Dangerous Linux/UNIX commands

hiddenknight821hiddenknight821 The whole Shebang!Member Posts: 1,209 ■■■■■■□□□□
I couldn't find a thread related to usermod command. I hope to start a thread on commands we should not perform in order to avoid jeopardizing our system.

Today, I logged in as root, and I was experimenting to see if usermod --password command has the same effect as the passwd command on root account. I just discovered that it didn't work for root. I wasn't able to log in with the password I created with the usermod command. Please avoid this if your system allow you to bypass it. Is there any other commands I should be aware of? Right now, I'm trying to prepare for the new Linux+ and become certified by the end of the summer before I return to school in the fall.

Comments

  • kriscamaro68kriscamaro68 Member Posts: 1,186 ■■■■■■■□□□
    I would stay away from rm -rf unless you know exactly what you want to remove and that it won't affect anything by using it.
  • kalebkspkalebksp Senior Member Member Posts: 1,033 ■■■■■□□□□□
    I would stay away from rm -rf unless you know exactly what you want to remove and that it won't affect anything by using it.

    I once missed the "." when typing "rm -rf ./", that was fun...
    (It was actually a system I was configuring in preparation for production, so it wasn't that big of a deal, but it still made my night a couple hours longer.)




    To those unfamiliar with linux/unix that command without the "." forcefully deletes all the files from every mounted file system.
  • tierstentiersten was here. Member Posts: 4,505
    Today, I logged in as root, and I was experimenting to see if usermod --password command has the same effect as the passwd command on root account. I just discovered that it didn't work for root. I wasn't able to log in with the password I created with the usermod command.
    If you read the man page for usermod, you'll see that it is hardcoded to use crypt. No distribution in years has or should be using crypt for its password hashes.

    You shouldn't be testing things on the root account though :P
  • NightShade03NightShade03 Security Nut Member Posts: 1,383 ■■■■■■■□□□
    It's also worth noting that you can make alias for some of these commands to prevent bad things from happening. One example would be

    alias rm = "rm -i"
  • hiddenknight821hiddenknight821 The whole Shebang! Member Posts: 1,209 ■■■■■■□□□□
    tiersten wrote: »
    If you read the man page for usermod, you'll see that it is hardcoded to use crypt. No distribution in years has or should be using crypt for its password hashes.

    You shouldn't be testing things on the root account though :P

    Of course, I shouldn't be testing on the root account at work. I rather learn from my mistake now than regret it later. I was able to recover the password through single-user mode.
    It's also worth noting that you can make alias for some of these commands to prevent bad things from happening. One example would be

    alias rm = "rm -i"

    Clever thinking, NightShade. I didn't think of that. I remember learning alias in UNIX class, but that was two years ago, and I have not yet gotten to that part in Linux Administration book I'm currently reading/studying. The book in my opinion is not so bad. It's definitely good for beginners like myself.
  • tierstentiersten was here. Member Posts: 4,505
    I wouldn't rely on aliases though since you might end up on another machine that doesn't have your safe alias...
  • NightShade03NightShade03 Security Nut Member Posts: 1,383 ■■■■■■■□□□
    tiersten wrote: »
    I wouldn't rely on aliases though since you might end up on another machine that doesn't have your safe alias...

    Agreed! However if you are the administration installing everything on the systems and setting them up....

    Still your point is valid that you shouldn't rely on things because they will never be the same across machines, but alias is still something to know.
  • jibbajabbajibbajabba Google Ninja Member Posts: 4,317 ■■■■■■■■□□
    One thing to avoid in general is to copy / paste commands especially out of emails or build notes you may have.

    For example we had some Linux build notes for other people which included rm in an command. However, the Word document changed hyphens to some other weird symbol ...

    Same when it comes to email .. I don't know exactly what command that was exactly, but the commands he copied were basically going into a specific folder and delete certain files using for example
    cd something
    find . -name '*something*' -exec rm -rf {} \;
    

    Now Word screwed up the "-" and other bits to an extend that people kept wiping "/" ...

    Needless to say we made sure that we either save the document in plain text or use notepad lol - but it still is a danger when copy / paste commands from emails / websites or documents in general...
    My own knowledge base made public: http://open902.com :p
  • tierstentiersten was here. Member Posts: 4,505
    Gomjaba wrote: »
    However, the Word document changed hyphens to some other weird symbol ...
    Its part of the autocorrect/autoformat feature. It will replace - with em/en dash depending on what is around it. Smart quotes will also screw around with your scripts.
    Gomjaba wrote: »
    Needless to say we made sure that we either save the document in plain text or use notepad lol
    Pretty much. Word is the wrong tool for the job if you're editing scripts.
  • MentholMooseMentholMoose Senior Member Member Posts: 1,525 ■■■■■■■■□□
    Redirecting output to a file can be a problem. Be careful not to put ">" if you want ">>", the former will replace the file contents, while the latter appends. Also you better be very careful to redirect to the right place... redirecting to certain "files" in /dev or /sys can cause problems, including data loss (though sometimes there are legitimate reasons to redirecting somewhere in those directories).

    Scripting in general can be dangerous, it is easy to write a bad loop that can cause anything from high system load to massive data loss. Even though I'm experienced with scripting loops, I typically do a final check with "echo" to verify what really will be done.

    One problem I've run into is not completely deleting commands that I've started and decide to abort. So for example I might type "ls a*", then change my mind and delete the "a*", then when I come back later if I'm not paying attention I'll write a new command that ends up starting with "ls" (so like "ls ls b*"). This type of mistake caused me data loss once... I ended up with a command like "rm ls *txt", and deleted some txt files. I'm trying to make it a habit to use Ctrl+c to wipe out commands instead of Ctrl+w which only deletes one part at a time. A recent bash update added a helpful feature in that Ctrl+c will also print out "^C" by default.

    Another command I don't really like is the "yes" command. Sometimes I will enter some command expecting it to ask for confirmation, and if it doesn't and I'm not paying attention I'll just enter "yes" at the command prompt and lag my console while I furiously type Ctrl+C to cancel it. I think the key is to just pay attention when you're using the command prompt. :D
    MentholMoose
    MCSA 2003, LFCS, LFCE (expired), VCP6-DCV
  • demonfurbiedemonfurbie um yea i know some stuffs Member Posts: 1,819
    sudo chmod 777 *.*
    wgu undergrad: done ... woot!!
    WGU MS IT Management: done ... double woot :cheers:
  • disidisi Member Member Posts: 59 ■■□□□□□□□□
    sudo chmod 777 *.*
    # chmod a+x /usr/bin/chmod
    
    :D

    I don't like ulimit, sometimes you set something and forget about it a couple of months later. Then you realize "oh, I need more open sockets etc."
Sign In or Register to comment.