Database accidentally deleted with a bash script [duplicate]Monday morning mistake: sudo rm -rf --no-preserve-root /Restore mongoDB by --repair and WiredTigerAccidentally formated external usb harddrive (500GB) with bootable iso (1GB), how can I recover my data?What is the difference between double and single square brackets in bash?Accidentally rm -rf /usr/* as root, what now?How to add a timestamp to bash script log?Large incremental backup sizes although minimal changes with cPanel tarballsUbuntu OS recovery – accidentally deleted ld-linux-x86-64.so.2 from /lib64 folder in Ubuntu 14.04Decode & restore files from /dev/md3 (Hacked server)Synology: How to restore data from an accidentally deleted volumeX (BTRFS)?Mapped VMDK no longer accessible - VMware ESX - recover data
Are taller landing gear bad for aircraft, particulary large airliners?
Visiting the UK as unmarried couple
What does 사자 in this picture means?
Simple recursive Sudoku solver
The One-Electron Universe postulate is true - what simple change can I make to change the whole universe?
Is there a good way to store credentials outside of a password manager?
Can a Gentile theist be saved?
Is there enough fresh water in the world to eradicate the drinking water crisis?
Did US corporations pay demonstrators in the German demonstrations against article 13?
Why does this part of the Space Shuttle launch pad seem to be floating in air?
Simulating a probability of 1 of 2^N with less than N random bits
Can somebody explain Brexit in a few child-proof sentences?
Hostile work environment after whistle-blowing on coworker and our boss. What do I do?
Does "Dominei" mean something?
What was required to accept "troll"?
Installing PowerShell on 32-bit Kali OS fails
A known event to a history junkie
Is there an Impartial Brexit Deal comparison site?
Can I Retrieve Email Addresses from BCC?
Bob has never been a M before
Organic chemistry Iodoform Reaction
Can the electrostatic force be infinite in magnitude?
How can I raise concerns with a new DM about XP splitting?
Could solar power be utilized and substitute coal in the 19th century?
Database accidentally deleted with a bash script [duplicate]
Monday morning mistake: sudo rm -rf --no-preserve-root /Restore mongoDB by --repair and WiredTigerAccidentally formated external usb harddrive (500GB) with bootable iso (1GB), how can I recover my data?What is the difference between double and single square brackets in bash?Accidentally rm -rf /usr/* as root, what now?How to add a timestamp to bash script log?Large incremental backup sizes although minimal changes with cPanel tarballsUbuntu OS recovery – accidentally deleted ld-linux-x86-64.so.2 from /lib64 folder in Ubuntu 14.04Decode & restore files from /dev/md3 (Hacked server)Synology: How to restore data from an accidentally deleted volumeX (BTRFS)?Mapped VMDK no longer accessible - VMware ESX - recover data
This question already has an answer here:
Monday morning mistake: sudo rm -rf --no-preserve-root /
10 answers
Edit: a follow-up question: Restore mongoDB by --repair and WiredTiger.
My developer committed a huge mistake and we cannot find our Mongo database anywhere in the server.
He logged into the server, and saved the following shell under ~/crontab/mongod_back.sh:
#!/bin/sh
DUMP=mongodump
OUT_DIR=/data/backup/mongod/tmp // 备份文件临时目录
TAR_DIR=/data/backup/mongod // 备份文件正式目录
DATE=`date +%Y_%m_%d_%H_%M_%S` // 备份文件将以备份对间保存
DB_USER=Guitang // 数库操作员
DB_PASS=qq■■■■■■■■■■■■■■■■■■■■■ // 数掘库操作员密码
DAYS=14 // 保留最新14天的份
TARBAK="mongod_bak_$DATE.tar.gz" // 备份文件命名格式
cd $OUT_DIR // 创建文件夹
rm -rf $OUT_DIR/* // 清空临时目录
mkdir -p $OUT_DIR/$DATE // 创建本次备份文件夹
$DUMP -d wecard -u $DB_USER -p $DB_PASS -o $OUT_DIR/$DATE // 执行备份命令
tar -zcvf $TAR_DIR/$TAR_BAK $OUT_DIR/$DATE // 将份文件打包放入正式
find $TAR_DIR/ -mtime +$DAYS -delete // 除14天前的旧备
And then he ran it and it outputted permission denied messages, so he pressed Ctrl+C. The server shut down automatically. He tried to restart it but got a grub error:
He contacted AliCloud, the engineer connected the disk to another working server so that he could check the disk. Looks like some folders are gone, including /data/ where the mongodb is!
- We don't understand how the script could destroy the disk including
/data/; - And of course, is it possible to get the
/data/back?
PS: He did not take snapshot of the disk before.
PS2: As people mention "backups" a lot, we have lots of important users and data coming these 2 days, the purpose of this action was to backup them (for the first time), then they turned out to be entirely deleted.
filesystems shell ubuntu-14.04 data-recovery disaster-recovery
asked yesterday
SoftTimurSoftTimur
1238
marked as duplicate by Jenny D, womble♦ yesterday
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
|
show 6 more comments
This question already has an answer here:
Monday morning mistake: sudo rm -rf --no-preserve-root /
10 answers
Edit: a follow-up question: Restore mongoDB by --repair and WiredTiger.
My developer committed a huge mistake and we cannot find our Mongo database anywhere in the server.
He logged into the server, and saved the following shell under ~/crontab/mongod_back.sh:
#!/bin/sh
DUMP=mongodump
OUT_DIR=/data/backup/mongod/tmp // 备份文件临时目录
TAR_DIR=/data/backup/mongod // 备份文件正式目录
DATE=`date +%Y_%m_%d_%H_%M_%S` // 备份文件将以备份对间保存
DB_USER=Guitang // 数库操作员
DB_PASS=qq■■■■■■■■■■■■■■■■■■■■■ // 数掘库操作员密码
DAYS=14 // 保留最新14天的份
TARBAK="mongod_bak_$DATE.tar.gz" // 备份文件命名格式
cd $OUT_DIR // 创建文件夹
rm -rf $OUT_DIR/* // 清空临时目录
mkdir -p $OUT_DIR/$DATE // 创建本次备份文件夹
$DUMP -d wecard -u $DB_USER -p $DB_PASS -o $OUT_DIR/$DATE // 执行备份命令
tar -zcvf $TAR_DIR/$TAR_BAK $OUT_DIR/$DATE // 将份文件打包放入正式
find $TAR_DIR/ -mtime +$DAYS -delete // 除14天前的旧备
And then he ran it and it outputted permission denied messages, so he pressed Ctrl+C. The server shut down automatically. He tried to restart it but got a grub error:
He contacted AliCloud, the engineer connected the disk to another working server so that he could check the disk. Looks like some folders are gone, including /data/ where the mongodb is!
- We don't understand how the script could destroy the disk including
/data/; - And of course, is it possible to get the
/data/back?
PS: He did not take snapshot of the disk before.
PS2: As people mention "backups" a lot, we have lots of important users and data coming these 2 days, the purpose of this action was to backup them (for the first time), then they turned out to be entirely deleted.
filesystems shell ubuntu-14.04 data-recovery disaster-recovery
asked yesterday
SoftTimurSoftTimur
1238
marked as duplicate by Jenny D, womble♦ yesterday
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
4
Your script has no error checking. If the linecd $OUT_DIRfails, it's going to delete everything in the current path, which may well be/. This is why you have backups - use them.
– Jenny D
yesterday
He run the shell under~/crontab/, how couldrmorfind -deletedelete folders under/?
– SoftTimur
yesterday
8
Wow - did this script get into your version control system? Did it go through peer review?rm -rf $OUT_DIR/*really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)
– Lightness Races in Orbit
yesterday
3
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
2
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago
|
show 6 more comments
This question already has an answer here:
Monday morning mistake: sudo rm -rf --no-preserve-root /
10 answers
Edit: a follow-up question: Restore mongoDB by --repair and WiredTiger.
My developer committed a huge mistake and we cannot find our Mongo database anywhere in the server.
He logged into the server, and saved the following shell under ~/crontab/mongod_back.sh:
#!/bin/sh
DUMP=mongodump
OUT_DIR=/data/backup/mongod/tmp // 备份文件临时目录
TAR_DIR=/data/backup/mongod // 备份文件正式目录
DATE=`date +%Y_%m_%d_%H_%M_%S` // 备份文件将以备份对间保存
DB_USER=Guitang // 数库操作员
DB_PASS=qq■■■■■■■■■■■■■■■■■■■■■ // 数掘库操作员密码
DAYS=14 // 保留最新14天的份
TARBAK="mongod_bak_$DATE.tar.gz" // 备份文件命名格式
cd $OUT_DIR // 创建文件夹
rm -rf $OUT_DIR/* // 清空临时目录
mkdir -p $OUT_DIR/$DATE // 创建本次备份文件夹
$DUMP -d wecard -u $DB_USER -p $DB_PASS -o $OUT_DIR/$DATE // 执行备份命令
tar -zcvf $TAR_DIR/$TAR_BAK $OUT_DIR/$DATE // 将份文件打包放入正式
find $TAR_DIR/ -mtime +$DAYS -delete // 除14天前的旧备
And then he ran it and it outputted permission denied messages, so he pressed Ctrl+C. The server shut down automatically. He tried to restart it but got a grub error:
He contacted AliCloud, the engineer connected the disk to another working server so that he could check the disk. Looks like some folders are gone, including /data/ where the mongodb is!
- We don't understand how the script could destroy the disk including
/data/; - And of course, is it possible to get the
/data/back?
PS: He did not take snapshot of the disk before.
PS2: As people mention "backups" a lot, we have lots of important users and data coming these 2 days, the purpose of this action was to backup them (for the first time), then they turned out to be entirely deleted.
filesystems shell ubuntu-14.04 data-recovery disaster-recovery
asked yesterday
SoftTimurSoftTimur
1238
This question already has an answer here:
Monday morning mistake: sudo rm -rf --no-preserve-root /
10 answers
Edit: a follow-up question: Restore mongoDB by --repair and WiredTiger.
My developer committed a huge mistake and we cannot find our Mongo database anywhere in the server.
He logged into the server, and saved the following shell under ~/crontab/mongod_back.sh:
#!/bin/sh
DUMP=mongodump
OUT_DIR=/data/backup/mongod/tmp // 备份文件临时目录
TAR_DIR=/data/backup/mongod // 备份文件正式目录
DATE=`date +%Y_%m_%d_%H_%M_%S` // 备份文件将以备份对间保存
DB_USER=Guitang // 数库操作员
DB_PASS=qq■■■■■■■■■■■■■■■■■■■■■ // 数掘库操作员密码
DAYS=14 // 保留最新14天的份
TARBAK="mongod_bak_$DATE.tar.gz" // 备份文件命名格式
cd $OUT_DIR // 创建文件夹
rm -rf $OUT_DIR/* // 清空临时目录
mkdir -p $OUT_DIR/$DATE // 创建本次备份文件夹
$DUMP -d wecard -u $DB_USER -p $DB_PASS -o $OUT_DIR/$DATE // 执行备份命令
tar -zcvf $TAR_DIR/$TAR_BAK $OUT_DIR/$DATE // 将份文件打包放入正式
find $TAR_DIR/ -mtime +$DAYS -delete // 除14天前的旧备
And then he ran it and it outputted permission denied messages, so he pressed Ctrl+C. The server shut down automatically. He tried to restart it but got a grub error:
He contacted AliCloud, the engineer connected the disk to another working server so that he could check the disk. Looks like some folders are gone, including /data/ where the mongodb is!
- We don't understand how the script could destroy the disk including
/data/; - And of course, is it possible to get the
/data/back?
PS: He did not take snapshot of the disk before.
PS2: As people mention "backups" a lot, we have lots of important users and data coming these 2 days, the purpose of this action was to backup them (for the first time), then they turned out to be entirely deleted.
This question already has an answer here:
Monday morning mistake: sudo rm -rf --no-preserve-root /
10 answers
filesystems shell ubuntu-14.04 data-recovery disaster-recovery
filesystems shell ubuntu-14.04 data-recovery disaster-recovery
asked yesterday
SoftTimurSoftTimur
1238
asked yesterday
SoftTimurSoftTimur
1238
edited 16 hours ago
SoftTimur
asked yesterday
SoftTimurSoftTimur
1238
asked yesterday
SoftTimurSoftTimur
1238
asked yesterday
SoftTimurSoftTimur
1238
1238
marked as duplicate by Jenny D, womble♦ yesterday
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by Jenny D, womble♦ yesterday
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
4
Your script has no error checking. If the linecd $OUT_DIRfails, it's going to delete everything in the current path, which may well be/. This is why you have backups - use them.
– Jenny D
yesterday
He run the shell under~/crontab/, how couldrmorfind -deletedelete folders under/?
– SoftTimur
yesterday
8
Wow - did this script get into your version control system? Did it go through peer review?rm -rf $OUT_DIR/*really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)
– Lightness Races in Orbit
yesterday
3
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
2
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago
|
show 6 more comments
4
Your script has no error checking. If the linecd $OUT_DIRfails, it's going to delete everything in the current path, which may well be/. This is why you have backups - use them.
– Jenny D
yesterday
He run the shell under~/crontab/, how couldrmorfind -deletedelete folders under/?
– SoftTimur
yesterday
8
Wow - did this script get into your version control system? Did it go through peer review?rm -rf $OUT_DIR/*really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)
– Lightness Races in Orbit
yesterday
3
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
2
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago
4
4
Your script has no error checking. If the line
cd $OUT_DIR fails, it's going to delete everything in the current path, which may well be / . This is why you have backups - use them.– Jenny D
yesterday
Your script has no error checking. If the line
cd $OUT_DIR fails, it's going to delete everything in the current path, which may well be / . This is why you have backups - use them.– Jenny D
yesterday
He run the shell under
~/crontab/, how could rm or find -delete delete folders under /?– SoftTimur
yesterday
He run the shell under
~/crontab/, how could rm or find -delete delete folders under /?– SoftTimur
yesterday
8
8
Wow - did this script get into your version control system? Did it go through peer review?
rm -rf $OUT_DIR/* really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)– Lightness Races in Orbit
yesterday
Wow - did this script get into your version control system? Did it go through peer review?
rm -rf $OUT_DIR/* really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)– Lightness Races in Orbit
yesterday
3
3
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
2
2
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago
|
show 6 more comments
3 Answers
3
active
oldest
votes
Easy enough. The // sequence isn't a comment in bash (# is).
The statement OUT_DIR=x // text had no effect* except a cryptic error message.
Thus, with the OUT_DIR being an empty string, one of the commands eventually executed was rm -rf /*. Some directories placed directly underneath / weren't removed due to user not having permissions, but it appears that some vital directories were removed. You need to restore from backup.
* The peculiar form of bash statement A=b c d e f is roughly similar to:
export A=b
c d e f
unset A
A common example:
export VISUAL=vi # A standard visual editor to use is `vi`
visudo -f dummy_sudoers1 # Starts vi to edit a fake sudo config. Type :q! to exit
VISUAL=nano visudo -f dummy_sudoers2 # Starts nano to edit a fake sudo config
visudo -f dummy_sudoers3 # Starts vi again (!)
And the problematic line of script amounted to this:
export OUT_DIR=/data/backup/mongod/tmp
// 备份文件临时目录 # shell error as `//` isn't an executable file!
unset OUT_DIR
answered yesterday
kubanczykkubanczyk
10.4k22845
1
This is one of the reasons I always useset -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables
– ThisGuy
12 hours ago
add a comment |
1) He erroneously assumed that // was a bash comment. It is not, only # is.
The shell interpreted // text as a normal command, and did not find a binary called //, and did nothing.
In bash, when you have a variable assignment (OUT_DIR=/data/backup/mongod/tmp) directly preceding a command (// text), it only sets the variable while running the command. Therefore, it unsets OUT_DIR immediately, and when the rm line is reached, OUT_DIR is now unset, and rm -rf / is now called, deleting everything you have permission to delete.
2) The solution is the same as all rm -rf / cases: restore from backup. There is no other solution because you do not have physical access to the hard drive.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
Possible forensics, professional hard drive recovery methods. I know this because I know thatrm -rfis not extremely secure, and doesn't overwrite the hard drive.
– Ray Wu
yesterday
2
@SoftTimurrmusually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.
– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
add a comment |
1) Bash comments start with #. Sorry for your loss.
2) Restore from backup is the only way to proceed here, unfortunately.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
Easy enough. The // sequence isn't a comment in bash (# is).
The statement OUT_DIR=x // text had no effect* except a cryptic error message.
Thus, with the OUT_DIR being an empty string, one of the commands eventually executed was rm -rf /*. Some directories placed directly underneath / weren't removed due to user not having permissions, but it appears that some vital directories were removed. You need to restore from backup.
* The peculiar form of bash statement A=b c d e f is roughly similar to:
export A=b
c d e f
unset A
A common example:
export VISUAL=vi # A standard visual editor to use is `vi`
visudo -f dummy_sudoers1 # Starts vi to edit a fake sudo config. Type :q! to exit
VISUAL=nano visudo -f dummy_sudoers2 # Starts nano to edit a fake sudo config
visudo -f dummy_sudoers3 # Starts vi again (!)
And the problematic line of script amounted to this:
export OUT_DIR=/data/backup/mongod/tmp
// 备份文件临时目录 # shell error as `//` isn't an executable file!
unset OUT_DIR
answered yesterday
kubanczykkubanczyk
10.4k22845
1
This is one of the reasons I always useset -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables
– ThisGuy
12 hours ago
add a comment |
Easy enough. The // sequence isn't a comment in bash (# is).
The statement OUT_DIR=x // text had no effect* except a cryptic error message.
Thus, with the OUT_DIR being an empty string, one of the commands eventually executed was rm -rf /*. Some directories placed directly underneath / weren't removed due to user not having permissions, but it appears that some vital directories were removed. You need to restore from backup.
* The peculiar form of bash statement A=b c d e f is roughly similar to:
export A=b
c d e f
unset A
A common example:
export VISUAL=vi # A standard visual editor to use is `vi`
visudo -f dummy_sudoers1 # Starts vi to edit a fake sudo config. Type :q! to exit
VISUAL=nano visudo -f dummy_sudoers2 # Starts nano to edit a fake sudo config
visudo -f dummy_sudoers3 # Starts vi again (!)
And the problematic line of script amounted to this:
export OUT_DIR=/data/backup/mongod/tmp
// 备份文件临时目录 # shell error as `//` isn't an executable file!
unset OUT_DIR
answered yesterday
kubanczykkubanczyk
10.4k22845
1
This is one of the reasons I always useset -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables
– ThisGuy
12 hours ago
add a comment |
Easy enough. The // sequence isn't a comment in bash (# is).
The statement OUT_DIR=x // text had no effect* except a cryptic error message.
Thus, with the OUT_DIR being an empty string, one of the commands eventually executed was rm -rf /*. Some directories placed directly underneath / weren't removed due to user not having permissions, but it appears that some vital directories were removed. You need to restore from backup.
* The peculiar form of bash statement A=b c d e f is roughly similar to:
export A=b
c d e f
unset A
A common example:
export VISUAL=vi # A standard visual editor to use is `vi`
visudo -f dummy_sudoers1 # Starts vi to edit a fake sudo config. Type :q! to exit
VISUAL=nano visudo -f dummy_sudoers2 # Starts nano to edit a fake sudo config
visudo -f dummy_sudoers3 # Starts vi again (!)
And the problematic line of script amounted to this:
export OUT_DIR=/data/backup/mongod/tmp
// 备份文件临时目录 # shell error as `//` isn't an executable file!
unset OUT_DIR
answered yesterday
kubanczykkubanczyk
10.4k22845
Easy enough. The // sequence isn't a comment in bash (# is).
The statement OUT_DIR=x // text had no effect* except a cryptic error message.
Thus, with the OUT_DIR being an empty string, one of the commands eventually executed was rm -rf /*. Some directories placed directly underneath / weren't removed due to user not having permissions, but it appears that some vital directories were removed. You need to restore from backup.
* The peculiar form of bash statement A=b c d e f is roughly similar to:
export A=b
c d e f
unset A
A common example:
export VISUAL=vi # A standard visual editor to use is `vi`
visudo -f dummy_sudoers1 # Starts vi to edit a fake sudo config. Type :q! to exit
VISUAL=nano visudo -f dummy_sudoers2 # Starts nano to edit a fake sudo config
visudo -f dummy_sudoers3 # Starts vi again (!)
And the problematic line of script amounted to this:
export OUT_DIR=/data/backup/mongod/tmp
// 备份文件临时目录 # shell error as `//` isn't an executable file!
unset OUT_DIR
answered yesterday
kubanczykkubanczyk
10.4k22845
edited 21 hours ago
answered yesterday
kubanczykkubanczyk
10.4k22845
answered yesterday
kubanczykkubanczyk
10.4k22845
answered yesterday
kubanczykkubanczyk
10.4k22845
10.4k22845
1
This is one of the reasons I always useset -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables
– ThisGuy
12 hours ago
add a comment |
1
This is one of the reasons I always useset -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables
– ThisGuy
12 hours ago
1
1
This is one of the reasons I always use
set -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables– ThisGuy
12 hours ago
This is one of the reasons I always use
set -euo pipefail, would have resulted in an exit instead of blundering forward with unset variables– ThisGuy
12 hours ago
add a comment |
1) He erroneously assumed that // was a bash comment. It is not, only # is.
The shell interpreted // text as a normal command, and did not find a binary called //, and did nothing.
In bash, when you have a variable assignment (OUT_DIR=/data/backup/mongod/tmp) directly preceding a command (// text), it only sets the variable while running the command. Therefore, it unsets OUT_DIR immediately, and when the rm line is reached, OUT_DIR is now unset, and rm -rf / is now called, deleting everything you have permission to delete.
2) The solution is the same as all rm -rf / cases: restore from backup. There is no other solution because you do not have physical access to the hard drive.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
Possible forensics, professional hard drive recovery methods. I know this because I know thatrm -rfis not extremely secure, and doesn't overwrite the hard drive.
– Ray Wu
yesterday
2
@SoftTimurrmusually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.
– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
add a comment |
1) He erroneously assumed that // was a bash comment. It is not, only # is.
The shell interpreted // text as a normal command, and did not find a binary called //, and did nothing.
In bash, when you have a variable assignment (OUT_DIR=/data/backup/mongod/tmp) directly preceding a command (// text), it only sets the variable while running the command. Therefore, it unsets OUT_DIR immediately, and when the rm line is reached, OUT_DIR is now unset, and rm -rf / is now called, deleting everything you have permission to delete.
2) The solution is the same as all rm -rf / cases: restore from backup. There is no other solution because you do not have physical access to the hard drive.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
Possible forensics, professional hard drive recovery methods. I know this because I know thatrm -rfis not extremely secure, and doesn't overwrite the hard drive.
– Ray Wu
yesterday
2
@SoftTimurrmusually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.
– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
add a comment |
1) He erroneously assumed that // was a bash comment. It is not, only # is.
The shell interpreted // text as a normal command, and did not find a binary called //, and did nothing.
In bash, when you have a variable assignment (OUT_DIR=/data/backup/mongod/tmp) directly preceding a command (// text), it only sets the variable while running the command. Therefore, it unsets OUT_DIR immediately, and when the rm line is reached, OUT_DIR is now unset, and rm -rf / is now called, deleting everything you have permission to delete.
2) The solution is the same as all rm -rf / cases: restore from backup. There is no other solution because you do not have physical access to the hard drive.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1) He erroneously assumed that // was a bash comment. It is not, only # is.
The shell interpreted // text as a normal command, and did not find a binary called //, and did nothing.
In bash, when you have a variable assignment (OUT_DIR=/data/backup/mongod/tmp) directly preceding a command (// text), it only sets the variable while running the command. Therefore, it unsets OUT_DIR immediately, and when the rm line is reached, OUT_DIR is now unset, and rm -rf / is now called, deleting everything you have permission to delete.
2) The solution is the same as all rm -rf / cases: restore from backup. There is no other solution because you do not have physical access to the hard drive.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Ray WuRay Wu
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Ray WuRay Wu
711
answered yesterday
Ray WuRay Wu
711
711
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Ray Wu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
Possible forensics, professional hard drive recovery methods. I know this because I know thatrm -rfis not extremely secure, and doesn't overwrite the hard drive.
– Ray Wu
yesterday
2
@SoftTimurrmusually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.
– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
add a comment |
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
Possible forensics, professional hard drive recovery methods. I know this because I know thatrm -rfis not extremely secure, and doesn't overwrite the hard drive.
– Ray Wu
yesterday
2
@SoftTimurrmusually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.
– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
why having physical access to the hard drive may help to restore?
– SoftTimur
yesterday
1
1
Possible forensics, professional hard drive recovery methods. I know this because I know that
rm -rf is not extremely secure, and doesn't overwrite the hard drive.– Ray Wu
yesterday
Possible forensics, professional hard drive recovery methods. I know this because I know that
rm -rf is not extremely secure, and doesn't overwrite the hard drive.– Ray Wu
yesterday
2
2
@SoftTimur
rm usually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.– Lightness Races in Orbit
yesterday
@SoftTimur
rm usually just "unlinks" files but the data is still physically there until overwritten. This is why professionals can "undelete" sometimes if they have physical access and you haven't done lots of things with the disk after the catastrophe occurred. If you don't have backups, that's the best you can hope for.– Lightness Races in Orbit
yesterday
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
You don't need physical access, with almost no disk activity since the deletion file restore utilities might be able to relatively easily find almost everything
– ThisGuy
12 hours ago
add a comment |
1) Bash comments start with #. Sorry for your loss.
2) Restore from backup is the only way to proceed here, unfortunately.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
1) Bash comments start with #. Sorry for your loss.
2) Restore from backup is the only way to proceed here, unfortunately.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
1) Bash comments start with #. Sorry for your loss.
2) Restore from backup is the only way to proceed here, unfortunately.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
1) Bash comments start with #. Sorry for your loss.
2) Restore from backup is the only way to proceed here, unfortunately.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
RMPJRMPJ
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
RMPJRMPJ
311
answered yesterday
RMPJRMPJ
311
311
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
RMPJ is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
4
Your script has no error checking. If the line
cd $OUT_DIRfails, it's going to delete everything in the current path, which may well be/. This is why you have backups - use them.– Jenny D
yesterday
He run the shell under
~/crontab/, how couldrmorfind -deletedelete folders under/?– SoftTimur
yesterday
8
Wow - did this script get into your version control system? Did it go through peer review?
rm -rf $OUT_DIR/*really? And why was the script not tested on a non-production server? Once you have restored from backup you have many critical procedural failings to address here before automating anything else. I hope you're not too hard on your developer over it, as a result (though they also have quite a bit to answer for)– Lightness Races in Orbit
yesterday
3
Re: this was to be your backup script, never test a new procedure against the only copy of your data. Prior to your very first backup, create a separate test database, put in some fake data, and restore test that.
– John Mahowald
yesterday
2
Two suggestions to improve your questions: 1) use all-English. The problem with the non-English content is that people don't understanding it, also don't know if it is important or not. Thus, they can't be sure that their answer is okay, and thus they tend to rather don't answer. 2) If you can use textual copy-paste, use that and never use screenshots.
– peterh
22 hours ago