Terminal commands are intimidating to new Linux users. Running anything without knowing the result can have irrevocable consequences. On Linux, dangerous commands are often a result of a simple typing mistake.
Knowing what every part of a Linux command does and the potential dangers helps to avoid such situations. A typical example is the
sudo rm -rf command, which is very helpful when used correctly but may result in consequences if mistyped or misused.
This article explains the
sudo rm -rf command in Linux, what it does, and how to use it properly.
- Access to the command line/terminal.
- A user with sudo privileges.
- Files or directories to delete.
sudo rm -rf Syntax
sudo rm -rf command is often avoided by users and cited as a dangerous command. The command syntax is:
sudo rm -rf <directory or file>
Below is a breakdown of each part of the command:
sudo- elevates a user's privileges to the root user. Allows removing root-owned files and directories.
rm- Linux command for removing files or directories.
-r- The option indicates recursive removal and helps remove non-empty directories.
-f- The option allows removal without confirmation, even if a file does not exist.
<directory or file>- The path of a directory or file to remove.
Use the command to remove files or non-empty directories where the owner is root.
Follow the steps below to create an example use case:
1. Open the terminal (CTRL+ALT+T).
2. Create a test directory with a subdirectory:
sudo mkdir test1 && sudo mkdir test1/test2
The creator and owner of both directories is the root user.
3. Attempt to remove the directory as a regular user:
rm -rf test1
The output shows the permission denied message.
4. Use the command with
sudo to remove the directory:
sudo rm -rf test1
The command does not output a message and automatically deletes the directories without confirmation.
Why Is sudo rm -rf Dangerous?
sudo rm -rf command is dangerous when not used properly. The
rm command does its job to delete, but a typing mistake or not knowing what is being deleted can make it dangerous.
Warning: Do not run the commands in the following examples.
The following examples showcase how and when the
rm -rf command is potentially dangerous:
1. When removing directories, the following typo is barely noticeable:
sudo rm -rf / directory/subdirectory
The space after the first forward slash (
/) passes the root directory as the deletion parameter. The command deletes the root directory and all subdirectories due to the
-r flag. The result is the same as running the following:
sudo rm -rf /
Although most modern systems display a warning message and require additional options, the
-f flag overrides confirmation in some scenarios.
2. Deleting multiple files with different names and the same extension using the asterisk sign (
*) helps match zero or more characters. The following typo in the command results in a mistake:
sudo rm -rf * .txt
Similar to the previous example, adding an extra space after the asterisk (
*) passes the working directory and all its subdirectories for deletion. Therefore, the command runs as follows:
sudo rm -rf *
As a result, everything from the current directory is deleted without warning. The command deletes the system if the current working directory is root (
3. A dangerous form of
sudo -rm rf can occur when deleting directories that end in the same characters:
sudo rm -rf /* -directory
Due to the spacing, the command becomes:
sudo rm -rf /*
Since the command removes content inside the root directory, there are no warnings.
After reading this guide, you know about the dangers of using
sudo rm -rf. Although the command is not dangerous and serves a purpose, it could potentially delete your whole system or critical data.
Check out our backup and disaster recovery guide to prevent irrevocable data loss situations.