** **** (short for remove) is a basic command on Unix and Unix-like operating systems used to remove objects such as computer files, directories and symbolic links from file systems and also special files such as device nodes, pipes and sockets, similar to the **** command in MS-DOS, OS/2, and Microsoft **Windows. The command is also available in the EFI shell.

Overview

The command removes references to objects from the filesystem using the unlink system call, where those objects might have had multiple references (for example, a file with two different names), and the objects themselves are discarded only when all references have been removed and no programs still have open handles to the objects. This allows for scenarios where a program can open a file, immediately remove it from the filesystem, and then use it for temporary space, knowing that the file's space will be reclaimed after the program exits, even if it exits by crashing. The command generally does not destroy file data, since its purpose is really merely to unlink references, and the filesystem space freed may still contain leftover data from the removed file. This can be a security concern in some cases, and hardened versions sometimes provide for wiping out the data as the last link is being cut, and programs such as shred and srm are available which specifically provide data wiping capability. is generally only seen on UNIX-derived operating systems, which typically do not provide for recovery of deleted files through a mechanism like the recycle bin, hence the tendency for users to enclose in some kind of wrapper to limit accidental file deletion. There are undelete utilities that will attempt to reconstruct the index and can bring the file back if the parts were not reused.

History

On some old versions of Unix, the command would delete directories if they were empty. This behaviour can still be obtained in some versions of with the flag, e.g., the BSDs (such as FreeBSD, NetBSD, OpenBSD and macOS) derived from 4.4BSD-Lite2. The version of bundled in GNU coreutils was written by Paul Rubin, David MacKenzie, Richard Stallman, and Jim Meyering. This version also provides option, to help with compatibility. The same functionality is provided by the standard command. The option in Version 7 replaced , or "delete from switches", which debuted in Version 1. Doug McIlroy wrote that "was a desperation tool designed to clean up files with unutterable names". The command is available as a separate package for Microsoft Windows as part of the UnxUtils collection of native Win32 ports of common GNU Unix-like utilities. KolibriOS includes an implementation of the rm command. The rm command has also been ported to the IBM i operating system.

Syntax

deletes the file specified after options are added. Users can use a full path or a relative file path to specify the files to delete. doesn't delete a directory by default. deletes the file "foo" in the directory the user is currently in. , like other commands, uses options to specify how it will behave: can be overlain by a shell alias (C shell alias, Bourne shell or Bash) function of " " so as to avoid accidental deletion of files. If a user still wishes to delete a large number of files without confirmation, they can manually cancel out the argument by adding the option (as the option specified later on the expanded command line " " takes precedence). Unfortunately this approach generates dangerous habits towards the use of wildcarding, leading to its own version of accidental removals. (variously,, , and others) is frequently used in jokes and anecdotes about Unix disasters, such as the loss of many files during the production of film Toy Story 2 at Pixar. The variant of the command, if run by a superuser, would cause every file accessible from the present file system to be deleted from the machine. is often used in conjunction with xargs to supply a list of files to delete: Or, to remove all PNG images in all directories below the current one:

Permissions

Usually, on most filesystems, deleting a file requires write permission on the parent directory (and execute permission, in order to enter the directory in the first place). (Note that, confusingly for beginners, permissions on the file itself are irrelevant. However, GNU asks for confirmation if a write-protected file is to be deleted, unless the -f option is used.) To delete a directory (with ), one must delete all of its contents recursively. This requires that one must have read and write and execute permission to that directory (if it's not empty) and all non-empty subdirectories recursively (if there are any). The read permissions are needed to list the contents of the directory in order to delete them. This sometimes leads to an odd situation where a non-empty directory cannot be deleted because one doesn't have write permission to it and so cannot delete its contents; but if the same directory were empty, one would be able to delete it. If a file resides in a directory with the sticky bit set, then deleting the file requires one to be the owner of the file.

Protection of the filesystem root

Sun Microsystems introduced " " protection in Solaris 10, first released in 2005. Upon executing the command, the system now reports that the removal of / is not allowed. Shortly after, the same functionality was introduced into FreeBSD version of utility. GNU refuses to execute if the option is given, which has been the default since version 6.4 of GNU Core Utilities was released in 2006. In newer systems, this failsafe is always active, even without the option. To run the command, user must bypass the failsafe by adding the option, even if they are the superuser.

User-proofing

Systems administrators, designers, and even users often attempt to defend themselves against accidentally deleting files by creating an alias or function along the lines of: This results in asking the user to confirm on a file-by-file basis whether it should be deleted, by pressing the Y or N key. Unfortunately, this tends to train users to be careless about the wildcards they hand into their commands, as well as encouraging a tendency to alternately pound and the return key to affirm removes - until just past the one file they needed to keep. Users have even been seen going as far as " ", which automatically inserts "y" for each file. A compromise that allows users to confirm just once, encourages proper wildcarding, and makes verification of the list easier can be achieved with something like: It is important to note that this function should not be made into a shell script, which would run a risk of it being found ahead of the system in the search path, nor should it be allowed in non-interactive shells where it could break batch jobs. Enclosing the definition in the construct protects against the latter. There exist third-party alternatives which prevent accidental deletion of important files, such as "safe-rm" or "trash".

Maximum command line argument limitation

GNU Core Utilities implementation used in multiple Linux distributions will be limited in command line arguments bytes number of pages that are allocated within the kernel for command-line arguments before kernel 2.6.23 Released on 9 October 2007 were defined at kernel compile time at variable in file but new kernels limits the maximum argument length to 25% of the maximum stack limit (ulimit -s). Error: will prompt if command-line argument limit is exceed