rm (Unix)

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

rm (short for remove) is a basic UNIX command used to remove objects such as files, directories and symbolic links from filesystems and also special files such as device nodes, pipes and sockets.

rm command removes references to objects from the filesystem using the unlink system call, where those objects might have had multiple references (for example, a file with two different names), and the objects themselves are discarded only when all references have been removed and no programs still have open handles to the objects.

This allows for scenarios where a program can open a file, immediately remove it from the filesystem, and then use it for temporary space, knowing that the file's space will be reclaimed after the program exits, even if it exits by crashing.

rm generally does not destroy file data, since its purpose is really merely to unlink references, and the filesystem space freed may still contain leftover data from the removed file. This can be a security concern in some cases, and hardened versions sometimes provide for wiping out the data as the last link is being cut, and programs such as shred and srm are available which specifically provide data wiping capability.


To remove a file named "foo" from a directory one could type:

% rm foo

Normally, no output is produced by rm, since it typically only generates messages in the event of an error. The -v option can be used to get rm to detail successful removal actions.

Users concerned about removing files unexpectedly - particularly when using wildcards - sometimes use the -i option to cause rm to verify each removal in advance, although this method may be inconvenient for use on large numbers of files.

% rm -i foo
remove foo? y


rm is generally only seen on UNIX-derived operating systems, which typically do not provide for recovery of deleted files through a mechanism like the recycle bin,[1] hence the tendency for users to enclose rm in some kind of wrapper to limit accidental file deletion.

There are undelete utilities that will attempt to reconstruct the index and can bring the file back if the parts were not reused.


Common options that rm accepts include:

  • -r, which removes directories, removing the contents recursively beforehand (so as not to leave files without a directory to reside in) ("recursive")
  • -i, which asks for every deletion to be confirmed ("interactive")
  • -f, which ignores non-existent files and overrides any confirmation prompts ("force"), although it will not remove files from a directory if the directory is write-protected.

rm can be overlain by a shell alias (C shell alias, Bourne shell or Bash) function of "rm -i" so as to avoid accidental deletion of files. If a user still wishes to delete a large number of files without confirmation, they can manually cancel out the -i argument by adding the -f option (as the option specified later on the expanded command line "rm -i -f" takes precedence). Unfortunately this approach generates dangerous habits towards the use of wildcarding, leading to its own version of accidental removals.

rm -rf (variously, rm -rf /, rm -rf *, and others) is frequently used in jokes and anecdotes about Unix disasters.[2] The rm -rf / variant of the command, if run by a superuser, would cause every file accessible from the present file system to be deleted from the machine.

rm is often used in conjunction with xargs to supply a list of files to delete:

 xargs rm < filelist

Or, to remove all PNG images in all directories below the current one:

 find . -name '*.png' -exec rm {} +


Usually, on most filesystems, deleting a file requires write permission on the parent directory (and execute permission, in order to enter the directory in the first place). (Note that, confusingly for beginners, permissions on the file itself are irrelevant. However, GNU rm asks for confirmation if a write-protected file is to be deleted, unless the -f option is used.)

To delete a directory (with rm -r), one must delete all of its contents recursively. This requires that one must have read and write and execute permission to that directory (if it's not empty) and all non-empty subdirectories recursively (if there are any). The read permissions are needed to list the contents of the directory in order to delete them. This sometimes leads to an odd situation where a non-empty directory cannot be deleted because one doesn't have write permission to it and so cannot delete its contents; but if the same directory were empty, one would be able to delete it.

If a file resides in a directory with the sticky bit set, then deleting the file requires one to be the owner of the file.

Protection of the filesystem root[edit]

Sun Microsystems introduced "rm -rf /" protection in Solaris 10, first released in 2005. Upon executing the command, the system now reports that the removal of / is not allowed.[3] Shortly after, the same functionality was introduced into FreeBSD version of rm utility.[4] GNU rm refuses to execute rm -rf / if the --preserve-root option is given,[5] which has been the default since version 6.4 of GNU Core Utilities was released in 2006.


Systems administrators, designers, and even users often attempt to defend themselves against accidentally deleting files by creating an alias or function along the lines of:

alias rm="rm -i"
rm () { /bin/rm -i "$@" ; }

This results in rm asking the user to confirm on a file-by-file basis whether it should be deleted, by pressing the Y or N key. Unfortunately, this tends to train users to be careless about the wildcards they hand into their rm commands, as well as encouraging a tendency to alternately pound y and the return key to affirm removes - until just past the one file they needed to keep.[citation needed] Users have even been seen going as far as "yes | rm files", which automatically inserts "yes" for each file.[citation needed]

A compromise that allows users to confirm just once, encourages proper wildcarding, and makes verification of the list easier can be achieved with something like:

if [ -n "$PS1" ] ; then
  rm () 
      ls -FCsd "$@"
      echo 'remove[ny]? ' | tr -d '\012' ; read
      if [ "_$REPLY" = "_y" ]; then
          /bin/rm -rf "$@"
          echo '(cancelled)'

It's important to note that this function should not be made into a shell script, which would run a risk of it being found ahead of the system rm in the search path, nor should it be allowed in non-interactive shells where it could break batch jobs. Enclosing the definition in the if [ -n "$PS1" ] ; then ....  ; fi construct protects against the latter.

There exist third-party alternatives which prevent accidental deletion of important files, such as "safe-rm"[6] or "trash".[7]


On some old versions of Unix, the rm command would delete directories if they were empty.[8] This behaviour can still be obtained in some versions of rm with the -d flag, e.g., the BSDs (such as FreeBSD,[9] NetBSD,[10] OpenBSD[11] and OSX[12]) derived from 4.4BSD-Lite2.[13] The GNU coreutils version also provides -d option, to help with compatibility.[14] The same functionality is provided by the standard rmdir command.

The -i option in Version 7 replaced dsw, or "delete from switches", which debuted in Version 1. Doug McIlroy wrote that dsw "was a desperation tool designed to clean up files with unutterable names".[15]

Maximum Command line Argument limitation[edit]

GNU Core Utilities implementation used in multiple Linux distributions will be limited in command line arguments bytes number of pages that are allocated within the kernel for command-line arguments before kernel 2.6.23 Released on 9 October 2007[16] [17]were defined at kernel compile time at variable MAX_ARG_PAGES in include/linux/binfmts.h file but new kernels limits the maximum argument length to 25% of the maximum stack limit (ulimit -s). Error: /bin/rm: Argument list too long. will prompt if command-line argument limit is exceed[18]


This command almost halted the production of Toy Story 2.

See also[edit]


External links[edit]