How to use sudo rm -rf safely
Neeran Gul
Staff Site Reliability Engineer, Mozn
Published: 2/1/2024
sudo rm -rf is a highly destructive action. Typically, the meaning of sudo rm-rf is that you are force-deleting all directories and files as a superuser. We are going to break down this command and understand what each step does. Understanding its components can help you create a safer, simpler command - or make sure you only run it in the most controlled environments.
sudo and rm usage
The first part of the command is sudo, sudo allows us to execute a command as another user. By default sudo will run anything after sudo as the root super user. Running as the root user means that this command can pretty much do anything as it has access to all files on the file system.
The second part of the command is rm. rm is used to delete files and directories on the file system. How does rm work? Let’s look at an example:
$ touch test.txt
$ rm test1.txt
$ mkdir test
$ rm test
rm: hello: is a directory
As we can see, we can successfully delete files, but we cannot use the plain rm command to delete directories. Let’s see how we can delete directories using the rm command.
$ rm -r test
$ ls
# test directory should be deleted
Above, we show that we can delete directories by passing the -r flag.
Let’s have a look at an example of what using the -f flag means.
# change to root user
$ sudo su -
$ touch cannotdelete.txt
# check it’s owned by root
$ ls -al cannotdelete.txt
-rw-r--r-- 1 root root 0 12 Nov 21:43 cannotdelete.txt
# switch to normal user
$ exit
$ rm cannotdelete.txt
override rw-r--r-- root/root for cannotdelete.txt?
$ rm -f cannotdelete.txt
# file is deleted without confirmation
-f is the force flag, it attempts to remove files without any prompt regardless of permissions.
Deleting multiple files and directories
# delete multiple files
$ touch test1.txt test2.txt test3.txt
# delete only txt files using glob wildcard, *.txt resolves to all files ending with .txt
$ rm *.txt
# delete files and directories
$ touch test1.txt test2.txt test3.txt
$ mkdir test1 test2 test3
$ rm -rf *
# delete only files in directory
$ mkdir test1
# don’t want any prompts
$ sudo rm -rf test1/*
# delete the directory
$ rm -r test1
The examples above illustrate when we should use -r and when we should use -f. Essentially, -rf is us saying “I don’t care if it’s files or directories; just delete it”.
Be Careful With its Usage
So when does it turn destructive? When using rm, the feedback from the terminal is minimal when a file is deleted. It is very easy to delete files, meaning you can end up deleting important files by mistake.
Here’s an example of a particularly scary command:
# DO NOT RUN THIS
$ sudo rm -rf /
# This is just as bad
$ sudo rm -rf /*
On Unix systems, the operating system is on the / path. If someone runs the above command, rm will attempt to delete ALL files and directories under the root of your filesystem. Since sudo has been passed, the command is run as the superuser, typically root. This means that all your system files, applications and binaries will be deleted without any prompts, silently. The only way to recover is to restore from a backup or snapshot. Be extra wary and make sure to avoid using sudo rm -rf within any scripts or automation - especially when the path argument is parameterized.
Written by
Neeran Gul
Staff Site Reliability Engineer, Mozn
Filed Under
Related Articles
Bash If Statement
Learn how to use the if statement in Bash to compare multiple values and expressions.
Bash While Loop
Learn how to use and control the while loop in Bash to repeat instructions, and read from the standard input, files, arrays, and more.
POST JSON Data With Curl
How to send valid HTTP POST requests with JSON data payloads using the curl command and how to avoid common syntax pitfalls. Also, how to solve the HTTP 405 error code.
Use Cookies With cURL
Learn how to store and send cookies using files, hard-coded values, environment variables with cURL.
Loop Through Files in Directory in Bash
Learn how to iterate over files in a directory linearly and recursively using Bash and Python.
How To Use sudo su
A quick overview of using sudo su
Generate, Sign, and View a CSR With OpenSSL
Learn how to generate, self-sign, and verify certificate signing requests with `openssl`.
How to run chmod recursively
Using -R is probably not what you want
Run Bash Shell In Docker
Start an interactive shell in Docker container
Curl Post Request
Use cURL to send data to a server
Reading User Input
Via command line arguments and prompting users for input
Bash Aliases
Create an alias for common commands