Arrow BOFHcam Menu
Arrow Camera I
Arrow Camera II
Arrow Copyleft

Black Operations in the
Corporate IT Theatre
in a Nutshell
Distributing Clue
to Users
Pocket Reference
Practical UNIX
Snooping Email
for Fun and Profit
Tracing Spammers
Windows NT's
Infernal Filesystem
Windows NT
User Obliteration
Why You Can't Find
Your UNIX System Administrator
Writing Word
Macro Viruses

This month's Journal
Other Writing

O'Really T-shirts

BOFH in a Nutshell

[Book Cover]


I designed the T-shirt, using my idea of what a likely set of commands would be for totally eradicating a user from a UNIX-like system would be. The image was produced with Paint Shop Pro 5 using the ITC Garamond and Gill Sans MT Truetype fonts.

Whenever possible the T-shirts upon which the image is laser printed is usually a Screen Stars (Fruit of the Loom) or Jersey 363 type. Fairly heavy cotton, it shouldn't need ironing if you dry it by hanging it over something.

The commands featured on the T-shirt for BOFH in a Nutshell are "cd" "rm", and "vi", the arguments are (respectively) "/home", "-rf ./smithj" and "/etc/passwd".

While "cd" is a shell builtin, here is a brief description of it's workings, as taken from FreeBSD.
CD(1)                   FreeBSD General Commands Manual                  CD(1)

     cd - change working directory

     cd directory

     Directory is an absolute or relative pathname which becomes the new work-
     ing directory.  The interpretation of a relative pathname by cd depends
     on the CDPATH environment variable (see below).

     The following environment variables affect the execution of cd:

     CDPATH  If the directory operand does not begin with a slash (/) charac-
             ter, and the first component is not dot (.) or dot-dot (..), cd
             searches for the directory relative to each directory named in
             the CDPATH variable, in the order listed.  The new working direc-
             tory is set to the first matching directory found.  An empty
             string in place of a directory pathname represents the current
             directory.  If the new working directory was derived from CDPATH,
             it will be printed to the standard output.

     HOME    If cd is invoked without arguments and the HOME environment vari-
             able exists and contains a directory name, that directory becomes
             the new working directory.

     See csh(1) for more information on environment variables.

     The cd utility exits 0 on success, and >0 if an error occurs.

     csh(1),  pwd(1),  sh(1),  chdir(2)

     The cd command is expected to be IEEE Std1003.2 (``POSIX.2'') compatible.

4th Berkeley Distribution        June 5, 1993                                1
/home is the normal location of a users' home directories on a UNIX-like system. Home directories are usually indexed by the usernames specified in /etc/passwd (see later).

RM(1)                   FreeBSD General Commands Manual                  RM(1)

     rm - remove directory entries

     rm [-dfiPRrW] file ...

     The rm utility attempts to remove the non-directory type files specified
     on the command line.  If the permissions of the file do not permit writ-
     ing, and the standard input device is a terminal, the user is prompted
     (on the standard error output) for confirmation.

     The options are as follows:

     -d          Attempt to remove directories as well as other types of

     -f          Attempt to remove the files without prompting for confirma-
                 tion, regardless of the file's permissions.  If the file does
                 not exist, do not display a diagnostic message or modify the
                 exit status to reflect an error.  The -f option overrides any
                 previous -i options.

     -i          Request confirmation before attempting to remove each file,
                 regardless of the file's permissions, or whether or not the
                 standard input device is a terminal.  The -i option overrides
                 any previous -f options.

     -P          Overwrite regular files before deleting them.  Files are
                 overwritten three times, first with the byte pattern 0xff,
                 then 0x00, and then 0xff again, before they are deleted.

     -R          Attempt to remove the file hierarchy rooted in each file ar-
                 gument.  The -R option implies the -d option.  If the -i op-
                 tion is specified, the user is prompted for confirmation be-
                 fore each directory's contents are processed (as well as be-
                 fore the attempt is made to remove the directory).  If the
                 user does not respond affirmatively, the file hierarchy root-
                 ed in that directory is skipped.

     -r          Equivalent to -R.

     -W          Attempt to undelete the named files.  Currently, this option
                 can only be used to recover files covered by whiteouts.

     The rm utility removes symbolic links, not the files referenced by the

     It is an error to attempt to remove the files ``.'' and ``..''.

     The rm utility exits 0 if all of the named files or file hierarchies were
     removed, or if the -f option was specified and all of the existing files
     or file hierarchies were removed.  If an error occurs, rm exits with a
     value >0.

     The rm command uses getopt(3) to parse its arguments, which allows it to
     accept the `--' option which will cause it to stop processing flag op-
     tions at that point.  This will allow the removal of file names that be-
     gin with a dash (`-'). For example:
           rm -- -filename
     The same behavior can be obtained by using an absolute or relative path
     reference.  For example:
           rm /home/user/-filename
           rm ./-filename

     rmdir(1),  undelete(2),  unlink(2),  fts(3),  getopt(3),  symlink(7)

     The -P option assumes that the underlying file system is a fixed-block
     file system.  UFS is a fixed-block file system, LFS is not.  In addition,
     only regular files are overwritten, other types of files are not.

     The rm utility differs from historical implementations in that the -f op-
     tion only masks attempts to remove non-existent files instead of masking
     a large variety of errors.

     Also, historical BSD UNIX implementations prompted on the standard out-
     put, not the standard error output.

     The rm command is almost IEEE Std1003.2 (``POSIX.2'') compatible, except
     that POSIX requires rm to act like rmdir(1) when the file specified is a
     directory.  This implementation requires the -d option if such behavior
     is desired.  This follows the historical behavior of rm with respect to

     A rm command appeared in Version 1 AT&T UNIX.

BSD                            January 28, 1999                              2
The editor "vi" is too complex to go into here, suffice to say, it is a modal editor that knocks the socks of that crappy EMACS thing.

The final part of the design is "/etc/passwd". This is the file that contains the username/userid/pertinent identifiers/Real Name/home directory gubbins required to tell the machine that the user exists and can log in. Removing someone from /etc/passwd means that this person no longer exists to the computer for all intents and purposes. Having deleted that user's home directory (and all their files) anyway, means there's nothing for them there anyway.

Return to BOFH in a Nutshell

BOFHcam Home | O'Really T-shirts | How to Order | BOFHcam Contacts
O'Reilly Inc. | About BOFHcam | Approved sites

Not associated with O'Reilly & Associates, Inc. © 2000-2017