe it as a minimal system booted from USB and running in RAM, overlayed with a more complete system (downloaded from the network then extracted), also running in RAM, with a workspace consisting of 100% RAM. The only way to destroy the system is to mount the USB stick read-write, chattr -i on everything and then try to rm -rf /. Impossible to do that by mistake.
Actually worked on something similar about 16 years ago. The idea was an attacker could be led astray and then drop various behavioral clues to disclose their identity past a legally arguable threshold based on challenges and confusions selectively presented.
The guy I was working on it with dropped out of academics for a career of spirituality. He went off to a monastery so I also abandoned the project as well. We never even got a publication out of it :-/. These days you could probably make a very expensive product out of it.*
Someone else may have picked it up, I don't follow the literature anymore
---
* - I just realized maybe he went off to become a spook - I don't know how I never thought of that - even to this day many of my colleagues from the era work for these nebulous companies with names like "The Adirondack Group" who just have a basic website with a single email address. I never understood why they even try, just say "we are spies" - everyone knows it. Maybe it allows them to live otherwise normal social lives where they don't have to lie about the superficialities of their job? I dunno. It can't be actually project based - that'd be super retarded - instead of knowing "he works for the CIA" everyone would also know what project they work on - super dumb - that can't be it. I'll probably hit up one of my old friends to see if that monastery was real. He can probably say "yes" or "no".
ok, just talked to my friend. He was evasive and politely changed the topic so yeah, I still have zero information. I guess that's the right approach.
If I has asked him if he knew the name of the monastery as opposed to whether the entire story was a canard, I probably could have gotten further. By foolishly asking if it was a story, I think he fell back on the "zero information" strategy - as in, even if it's real and he's living a solemn life of meditation, don't say anything. Me effectively going "Hey man, I gotta question about spies" was in retrospect, pretty dumb.
Interestingly, this can be made to work; IIRC, nixos supposedly works fine like that. AFAIK, the idea being that you only need to put non-default settings in /etc.
Seriously speaking, it took me many years to realize that nearly all Windows BSoD messages are non-specific and useless - looking them up is a total waste of time. The only correct way to identify the actual error is analyzing the crashdump in WinDbg.
I recently fixed a family computer that crashes randomly after a RAM upgrade. Removing the RAM didn't help, and it was totally a wild goose chase. The BSoD stop codes indicate some types of crucial system errors or memory corruption, sometimes in drivers, sometimes in kernel, but nonspecific. Finally I installed WinDbg and opened the crash dumps, and all dumps have the same error, and it became obvious immediately,
KERNEL_DATA_INPAGE_ERROR - This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
RAM was fine, the kernel simply cannot swap from the bad hard drive, no wonder it crashes. But the SSD was known-good, so I checked voltages, and saw the +5 V had a huge voltage drop. Upon closer look, found a loose wire at the power supply.
I can imagine that BSODs are useful-enough if you're writing a Windows kernel driver (or doing internal QA for someone writing a driver), and your new driver is what crashes.
(Which would be pretty likely, since when qualifying a new driver, you'd be stupid to use anything but the most bog-standard hardware and drivers for everything other than the particular device-under-test.)
Please reread the comment. The quoted error is from the debugger, not from the stop code in a BSoD screen. The BSoD screen would be something like...
0x0000000A: IRQL_NOT_LESS_OR_EQUAL
or...
0x0000007E: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
It corresponds to whatever the last operation kernel was executing before it fails, but without information on how it fails, and only indicates that something is wrong in the kernel or in a driver in general. You can chase these stop codes and check for bad RAM or bad drivers forever without real progress. Don't spend too much time on these codes, it's a waste of time. Enable memdump and get WinDbg. In comparison, analyzing the crash dump in WinDbg gives real information.
KERNEL_DATA_INPAGE_ERROR - This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
I like the error messages in some early BASIC interpreters. They must be as short as possible, since the entire interpreter fits in 4 KiB of RAM. For example, in Li-Chen Wang's Palo Alto Tiny BASIC...
The only message for all syntax errors, is:
WHAT?
The only message for all runtime errors, is:
HOW?
And the only message for legal but unsupported operations (e.g. out of memory) is:
One of the "nice side effects" of your shell design is that one can do away with thinking about POSIX requirements / portability, among other "potential goodies". ;-)
- - -
But yes, if Hell Linux exists, it'd make a great candidate for a future QEMU Advent Calendar[1] submission.
Some of these design decisions precisely emulate the thought process of some 'architects' (never understood why that word was used for software) that I've worked with. They'd call some of these 'being resilient'.
Is there a name for this design philosophy? A lesser version of it is already what both shell scripts and PHP pages do by default. No crashing—only limping forward (likely in ridiculous invalid states.)
> if one branch exits with a nonzero exit code, the other branch is taken
That's called the Amb operator. It's actually fairly useful! Presuming you tended to write side-effect-free shell scripts, I could see enjoying this one.
> If you try to read a .json file that doesn't exist, you get the bytes "{}"
I would actually appreciate some little intermediary utility that would inject "{}" to stdout iff stdin was empty. It'd make piping maybe-JSON documents through to jq(1) work a lot more smoothly.
> If you try to connect to a port that nothing is listening on, it does its best to behave like the service that should be listening there.
I love the idea of the xinetd(8) equivalent to Busybox. A multi-protocol stub server, that knows how to speak literally every protocol, and listens on every port it can, but does nothing much over any of those protocols. It could serve as a way to slow down a Metasploit scan, by offering it an endless variety of things to try to exploit!
Not quite mutually exclusive, I think. The combination just means we always try the "true" path first, in our depth-first search of paths out of the script.
I wonder what horrors you can subject the user to with only modifying the kernel. Nothing to kill the machine, but some sort of trickery involving messing with argv or randomly messing with process memory and silently prevent the resulting mess from being sent a SIGSEGV.
If we're poking fun at political leaders, maybe the antithesis to this OS - one that pretends everything is going wrong all the time - should be Brussels OS
I too am from the left-liberal side of things, and I am always flummoxed when I see people on HN immediately generalizing every misstep they see to all developers, and only to developers. Why should developers be holier than the average population?
But as for question, yes, we do say those things here. But I'm from the European mainland, and we do enjoy stereotyping each other. That has nothing to do with racism or bigotry, but with acknowledging and celebrating differences. I'm reminded of a comic that I came across around the time of the introduction of the Euro, and I saved it because I thoroughly enjoyed it: https://imgur.com/a/SmdkRLZ
So please, do not assume malice whenever someone points out cultural differences. Humor can be a connecting force, not just a dividing one.
This is great, I just don't know why sometimes in the US everything is taken in the wrong way and everything has to be politically correct. We can make fun of ourselves there is nothing wrong and the more we accept the differences the easier will be to move on. And before anybody assumes I'm a white male, I'm a Mexican immigrant in the US.
Gosh I didn't expect to start anything more than a few smiles with this comment. I'm French, this is absolutely normal to say that where I'm from, and I can tell you that no German or Italian woman / man would take offense for what I said (angry Twitter mobs don't count ;)
I can't speak for Japanese people since I never met any.
I don't know if your reaction is representative of US culture, but having to tip toe around words and not say what you think doesn't scream free country to me.
> having to tip toe around words and not say what you think doesn't scream free country to me
Being from the US, and not being part of the vocal minority that reacts like this, I will agree with you that the last few years have increased the sense that we aren't really free to say things that deviate from the 'approved opinion'.
I came here to say I agree. To me this sort of language is unacceptable because it sorts humanity into convenient little boxes with supposedly predictable input/output behavior. In the workplace or in social settings, it can have the effect of completely alienating people.
Unfortunately, at least in American culture, many of these stereotypes about what it "means" to be Japanese / German / Italian or what it means to have the role of "girlfriend" or "wife" or "husband" are reinforced in us from an early age. Wives are supposed to be controlling and manipulative. Men are expected to be stoic breadwinners and utterly incompetent when it comes to household duties like cooking or child-rearing.
For example, look at any show produced by Disney Channel in the 2000s -- it's all about petty relationship drama and manufactured conflict where characters overreact rather than having tough conversations. Technically the shows are trying to give examples of bad behavior, as there is usually a lesson learned in the last ~30s of the episode, but the characters seem to reset to their usual, horrible selves by the next week's episode.
Dear Americans, please stop imposing your anti-joke culture into us. Neither the Japanese nor the German nor the Italians need you to save them. Thanks.
> Do devs really say horrible things like this at the workplace?
Workplaces vary a lot.
In some, yes people do. This sort of thing and much stronger stuff is circulated in company-wide "joke" emails too. However there does tend to be an element of self-deprecation, in that you'll get people circulating jokes about inept women, and also jokes about inept men. Rarely in the same email of course.
In others, you'd be fired after a few repeats, as you say.
With Europe, as someone commented, some of these things can be understood in a slightly more humorous way if it's about other "friendly" European cultures, because some of the cultures are quite friendly with each other. They're not at war, so it's intended (and really meant and to some extent understood) in a more playful way. There's plenty of it, including on magazine covers.
Between England and France there's been culture jokes for a long time; I've always imagined that's a healthy modern echo of more serious hostility from a long time ago.
Similar to the way you'll see black music groups using the N word affectionately, and it's not offensive because of who is using it.
But for example even in Europe, if someone in say Germany started making ambiguous joke/not-joke jokes about modern fascists in Hungary, I don't think it would be regarded as just friendly humour for long because it touches a nerve. And when I lived in France I heard people talk about Serbians as though they are "all" quite unpleasant. So the European cultures aren't all friendly with each other. There's history there, and some kind of inter-cultural meme evolution.
Lighten up. A friend of mine has an Italian partner and she is constantly joking that Italian women are mad and that she'll kill him if he does something wrong.
I wonder if accuracy in a stereotype makes it better, or worse, from a PC perspective. I do think it's important to recognize cultural differences, and that making a joke out of it in public where it can be responded to is probably a healthier way of approaching the subject that forbidding all mention in polite discourse.
Speaking from personal experience, the stereotype about Italian girlfriends is not inaccurate.
Let it not go unobserved that "lighten up" is the traditional rejoinder of those engaging in inappropriate behavior.
This formulation means: those in a position of relative social power, expect those in subordinate positions to accept stereotyping etc. at the expense of their own and other subordinate classes.
The humor, and this rejection of censure, is done to ritually encode and underscoring of the received power hierarchy.
In a world in which such rituals are being openly named, and confronted, it is very common for those called out to feel defensive, and act out of that defensiveness.
As a mixed race "person of colour" (not a term I'm massively keen on) I'm not generally considered to be "in a position of relative social power", especially over a white European. But whatever.
Wow your a hell of a wannabe Whiteknight...at least fight him/her, but you will lose if it's a Italian women, but you win if it's an Italian man....especially if he plays soccer.
It depends on culture. HN has a lot of different nationalities writing comments. Cultures differ. Like i as a Dutch person can openly disagree on things my boss or other people say, but in other parts of the world this may not be the norm.
Also note that some comments may be misplaced because of non native english speakers posting here.
Hopefully it stands out because of the fact that most people don't say shit like this? I don't know, I've only ever heard a sales dude say anything like this, and he was fired pretty soon after for harassing people.
Are we going to cancel François Truffaut now? The “Japanese girlfriend” is a key part of his film Domicile conjugal, and once a stereotype has made it into canonic art, then how offensive can reiterating it be? The exception of course is when the stereotype deals with a population that is neglected, persecuted and impoverished, but it is hard to say that about Japan.
To be clear: comments about "polite" Japanese versus "strict" Germans and "angry" Italians are also bigoted and will make many immigrant coworkers deeply uncomfortable (especially if they are women). Everything about his comment is gross and 100% inappropriate for the workplace, and civilized society in general.
"obstinately or unreasonably attached to a belief, opinion, or faction, and intolerant towards other people's beliefs and practices."
(Definition of bigoted from Wikipedia)
Stereotypes can be harmful, but they oftentimes are based in reality. Yes, the formalities of an average Japanese are almost incomprehensible to an average Italian. What's the problem with that? The world is fortunately colorful, and making jokes about its colorfulness is not necessarily evil.
> comments about "polite" Japanese versus "strict" Germans and "angry" Italians are also bigoted
As the other commenter mentioned, "bigoted" implies "intolerant". A joke about culture differences isn't intolerant of those cultures; you're just overreacting.
And as someone else mentioned, the Japanese, Germans and Italians do not want or need you to save them. Maybe you should dial it back a bit.
I know a German who hates being stereotyped. He likes when other people speak up about it because people call him a typically humorless German when he does.
I constantly hear jokes about football. Having played football and being a person with "two left feet", I have heard numerous jokes about that, and about how I must not be Brazilian, since I don't command the ball like Ronaldinho.
I'm fine with that. It's playful. It's fun. I make jokes back and everybody is a friend.
There's also the Samba jokes and stereotypes. They are fun. They are ice breakers and can make an awkward social interaction more fluent.
You know what offends me? When people from the USA call their country "America", like they own the whole continent.
Amerigo Vespucci, the man whose name served as the basis for naming the so called "new world", didn't even arrive in the northern part of the continent, much less in what is now the USA.
Cripstopher Columbus, who arrived in the continent even before Vespucci, didn't arrive there either, but at Guanahani, in the Bahamas.
When America was named America, there was no USA.
Calling that country America is the equivalent of uniting a few European countries, calling them United States of Europe and then culturally pressuring the rest of the continent (and the world) into calling them Europe, pretending the rest of the continent never had that name.
The cultural, military, pollitical and economical power play that the USA have been imposing on the rest of the continent since at least the 1940s is by far worse than any stereotype joke that you might have heard in your workplace.
I was born in America. The USA can never take that away from me.
Uncivilised is to impose your views upon the rest of the world with zero regard to cultural differences.
As my late grandfather would say: "don't judge others as though they are yourself."
Edit: Even before I posted, I was aware this was going to be downvoted. That's fine. It's not easy to admit you're not as holy as you might think. It's far easier to use your own power to crush the "subordinate class" rather than actually acknowledge them. Downvote away. I will still be an American, born in America.
> make many immigrant coworkers deeply uncomfortable (especially if they are women)
You can also add gay people, trans, etc - and even things like being smart, or stupid, or being a man or woman, or blond or redhead or... etc - to the list who have to endure feeling uncomfortable and unwelcome (and often keeping it to themselves or playing along) in a workplace where "they" are made fun of regularly.
I think it's because humour and oppression both exist, and actual for real consequences of the latter have been very severe and sometimes still are. It's hard to tell how much of each is really in process at any moment, so of course it's uncomfortable, and of course if someone feels they have to fit in to keep in their colleague's good books at work, they'll tend to keep their discomfort and background to themselves.
I wonder about cultural differences here. Ethnic/national jokes used to be very common in the workplace, but in the last few decades have become increasingly taboo. However, I don't think that change has happened to the same extent in all countries. I think in English-speaking countries (and especially so in North America) it has happened to a much greater extent than in many non-English speaking countries. To assume that all workplaces globally adopt the standards of your workplace, or workplaces in your country, is itself a failure to be aware of cultural diversity.
One thing about these kind of jokes, is they vary a lot in how much prejudice they encode. For example, there is a stereotype in Australian culture of the "whingeing pom", the person from England who always complains, and there is a tradition of jokes based on that stereotype. Does that mean the English are oppressed in Australia, or that Australians hate English people? Or is it more like when you gently tease your friends and family? (To use an Americanism, "joshing"). It is not like the English recipients of this kind of teasing don't have plenty of comebacks – jokes about Australians being all descended from criminals, etc. (See also [1].) I think there is a big difference between those kinds of gentle jokes which don't really encode any significant degree of racial/ethnic prejudice, and other sorts of jokes that do – it depends a lot on who is making the joke, which group is the target, and the nature and history of the relationship between the joke-teller's group and the target group.
Regardless of all that, I wouldn't tell those kinds of jokes in a work environment – some people are likely to be offended, and causing offence isn't worth it. (Plus I rarely tell jokes of any sort, since telling jokes has never been my strong suit). But if other workplaces, in other countries, have different cultures in which those kinds of jokes are more acceptable, I'm not going to judge those cultures negatively because of it, and try to exhibit enough cultural sensitivity to realise that cultures like that exist, and I'm not going to say that my culture is superior to theirs.
(You also mentioned the gendered aspect of the jokes; I would expect that attitudes towards gendered jokes and how they are experienced also vary from culture to culture – and that women experience them differently in different cultures, and even individual women may experience them differently in the same culture – but I don't feel like I know enough about that whole issue to say more than that.)
Speaking for myself, I understand that no harm was meant; and that those my age grew up in a world in which such humor was not commonly judged offensive.
This world has moved on fortunately. Please do not perpetuate this culture on HN.
Which I did without paying attention to what I was doing and it turns out that this is one of the worst things you could do ever on a Debian-based distro.
Coworker was trying to remove node so we could install a new version, so he ran:
rm -rf /usr/bin node
-rf was due to muscle memory, and unfortunately he forgot the space.
That was a fun one to clean up. We were able to use nc because that was in /bin and not /usr/bin, so we used that to pipe curl over through a socket and then used curl to install dpkg + apt, then ran apt update to fix everything and that seemed to work.
That server is still running today, but I'm sure something is still seriously wrong with it. Nothing that affects me though, so I don't care haha.
Why would something by in /usr/bin that would be manual deletion? Wouldn't it be in /usr/local/bin? Were they manually deleting a package managed binary?
For that matter, if you're manually installing a component like node with a large set of dirs and you might want a different version at some point (you're more likely to update to a newer major version of node than you are some base library for the system) why wouldn't you put it into /opt/node-X.Y.Z (if not an actual package for the distro)?
We could assume the people weren't as much admins as devs with some minimal admin experience so weren't familiar with some of these common admin practices that have been developed over the years to manage stuff easier and safer, but then why are they root with the ability to blow out /usr/bin and not a user account installing node locally?
It feels like there's some larger problems that even allowed something like this to happen. It's like hearing someone say "my simple webapp connected to the wrong DB server and completely deleted out all the databases there, including the billing one." The first response I have to something like that is "what were you guys doing that something like that was even possible?"
Yeah, I mean, obviously with the right precautions and best practices we could have avoided this. But this was a dev server, so it wasn't that serious if the entire thing got hosed. The only reason we recovered it using nc instead of just formatting the disk and starting over was because the server was physically in the office, and neither of us wanted to drive in (long commute), and we were mildly amused at the prospect of reviving a server over ssh.
When I meant it's still used today; it is, but it just displays a dashboard on a TV screen, it's not actually handling customer data or doing anything critical.
My teammate a couple years ago was writing a script that needed to clear a working directory, so `rm -rf $path/*`. He ran it during debugging and found one mistake - at some point the $path variable came in empty......
Oh I did that in a distro build script where $path was called $INSTALL, but was empty (possibly due to a misspelling of the variable). Double stupidly, I ran it as root and so $INSTALL/lib blew off the system's libraries. I recovered the machine without any rescue disk or reboot or anything, by by copying files from an installation of the same distro. Of course, no commands for copying worked. I think what I might have done is to NFS mount that machine from the other machine, and then doing the copying on that machine.
It always scares me when people automatically add -rf after typing rm no matter what they're doing. How do you even get into that habit in the first place?
If I were to guess, how one might get into that habit is being annoyed by error messages:
"cannot remove 'foo': is a directory"
Just remove the darned object you're given as an argument using the appropriate implementation for its type.
"rm: remove write-protected regular file 'foo'?"
The rules are that if the directory is writable, the object can be deleted. Though you called stat to figure out it's a regular file, you didn't notice the link count: I have two more hard links to the file in the same directory, and one elsewhere. But, yes, unlink it.
I have this bad habit. Because in linux everything is a file, so screw you rm stop telling me i can't delete that directory. Its just a file that points to another directory. Its messing up my flow.
Starting out with that behavior because it comes up a lot in tutorials, probably. And then not making a typo mistake earlier on to learn the lesson to not do that with every rm command.
I'd probably have that habit if I didn't once delete everything in a /bin directory early on in my learning, and luckily it was in a VM.
That's why dnf (the yum successor) has dns, sudo, systemd, systemd-udev and yum set as protected packages by default on Centos 8 (and you can't remove python withouth removing dnf/yum because of dependencies, so it should stop that as well).
I imagine apt has something similar, and maybe it's not (or wasn't) set by default on the dist you're running? If not, I would raise that as a bug with the distro, as breaking it with a command like that should be much harder to do accidentally.
If you install a minimal Debian server avoiding recommends, and remove a few non critical packages, you can remove python, and start building from there. No problem.
Nothing is wrong.
If you go with a default installation, and start building over there, for example a desktop system. This will remove everything else that depends on python (not only python).
And that, is probably wrong, as you do not expect to remove half of the system (and don't reinstall it back), when you try to reinstall python, like megiddo said.
Some packages that do not need python at all, depend on python because of the packaging choices, like post/pre install scripts written in python instead of shell.
Other packages that do not use python in their core functionality (for example a program written in C) depend on python because of add-on scripts or contributed extensions, shipped in the same package.
Unlike Debian, in the Ubuntu case this command is worse, because Canonical push hard for python.
Historically, many Debian packages depending on python, have been introduced or modified by maintainers/developers working for Canonical.
To install a minimal Ubuntu server without python, first you need to remove many packages (a lot), related to launchpad, or landscape, or a few other Ubuntu specific services, or stuff really intended for desktop users (not for a minimal server).
Nothing against Python or Canonical... but as I have needed to deploy servers at work with the requirement of really really minimal base, I know well about removing Python in both Linux distributions.
This used to be an issue in the Redhat flavors. You could uninstall python or bash and the system would eat itself (RHEL5 and before). Since then, they have added protections for specific packages and you can even add further protections for whatever you consider to be critical packages.
Also on Gentoo. Once you've done it, your package manager is gone... At least you'll be warned when you attempt to do it, and often there will be two or more Python installations (2.7, 3.x), and Portage will run on any of them, so incidents like these are actually rather rare.
This reminds me of fun times compiling and upgrading libc on a running system. It's challenging, but if you plan it out, it's not bad. But if you miss a step...better hope you have some statically compiled tools somewhere that can help you out.
A problem with most commands is that they usually don't need extremely-unfortunate typos or russian-roulette-enabled shells to turn into something wrong: they are usually wrong in passing, while you're typing them. I always wondered if something could be done against the effects of an accidental premature return. Some of us have cats...
`sudo rm -rf /tmp/workdir` starts with `sudo rm -rf /`
`git reset libs` starts with `git reset` which will wipe your staging area
`docker-compose rm -f db` starts with `docker-compose rm -f` which will remove all stopped containers (and their logs)
Most commands just tend to do something very broad with no arguments, and the fact that paths start with bigger folders and go down to files doesn't help either. No GUI tool would ask you to confirm before you type in the path, the way shell commands tend to.
The first one resets to factory defaults. The second reboots one of the redundant controllers, a or b. We had to reconfigure and restore from tape several times.
In zfs the command to create a dataset is “zfs create toplevelname/datasetname”. The command to create a snapshot is “zfs snapshot datasetname@snapshotname”. The command to destroy either is “zfs destroy objectname”, and the objectname of a snapshot is always a valid dataset name plus an at sign plus the snapshot name. Deleting a dataset is not a reversible operation. :/
I've seen a few platformers that force you to jump at random times, screwing up what you planned on doing. You could definitely make a device to plug in as a keyboard that sporadically hits "return"
So, does your Linux Roguelike have any progression? Can I get a magic item (ie. a file) to put in my home directory to protect it from a single mistake, or something?
Should be called Landmine Linux as most times, suicide is not accidental whereas stepping on a Landmine usually is. Entertaining project none-the-less. Thanks.
I seem to recall[1] that at one point, that emacs had a "final score" mode that would tell you how many typos / corrections you'd made during an editing session... Not as destructive as an 'rm -rf', but it would provide incentive to minimize mistakes.
[1] Or I may not recall; it was a strange time. It might have been a suggestion, along the lines of designing a grep stick for physical libraries.
This could be turned into a really great security tool, akin to a deadman switch, which upon activation and incorrect use, deletes the contents of the users home directory.
Example. In Mate Desktop. the default terminal is Mate Terminal. Upon installation of Suicide Linux, Mate Terminal could be modified to delete the users home, but provide no warning that it is running. For the user, they could use another terminal program for their daily needs without fear of deleting their home. In the event that their laptop is seized or stolen an attacker may use the default terminal program ie, Mate Terminal which would then upon the issue of any command delete the users home folder
In this case, just "rm" everything is far from enough, it needs to be a secure deletion. And the best way to implement secure deletion is using full disk encryption, this way, instead of wiping the entire disk, you just need to wipe the header, which contains its master key.
head -c 100000000 /dev/zero > /dev/sdX1; sync
An even better solution is interfacing the motherboard with a small microcontroller and storing the master key in hardware (and possibly with a key-split algorithm, so compromising the hardware doesn't reveal the key, but its destruction will kill the key), such as a battery-backed SRAM or a hardware crypto chip. The self-destruction command would be an I/O request to wipe the chip. Tamper-switches can be placed at strategic physical locations around the machine.
You can also write a deamon to monitor USB devices and trigger the self-destruction when an unknown device is detected, e.g. If your machine has been seized on-the-fly, the attacker is likely to plug an anti-screenlock USB mouse emulator, which triggers its self-destruction.
The tricky part is balancing the degree of security protection and the risk of data destruction from a false-positive trigger...
What's wrong with using FDE and entering the key manually on startup? You could then just shut down when you detect suspicious behavior and all is well or am I missing something?
It depends on your threat model. The OP mentions bobby traps and self-destruction, so I assume the threat model here is not a typical model in personal computing, but a different one, which is similar to Dread Pirate Roberts' threat model, as explained below.
Self destruction has two advantages, comparing to shutting down the system. First, once the encrypted master key in the header has been wiped, the data is gone, it's technically impossible to recover the data anymore (your passphrase is only the key to decrypt the master key in the header). On the other hand, revealing the passphrase under pressure is always a possibility. Second, when an attacker tries to seize your system, a possible strategy is seizing your system alive in a surprise attack, giving you no chance to shut the system down, and using an USB mouse emulator to defeat the screenlock.
And the reason of using a hardware-backed key storage, is to prevent the clone of the encryption header (which makes the self-destruction useless), and to ensure the destruction of the key is complete. In modern SSDs, due to wear levelling, there's no guarantee that the physical sector the header belongs to is actually erased.
No need for a booby trap. Some guy tried to do that akin from the scene in Mr.Robot with limited success using thermix. The only success was using a shape charge inside a desktop, but that is not possible on a laptop.
I like the idea of a USB dongle that is attached to the person which immediately locks the computer and erases the drive but the problem is that it takes time and law enforcement can just remove the battery to stop the erase (if battery is easily accessible).
Erasing the headers on an encrypted drive seems quick and effective and the way to proceed. But if the technique is to use a USB dongle then we should also be able to modify the source code of Suicide Linux to do the same with the modified default terminal.
> And law enforcement can just remove the battery to stop the erase
This is why full disk encryption should be used.
> Erasing the headers on an encrypted drive seems quick and effective and the way to proceed. But if the technique is to use a USB dongle then we should also be able to modify the source code of Suicide Linux to do the same with the modified default terminal.
Defense-in-depth, you add a bit of countermeasures at every level. For example, the USB self-destruction will immediately kick in (if the law enforcement decides to seize the computer alive, a mouse emulator is likely to be used immediately), erase the header, and halt the computer, even before anyone has a chance to perform any forensics. If the LE was able to take the computer to a lab, it's possible to do a live memory extraction via cold-boot attack while the computer in still running, for example.
Again, the tricky part is balancing the sensitivity of the self-destruction mechanism and the risk of data destruction from an accidental trigger... A possible workaround is adding an "armed" switch - the most sensitive tamper-detection code is only activated after the switch is flipped if the perceived risk is high, for example, before you take your laptop to a coffee shop.
Hook it up to your WiFi driver so if your AP every goes away so does the evidence of whatever you’re trying to hide. But plug the computer and AP into the same UPS.
There used to be a few DOS shells which would do less than helpful stuff to you. One I liked would just offer insults instead of whatever it was you were attempting to do.
Someone should make a Linux distro that installs with a random set of packages.
Pair it with Suicide Linux and you have Roguelike Linux.
Another fun one: Suicide Linux has a Debian package here https://sourceforge.net/projects/suicide-linux/files/
Next to it is an ad for "Other Useful Business Software
". Implying that Suicide Linux is business software is... interesting.
What was the name of that really old flight simulator (it was either late 80s or early 90s) that would delete random files from your system if you crashed?
This comment reminds me of one of the ones in the thread a few days ago about Google clearing out trashed items. It was something like “this stinks because I always store my most important documents in the trash”, except this one seems to be less sarcastic :)
Interesting. It annoys me when hackers tend to do something 'creative' once they're in. Instead of recursively deleting everything (which has the most impact) - they try some novel and boring task which has low impact. The end goal of all nefarious forms of hacking should be to wipe everything.
You say "should be to wipe everything". Why do you think that's the most important goal? I'd have thought the BEST hackers would ensure their continued control of the system and ability to exfiltrate data without arousing any suspicion. A good virus doesn't kill its host, a good hacker doesn't nuke their woot.
In the end of the day, most cybercrime is focused on making money, so wiping a system has zero utility (especially as it would tip off the owners to your presence).
It's acknowledged that some high-profile ransomware attacks had the ulterior motive of wiping data. They used the ransomware as a front and really just wanted to do damage, not make money.
Why does it annoy you? I like seeing things that are clever and amusing, things that I wouldn't have thought to do myself. For a less malevolent example, the existence of Upside-Down-Ternet, flipping all images upside down for unauthorized wifi users, rather than outright banning them.
Viruses in the 80s used to wipe everything or do something very visible with the screen. They got more creative in the 90s, especially after many people got an internet connection at work or at home.
Not all viruses do it intentionally, some are originally rather harmless but has unfortunate side-effects in its replication code. For example, when you use a floppy disk in a different format, the virus tries to overwrite it anyway...
This gives me an idea: Hell Linux. In Hell Linux, the operating system does its best to pretend that nothing is wrong, so it takes you as long as possible to realize that you've made a mistake. Commands ignore all unrecognized flags. In shell scripts, if one branch exits with a nonzero exit code, the other branch is taken. stderr is always redirected to /dev/null. 0 exit code is reported for all processes, no matter how they terminate. If you try to exec a file that doesn't exist, it runs a process that does nothing and immediately exits, unless it is part of a pipeline, in which case it consumes standard in. If you try to read a .json file that doesn't exist, you get the bytes "{}". When you read a log file, any lines containing "ERROR" or "WARN" are skipped. If you try to connect to a port that nothing is listening on, it does its best to behave like the service that should be listening there. Oh, the possibilities....