Man deletes his entire web hosting company with single line of accidental code

midian182

midian182

Posts: 9,721   +121
Staff member

In what could be the ultimate example of having “one of those days,” a man has managed to delete his entire company by mistakenly running a single piece of code.

Update: And, of course, it was a hoax.

As reported by The Independent, Marco Marsala, who runs (or perhaps that should now be ‘ran’) a small web hosting company, inadvertently ran the ‘rm –rf’ command line while performing maintenance operations on his servers.

For those who don’t know, ‘rm’ tells the computer to remove, and the ‘-rf’ part deletes everything by force, overriding the usual safety warnings.

The command line is often used to delete from a specific directory, but none was given because it was ran by accident.

Marsala used a Bash script that was supposed to set the location, but a bug in the code above the line in question meant no directory was given, resulting in absolutely everything being deleted.

Writing on the Server Fault forum, Marsala said: "I run a small hosting provider with more or less 1,535 customers and I use Ansible to automate some operations to be run on all servers. Last night I accidentally ran, on all servers, a Bash script with a rm -rf {foo}/{bar} with those variables undefined due to a bug in the code above this line.”

Marsala went on to explain that the line of code had also deleted his backups and all his customers’ websites. “All servers got deleted and the offsite backups too because the remote storage was mounted just before by the same script (that is a backup maintenance script)."

Forum users told Marsala that his only option was to now contact a data recovery service, hope for the best, and get a good lawyer. He was also criticized for not putting safeguards in place that would have stopped this particular line of code from running without a specified location.

"This is not bad luck: it's astonishingly bad design reinforced by complete carelessness," wrote forum user Massimo.

Image credit : kikovic / shutterstock

Permalink to story.

https://www.techspot.com/news/64459-man-deletes-entire-web-hosting-company-single-line.html

 
and_it_s_gone_by_celeith-d5div3y.jpg
 
  • Like
Reactions: Hexic, psycros, CustosInanis and 11 others
If it was within some script given him, the provider is liable and stupid.
if he himself type that line, then he was stupid and had no business being the admin.

btw: rm -I foo would have prompted for permission, eg
Remove (unlink) the FILE(s).
-f, --force
ignore nonexistent files and arguments, never prompt

-I prompt before every removal

-I prompt once before removing more than three files, or when removing
recursively; less intrusive than -I, while still giving protection
against most mistakes

-r, -R, --recursive
remove directories and their contents recursively
 
  • Like
Reactions: Mister_K and madboyv1
Marsala went on to explain that the line of code had also deleted his backups and all his customers’ websites. "All servers got deleted and the offsite backups too because the remote storage was mounted just before by the same script (that is a backup maintenance script)."
Click to expand...
Moral of the story - the only true backup is an offline one (not just offsite). Not just vs accidental deletions, but malware, hacking, disgruntled employees, etc. Cloud storage is simply another layer enhancing an existing backup solution, not a replacement for it.
 
I'm gonna say at the point you have 100 website hosting customers, you should be doing weekly offsite backups with the drive being stored in a safety deposit box.

Also, gotta empower customers, and encourage them to make their own backups.
 
daThomas said:
I'm gonna say at the point you have 100 website hosting customers, you should be doing weekly offsite backups with the drive being stored in a safety deposit box.

Also, gotta empower customers, and encourage them to make their own backups.
Click to expand...

Amazon has some great cloud storage option that he could have backed up to
 
mailpup said:
Thrackerzod said:
This story seems incredibly suspect to me. I have a feeling a lot of news sites have been trolled.
Click to expand...
It does sound like the kind of story that later turns out to be a hoax doesn't it?
Click to expand...
It does, but something in me wants it to be true as mean as that might be.

Edit and Update - Seems it is a hoax http://goo.gl/cXR1A5 that is a link to a story about the guy saying it was just a joke.
 
This story turned out to be a hoax. It's explained in a newspaper article in Italian, which can be summarized like this:
"It's just an experiment to show how little everyone knows about this"
"That command is harmless but it looks like no one has noticed it"
"I wanted to advertise my startup which offers to outsource the management of servers"
"I am even writing a book on Unix Horror Stories for Dummies; anyway, this really happened to a person I know, but that was some years ago"
Then he added that after 2006 that command doesn't do anything without the "-no preserve" option, and that Ansible prevents this kind of errors, and almost every competent administrator uses it, but it looks like that none of those who answered knows it, otherwise they'd know that what he said can't happen.

So... Enjoy viral marketing.

And, on a side note, I would like to point out that Server Fault, which belongs to the Stack Exchange network, just like the more famous Stack Overflow, is not a forum. It's a Questions&Answers site, and all the users stress the difference.
 
  • Like
Reactions: Lionvibez
You must log in or register to reply here.

Similar threads

Cal Jeffrey
TSA fail: Man arrested for stealing boarding pass QR codes with his phone's camera
Replies
8
Views
182
ferrellsl
F
A
Mercedes-Benz accidentally shared its source code and business secrets with the whole...
Replies
11
Views
293
toooooot
T
Jimmy2x
New HTTP/2 vulnerability leaves servers in danger of devastating DoS attacks, even from a single TCP connection
Replies
4
Views
98
bviktor
B

Latest posts

Back