You’ve probably seen it everywhere, in all the Linux groups, communities, forums, even in real life on shirts. If you’re a beginner and wondering what “sudo rm -rf /” does and why you shouldn’t run it, read this post.
In short, the sudo rm -rf /
command deletes everything in the root directory, which basically breaks your whole system. We’ll explain the command in detail below. If you don’t know what it means or what it does – you should not run it.
What does the rm command do?
The rm command is used to delete files and directories in Unix-like systems, including Linux. It stands for remove.
“sudo” means that you’re running that command as the super user. If you’re logged in as root, you wouldn’t need to use sudo. You don’t need to use sudo for the rm command, but you may need it depending on what kind of privileges your normal user has.
If you had a read-only file named notes.txt, and if you wanted to delete it, you would run:
sudo rm notes.txt
After running the rm command, the CLI will prompt you and ask you if you’re sure you want to remove the file.
rm: remove write-protected regular file 'notes.txt'?
To remove it, you need to answer with “y”, “Y”, or “yes”.
What does “-rf” mean in “sudo rm -rf”?
To avoid the prompt you’d get asking you if you want to remove the file, you can use the “–force” flag, or “-f”.
So, if you run:
sudo rm -f notes.txt
The file will be deleted right after running the command, and you won’t have to confirm anything.
The “-r” (–recursive) flag is used to recursively delete everything in a directory (folder). The most common usage is to delete a directory along with everything that’s in that directory.
So, for example, if you had a “test” directory in “/var/www/html/test/” with files in that directory, if you need to remove that directory along with its files, you’d need to run:
sudo rm -r /var/www/html/test/
You can combine multiple flags with the rm command, so instead of getting prompts for the files, you can add the “-f” flag as explained in the previous section:
sudo rm -rf /var/www/html/test/
As you can see from our examples, this command is quite useful and Linux users run it on a regular basis. The dangerous part will be explained in the section below.
What does the “sudo rm -rf /” command do?
The “/” slash means that the command will delete the root directory. This is the directory that has all other directories of your system, meaning that it will delete all directories on your system. Trolls often give this command to beginners with ill intent (to break everything). Luckily, most Linux distros have a failsafe for this case, so if you tried to run:
sudo rm -rf /
You’ll probably be prompted with:
rm: it is dangerous to operate recursively on '/' rm: use --no-preserve-root to override this failsafe
Luckily for the trolls, the prompt tells you what you need to do to actually run the command and let it do its evil magic. So if you’d run:
sudo rm -rf / --no-preserve-root
You’ll break your whole Linux system, and there’s no going back. Trolls have adapted to this and started giving out this command to avoid the prompt that tells you this command is dangerous.
So, in conclusion, if you’re a beginner, don’t run any of the commands explained in this section. You can read up on the rm command to explore other flags and use cases.
Don’t try this at home.
2 thoughts on “sudo rm -rf /: The Command You Should Never Run”
The quickest way to disable a system is to rename the libc share object file.
Actually Linux has developed to the point a new person really doesn’t need to run commands. There are GUI’s for everything now days. By using those GUI’s you are less likely to muck up your system and need the command line. Just remember your root and account passwords and you will be fine. If you wish, take time to learn commands and their functions.