
What to do with the “rm -rf” hoax question - stonesam92
http://meta.serverfault.com/questions/8696/what-to-do-with-the-rm-rf-hoax-question
======
mmahemoff
Firstly, let me say I find StackOverflow's trigger-happy attitude as annoying
as everyone else. "Not a real programming question" for questions needed to
solve programming problems or blocking comparisons ... #fail.

Now that I've said that, I do think this hoax question should be closed
because one of the principles is that it should be based on real problems
people face, which is a good way to keep the signal-to-noise ratio high. By
definition, this hoax is not real. While we could imagine it's possible,
that's pure speculation and there are infinite other scenarios we could
imagine, but we don't need to ask them as StackOverflow questions.

On a practical note, it's worth banning just to prevent a thousand viral
marketers and recruiters falling over themselves to compose the most
attention-grabbing fake questions in the next month.

~~~
oliyoung
"this hoax is not real. While we could imagine it's possible"

Having done rm -fr / on a box before, I think it should stay. The incident was
fake, the problem is real, it elicited real responses and has value.

~~~
JdeBP
You should read the Italian news coverage. Marco Marsala points out that the
problem is fake, that (as several people also noted on Hacker News) the
command mentioned has been benign since 2006, and that Ansible doesn't permit
this anyway. He observes that "serious administrators" would know this, but
apparently there were no such people at ServerFault answering his question
because otherwise they'd have spotted such a blatant error ("altrimenti
saprebbero che quanto ho descritto non può accadere").

* [http://www.repubblica.it/tecnologia/2016/04/15/news/cancella...](http://www.repubblica.it/tecnologia/2016/04/15/news/cancella_l_azienda_per_sbaglio_la_disavventura_tecnologica_di_marco_marsala-137693154/)

* [https://news.ycombinator.com/item?id=11500711](https://news.ycombinator.com/item?id=11500711)

* [https://news.ycombinator.com/item?id=11497590](https://news.ycombinator.com/item?id=11497590)

* [https://news.ycombinator.com/item?id=11514666](https://news.ycombinator.com/item?id=11514666)

------
kazinator
It's not a "hoax" in any sense. Just a plain lie. A hoax has to be fairly
large-scale and affect a lot of people (negatively). The original question
contained no hyper-links at all. (Ironically, one was inserted by subsequent
editors).

The question is plausible. I once deleted a /lib directory due to a misspelled
variable in a script! Recovery consisted of copying libs from another
installation of the same OS.

ServerFault appears to complaining that the question is generating traffic ---
to ServerFault!?

If we look at the user's account, it's clean. Only through a LinkedIn
reference do we see that "bleemboy" is Marco Marsala. Like, what fraction of
visitors are clicking through all that?

~~~
Stratoscope
> I once deleted a /lib directory due to a misspelled variable in a script!

Ah yes, the old "rm -rf $TEMPBASEEDIR/lib" bug. It is so easy to have that
happen.

Or like I did, write a script that assumes a certain environment variable is
set outside the script... and then forget to set the variable before running
it!

To prevent these problems, use "set -u" at the top of your bash scripts. This
will halt the script instead of silently inserting an empty string if you use
an undefined variable.

"set -e" (halt on nonzero return code) and "set -o pipefail" (propagate error
returns through a pipe) are also useful options, or combine them with:

    
    
      set -euo pipefail
    

Here's a great article that describes these options and some tips for using
them:

[http://redsymbol.net/articles/unofficial-bash-strict-
mode/](http://redsymbol.net/articles/unofficial-bash-strict-mode/)

~~~
yrro
But make sure you read up on the problems with `set -e` before you rely on it!

[http://mywiki.wooledge.org/BashFAQ/105](http://mywiki.wooledge.org/BashFAQ/105)

------
rcurry
I actually witnessed a funny incident, similar to this, when I worked at a
National Laboratory some years back. A team I was working with had a big
project that formed the core of a larger system, so they created a directory
named "core" and spent the next N months happily churning out code. Meanwhile,
the system administrator had a set of backup scripts that he'd configured to
ignore core dump files (yeah, you can guess where this is going), but the
scripts that he wrote didn't differentiate between files or directories that
had "core" in their name, so nothing got backed up for almost a year. Over the
Christmas break, the system administrator decided to install a new version of
Solaris, and wiped all the drives as well. I came in to work after the break,
and everyone was freaking out because all their code was gone. They managed to
recover some of it, because some developers had separate copies of parts of
the system, but it was still a disaster.

Every once in a while, at one job or another, someone will suggest we name a
source code folder "core" and I get to relate that story all over again.

~~~
marcoperaza
> _I came in to work after the break, and everyone was freaking out because
> all their code was gone._

What happened next? This cliffhanger is killing me.

~~~
rcurry
I honestly don't know how they recovered from it all. I think they were able
to recover parts of it from some people's workstations, but still had to
rewrite an awful lot of their code.

~~~
mlvljr
Once again proves, you have to A) look at what your scripts are actually doing
and B) test them manually at least couple times somehow, otherwise this is
plain unprofessional (in one of the many ways sadly and funnily possible).

------
cookiecaper
This shows the problem with the way Stack Exchange doles out moderation
abilities (automatic once you hit a certain karma threshold). You get a lot of
people who want to use these newfound powers. That's understandable, for sure.
The issue is that in their eagerness to be a good mod and help clean up and
get to do some cool moderatory stuff, they get overzealous and it results in
hamfisted, overbroad moderation because everyone is looking for a reason to
close the question. The higher principle behind the community gets lost in a
sea of technicalities.

Stack Exchange could improve their guidance and closure templates to help curb
the habit of closing useful stuff all the time, so part of it is an identity
issue that SE sites have within themselves, but it's compounded and
exacerbated by a lot of fresh faces looking for a reason to stop the
discussion so they can click their brand-new "lock thread" button.

~~~
mediumdeviation
This is an extremely popular narrative that seems to pop up every time a Stack
Exchange post geta onto the HN or proggit front page.

The problem with this narrative is that it is almost never substantiated. So
instead, let me posit an alternative hypothesis, as someone who has gotten his
hands dirty on the various Meta sites:

The reason most people feel that SE has a moderation problem is because the
moderation process on SE is significantly more transparent than almost _any_
sites out there. And because of this transparency, people find it easier to
point blame at these users.

The transparency part I hope is obvious - when a post get moderated on other
sites, the full edit history and name of the moderators involved are almost
never revealed. The close reasons are in general decided upon by the users
themselves. Individual moderation decisions can be contested and debated on
the Meta sites, and there are checks on almost every level.

In other words, the moderation process is already fairer than most other
sites, where the moderation process is essentially a black box with no means
of appeal. But people don't like it because the content which elsewhere would
have been swept quietly under the rug is still visible and indexable.

~~~
cookiecaper
I disagree. Most other forums do not lock or hide useful threads that are
popular, gaining substantive replies, and generating meaningful discussion. In
the more traditional moderation perspective, moderators have incentive to keep
active discussions alive, because they're usually considered staff and they
want to generate traffic. With StackExchange, there is no vested interest from
the moderating audience, they just want to click buttons; there is little or
no incentive to ask about the macro-level effects a moderation action may have
on the site.

~~~
richardwhiuk
And yet StackExchange has survived to rule all over programming forums.
Probably largely because the moderation is extremely heavy and kept heavily on
topic...

~~~
TeMPOraL
I don't think so. SO/SE have won because they've always been honest - they
provided Q&A service without upselling you bullshit, spamming you with ads or
forcing you into paid plans. That eventually led them to #1 spot in Google for
everything programming. I don't see how heavy-handed moderation could help
here; if anything, half of the questions I search for are marked as duplicate
/ not relevant / etc. Basically, I can't imagine what question _can_ be
relevant to SO anymore...

~~~
detaro
The ones you are looking up in the documentation yourself?

At least that's what I've noticed: I had a similar impression (everything
interesting is closed) until I had to work with stuff where I didn't know the
structure of the docs. Suddenly checking SO was quicker and had tons of
relevant content.

But yes, it is annoying that there isn't an easy to find place to go for
questions that require some discussion/debate and don't survive on SO.

------
brador
A question was asked, a problem was posed, and it got helpful replies and
answers for someone looking for a solution.

It's origin should not matter.

~~~
andrelaszlo
It was originally closed as a duplicate, the other question had more detail
and mentioned the --no-preserve-root flag.

Now it has also been merged with this question. The helpful replies are still
there, but the incentive to use the Stack Exchange sites for other purposes is
reduced. I think this was a nice solution in this case.

------
Fiahil
Apart from the SO moderation question, I'm quite bugged by a bigger one: How
the hell this ended up in mainstream media?

Can't we just ban every online buzz outlet from talking about programming,
hardware or computers until they actually understand what they are talking
about? I know what I'm asking is beyond impossible, but I'm really annoyed by
the amount of buzz-impinged-naiveté blossoming everywhere each time someone
makes headlines of something IT related.

~~~
TeMPOraL
And then please let's ban them from talking about science and anything
science-related too. Exaggerated IT stories are annoying, exaggerated science
and scaremongering with "scientists prove X causes cancer!!111" is socially
damaging and actually kills people.

~~~
DonHopkins
It's been known for a long time that X is a dangerous virus that causes
cancer. [1]

[1] [http://www.art.net/~hopkins/Don/unix-
haters/x-windows/danger...](http://www.art.net/~hopkins/Don/unix-
haters/x-windows/dangerous-virus.html)

------
andrelaszlo
This reminded me of an old story from The Daily WTF:

[http://thedailywtf.com/articles/Bourne-Into-
Oblivion](http://thedailywtf.com/articles/Bourne-Into-Oblivion)

~~~
jmiserez
I like the classic one from 1986 (!) a bit better:

[http://www.ee.ryerson.ca:8080/~elf/hack/recovery.html](http://www.ee.ryerson.ca:8080/~elf/hack/recovery.html)

HN discussion:

Unix Recovery Legend (1986):
[https://news.ycombinator.com/item?id=10160417](https://news.ycombinator.com/item?id=10160417)
(143 points, 228 days ago, 60 comments)

------
JoeAltmaier
Does it matter that it didn't happen, if it _could_ happen? Sounds like a
serious issue.

~~~
mpdehaan2
Not so easily.

I wrote Ansible, but no longer work on it.

There are numerous problems with the hoax.

(A) the user skipped --no-preserve-root to the command, if he really wanted to
delete /, he would need to try harder on a modern distro, because the rm
command would stop the attempt (B) ansible by default fails on undefined
variables, meaning it would never execute the command (C) Jinja template
variables are actually {{foo}} not {foo}, so {foo} in bash prints a literal
foo

So this triply couldn't happen. Finally, most people _should_ probably be
using the file module to delete files, though if people want to call out to
the shell they can with any config tool.

I hate this was even posted because it reflects poorly on me and was in
exceptionally bad taste to imply ansible would let it happen.

But can you shoot yourself in the foot with any config tool? If you want to,
yes. Can you be bitten by a bug? Yes. Do tool authors make mistakes? Yes.

But it was a mean thing to do, and it's not something the tool would even
allow, and it hurts when tech journalists (arguably some of the worst
reporters in existance) blindly parrot the article without fake checking (just
like they'll also do fake comparisons that just recycle blog posts).

~~~
softawre
Hey Michael, weird to see another ININ guy on HN. We never met but I was happy
to hear we hired you. Good luck.

~~~
mpdehaan2
Thanks! Yeah not there anymore but good group of folks! Not too many people
pushing immutable systems and continuous deployment so well either, which was
nice to see!

------
Houshalter
I don't think they should delete it. Just ban the user for abuse, and edit the
post to explain the situation. People spent time answering that question, and
it's plausible someone might find it helpful.

------
Kiro
What was the hoax exactly?

~~~
simula67
This question [http://serverfault.com/questions/587102/monday-morning-
mista...](http://serverfault.com/questions/587102/monday-morning-mistake-sudo-
rm-rf-no-preserve-root) was posted to server fault. It has since shown to be a
marketing tactic (
[http://www.repubblica.it/tecnologia/2016/04/15/news/cancella...](http://www.repubblica.it/tecnologia/2016/04/15/news/cancella_l_azienda_per_sbaglio_la_disavventura_tecnologica_di_marco_marsala-137693154/?ref=twhr&timestamp=1460722285000&utm_source=dlvr.it&utm_medium=twitter)
). The author did not delete his server, merely claimed to do so to get
attention. Server fault community is now indignant about using their community
( which is for answering real questions ) as a deceptive marketing platform.

~~~
gruez
Can you elaborate on what the marketing tactic was supposed to promote?

~~~
skewart
I'm wondering the same thing. Presumably the question asker was trying to
promote his hosting company. It seems like a pretty risky way to promote your
business though. I mean, maybe the old saying that any publicity is good
publicity holds true. But I don't remember seeing the actual name of the
company anywhere in the Independent article. (Maybe there was more or
different coverage in Italy). It seems like most prospective customers would,
at best, see this guy acting like a clown, which wouldn't inspire confidence.

Or, maybe the whole thing was created by some kind of creative marketing
agency trying to show off how they can "make things go viral" and get press?

~~~
TeMPOraL
Funny thing about this "viral" metaphor - you can only pull off any given
stunt _once_ (at least in the period of several year). Internet has a sort of
immune system that doesn't like copycats.

RE strategy, I think it might have been just exactly what happened - first
post a story, then wait for it to go viral, _then_ admit to faking it, thus
putting yourself in the spotlight.

It _is_ a risky strategy though. Personally, if he was running this business
in my country, I'd immediately put him on my personal blacklist ("never ever
do business with this person or company") and I'd be urging anyone I know who
uses his services to change the provider.

------
funkysquid
If you're curious what the hoax post was (the answers have since been merged
onto a different question) -

[http://webcache.googleusercontent.com/search?q=cache:6y3HTYv...](http://webcache.googleusercontent.com/search?q=cache:6y3HTYvxTYIJ:serverfault.com/questions/769357/recovering-
from-a-rm-rf)

------
phjesusthatguy3
The linked article says they already determined "What to do with the “rm -rf”
hoax question". What the article is asking is what to do with the fake
internet points.

------
tonyle
Reminds me of this post. Poster created a question and immediately answered it
with his own link.

[http://stackoverflow.com/questions/9751207/how-can-i-use-
got...](http://stackoverflow.com/questions/9751207/how-can-i-use-goto-in-
javascript)

~~~
saulr
It's not against the rules to answer your own question, as far as I'm aware.
If the question is one that other users may ask, and you have an answer, I
don't see what's wrong with posting questions and immediately answering them.

~~~
nevir
It's encouraged, even

~~~
twic
_Can I answer my own question?_

 _Yes! Stack Exchange has always explicitly encouraged users to answer their
own questions. If you have a question that you already know the answer to, and
you would like to document that knowledge in public so that others (including
yourself) can find it later, it 's perfectly okay to ask and answer your own
question on a Stack Exchange site._

[http://stackoverflow.com/help/self-
answer](http://stackoverflow.com/help/self-answer)

------
k__
So the Wikipedia-Delete-Nazis spread to StackExchange?

How come that such user-generated-content communities always end like that?!

