Path: utzoo!attcan!uunet!lll-winken!lll-lcc!pyramid!thirdi!peter From: peter@thirdi.UUCP (Peter Rowell) Newsgroups: comp.unix.wizards Subject: Down in the Dumps (a true story) Summary: dump can dump on *you*! Keywords: dump, massive destruction Message-ID: <406@thirdi.UUCP> Date: 19 May 88 22:13:13 GMT Reply-To: peter@thirdi.UUCP (Peter Rowell) Organization: Third Eye Software, Menlo Park, CA Lines: 53 If the following command does not look Evil to you, then read on.... dump 0usf /dev/rmt0 /dev/rrf0g I post this to the net in the hopes it will save someone else from nailing themselves to the cross like I did. I am sure that more than a few people will read this and say. "Oh sure, *I* knew that's what would happen. Why didn't you: (a) RTFM (read the friendly manual) (b) be more careful." Well, actually, I *did* just RTFM and then I made one simple little error and Murphy stepped all over my file system. In case you haven't already figured it out, the command in question (dump 0usf /dev/rmt0 /dev/rrf0g) will wipe out the file system residing on device /dev/rrf0g! (Yes, it really did...) The problem is that the "s" flag is looking for a size specification for the tape (which I accidently left out). It apparently ate "/dev/rmt0" and decided that it liked that just fine. Next, the "f" flag says "Oh boy! I get to do the dump TO /dev/rrf0g". Now, it would have been nice if dump had complained that I had not told it what device to dump FROM, but Nnnoooooo, the manual says: " ... If no arguments are given, the key is assumed to be 9u and a default file system is dumped to the default tape. ..." ^^^^^^^^^^^^^^^^^^^ The default on my system (an ISI box running 4.3) is /dev/rsd0g. Since this is a valid device on my system, dump promptly started dumping /usr all over rrf0fg. I saw right away that I had left the length off and interrupted the dump. When I started it up again (with the length) it informed me that the super-block was now caca and that I should run fsck with the -b switch. I did this with -b 32 and -b 11600 and -b etc. etc. etc. sigh. (Through no fault of my own, we did have a recent dump to restore from.) In conclusion: I *know* that being root is dangerous. I just never expected that I could *create* a dead file system by using dump! I personally would like to see dump modified along these lines: 1. Not default *anything* (except, perhaps, dump TO tape). 2. Be pickier about what a valid numerical value is. 3. Require confirmation for dangerous target devices. (Such as mounted file systems or things in /etc/fstab.) -------------------------------------------------------------------------- Peter Rowell "He's dead, Jim." Third Eye Software, Inc. ...!pyramid!thirdi!peter (415) 321-0967