Essential Safety Checklist for Dangerous Linux Commands in Production

Every year there are headlines about databases being deleted and people running away; in reality, deleting data is easy while escaping the consequences is hard, and operators often shed tears.

These dangerous actions are not always driven by malicious intent, but the commands themselves are hazardous. When working online, stay alert and avoid careless mistakes.

Never log into production servers after drinking alcohol.

Never operate after an argument or emotional upset.

Avoid long overtime before accessing production environments.

Never experiment with unfamiliar commands on live systems.

Always back up critical systems first.

1. Preparation

When executing dangerous commands, take a deep breath. First run ifconfig or ip addr to confirm you are on the correct server.

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:16:3e:34:e9:a9 brd ff:ff:ff:ff:ff:ff
    inet 172.19.26.39/20 brd 172.19.31.255 scope global dynamic noprefixroute eth0

Then take another breath and run pwd to ensure you are in the correct directory.

$ pwd
/etc/nginx

2. rm -rf command

The -rf flag recursively deletes files; a missing space or an extra slash can cause catastrophic data loss. Examples:

rm -rf ./* => rm -rf /
rm -rf abc/ => rm -rf abc /

When typing, move slowly and wait for shell completion before confirming.

In scripts, an unset variable can turn rm -rf ${p}/* into rm -rf /; always verify variables are not empty before using them.

3. chmod command

chmod changes file and directory permissions; misuse can be as disastrous as rm. A safe recovery method is to back up permissions with getfacl -R / > chmod.txt and later restore with setfacl --restore=chmod.txt.

4. cat command

Redirect operators can cause data loss; using cat >> file appends, but missing a > will overwrite the file. Similar risks apply to echo redirection.

5. dd command

The dd if=/dev/zero of=/dev/sda bs=512 count=1 command formats a disk; accidental execution will erase all data.

6. cp command

cp can overwrite files; adding an alias alias cp='cp -i' prompts before overwriting. The same applies to mv -i.

7. tar command

Using tar -xf can overwrite existing files in the current directory; be cautious.

8. vim command

Opening large files with vim may trigger the OOM killer, killing other processes. Typing :wq carelessly can corrupt files. Prefer read‑only mode with view or use less / more for inspection.

9. mkfs.* command

Commands like mkfs.ext4 format disks and should only be run during controlled initialization, never on production servers.

10. MySQL safety

Use mysql -U (or --safe-updates, --i-am-a-dummy) to prevent UPDATE/DELETE without a WHERE clause. Set an alias alias mysql='mysql -U'. For critical changes, start a transaction, confirm, then commit. Use binlog2sql to roll back DML mistakes. Be careful with DDL; it locks tables, can cause massive I/O, and should be executed during low‑traffic periods, preferably with the inplace algorithm.

Online environments are priceless; act with caution, not speed.