I propose using wrapper scripts to prevent CLI disaster as root

H_TeXMeX_H · 04-11-2009, 02:14 PM

I see that quite often someone comes along with a story like this:

I feel so stupid, I used dd with of=/dev/sda instead of of=/dev/sdb and wiped by HDD. What should I do ?

or

I just ran rm -rf / then after a bit I realized what I did and pressed Ctrl-C, but it was too late. HELP MEEE !

And other similar stories.

So, I propose that if you plan on working with the CLI as root with dd and rm and other dangerous commands. Write a wrapper script using either a blacklist or some other method to stop yourself from doing something stupid. It's not that you should just "be careful", because sometimes you may be just too tired to be careful. Here are some such implementations that I've come up with:

safe dd wrapper using blacklist:

Code:

#!/bin/sh
# implement safer dd using blacklist

# location of blacklist
blacklist=/home/$USER/.ddblacklist

# if blacklist does not exist
if test ! -e "$blacklist"
then
  echo > "$blacklist"
fi

# parse blacklist
for i in $@
do
  if grep -x "$i" "$blacklist"
  then
    echo "Error, bad idea, remove $i from blacklist if you don't think so, and try again !"
	# fail
	exit 1
  fi
done

# run dd
if dd $@
then
  # success
  exit 0
else
  # fail
  exit 1
fi

Same thing for rm

Code:

#!/bin/sh
# implement safer rm using blacklist

# location of blacklist
blacklist=/home/$USER/.rmblacklist

# if blacklist does not exist
if test ! -e "$blacklist"
then
  echo > "$blacklist"
fi

# parse blacklist
for i in $@
do
  if grep -x "$i" "$blacklist"
  then
    echo "Error, bad idea, remove $i from blacklist if you don't think so, and try again !"
	# fail
	exit 1
  fi
done

# run dd
if rm $@
then
  # success
  exit 0
else
  # fail
  exit 1
fi

For the rmblacklist you can generate one of all directories 2 levels deep like:

Code:

find / -type d -maxdepth 2

So it will still allow you to remove files, but not directories.

You can also make your own if you have a better idea. But I think something as simple as a blacklist method can save you a lot of trouble. Or, are there any better options ?

custangro · 04-11-2009, 02:21 PM

Quote:

Originally Posted by H_TeXMeX_H

I see that quite often someone comes along with a story like this:

I feel so stupid, I used dd with of=/dev/sda instead of of=/dev/sdb and wiped by HDD. What should I do ?

or

I just ran rm -rf / then after a bit I realized what I did and pressed Ctrl-C, but it was too late. HELP MEEE !

And other similar stories.

So, I propose that if you plan on working with the CLI as root with dd and rm and other dangerous commands. Write a wrapper script using either a blacklist or some other method to stop yourself from doing something stupid. It's not that you should just "be careful", because sometimes you may be just too tired to be careful. Here are some such implementations that I've come up with:

safe dd wrapper using blacklist:

Code:

#!/bin/sh
# implement safer dd using blacklist

# location of blacklist
blacklist=/home/$USER/.ddblacklist

# if blacklist does not exist
if test ! -e "$blacklist"
then
  echo > "$blacklist"
fi

# parse blacklist
for i in $@
do
  if grep -x "$i" "$blacklist"
  then
    echo "Error, bad idea, remove $i from blacklist if you don't think so, and try again !"
	# fail
	exit 1
  fi
done

# run dd
if dd $@
then
  # success
  exit 0
else
  # fail
  exit 1
fi

Same thing for rm

Code:

#!/bin/sh
# implement safer rm using blacklist

# location of blacklist
blacklist=/home/$USER/.rmblacklist

# if blacklist does not exist
if test ! -e "$blacklist"
then
  echo > "$blacklist"
fi

# parse blacklist
for i in $@
do
  if grep -x "$i" "$blacklist"
  then
    echo "Error, bad idea, remove $i from blacklist if you don't think so, and try again !"
	# fail
	exit 1
  fi
done

# run dd
if rm $@
then
  # success
  exit 0
else
  # fail
  exit 1
fi

For the rmblacklist you can generate one of all directories 2 levels deep like:

Code:

find / -type d -maxdepth 2

So it will still allow you to remove files, but not directories.

You can also make your own if you have a better idea. But I think something as simple as a blacklist method can save you a lot of trouble. Or, are there any better options ?

I like the DD idea! I might "borrow" this

-C

i92guboj · 04-11-2009, 03:04 PM

The problem with wrappers is that you also have to remember to use them. And the same situations where you would do something idiotic also qualify as situations where you won't remember to run a wrapper at all.

However you could implement those as functions in your root shell initialization files. For example, if you use bash in your /root/.bashrc and /root/.bash_profile. Just give the functions the same exact name that the tool has. Of course then you need to use the complete path for the tools which must then be hardcoded or at least guessed from a list of builtin locations.

It's difficult to be 100% protected though. Some people just cut and paste commands from the web without even knowing what they do. In this case the command most likely has a full path, which invalidates any scripting, wrapping and overriding you want to do, that is, unless you are bizarre enough to remove the system tools from their default location and substitute them with a wrapper. But then you have to be vigilant for system update.

H_TeXMeX_H · 04-12-2009, 03:40 AM

Quote:

Originally Posted by custangro

I like the DD idea! I might "borrow" this

-C

Sure, consider them GPL'd, or open-sourced.

@ i92guboj

You're right you could also replace the original commands with functions. However, I would make sure to design the functions properly in case some script uses them expecting them to have the same behavior as dd and rm. It's not too hard to do, so sure you could do that.