A user posted on the Arch Linux forums in early January wondering why their laptop wouldn’t boot at all after running a simple ‘rm -rf –no-preserve-root /’ command.
It’s fairly stupid to run such a command, but usually not destructive to anything but the Linux installation. However, as it turns out, on MSI laptops it’s possible to completely wipe the EFI boot partition from inside Linux.
All Killer, No Filler
We’re bringing Momentum to New York: our newest event, showcasing only the best speakers and startups.
9233, the user who killed his laptop, said that it happened like this:
So today me and a friend ran “rm -rf –no-preserve-root /” on a MSI Notebook because we wanted to get rid of the pretty bloated Arch installation. Of course we could have just formatted the root partition and reinstalled Arch. But instead we thought it would be fun seeing the GNOME installation die. We weren’t dumb enough to leave important partitions mounted. We unmounted everything except of root (/).
The directory that destroyed the system, which is at
/sys/firmware/efi/efivars/ stores information and scripts that the computer uses to boot using the more modern EFI standard, which is a replacement for the decades-old BIOS.
Once that folder is destroyed, the laptop won’t even power on anymore as its firmware (which should have been read-only) is missing entirely — it’s ‘hard bricked,’ which means the laptop is unrecoverable.
A thread discussing the issue on the systemd repository on GitHub is full of discussion between developers arguing that the directory where the EFI boot data is stored should not be entirely writable.
The system does need access to some of the variables, however software should not be able to permanently brick hardware like this — which is what the maintainers of systemd are arguing about.
So far the issue appears to only affect MSI laptops, but that’s only because there are a handful of cases of it happening in the wild — few people are willing or brave enough to try it on their own machines.
Still, it’s a scary idea that a machine can be permanently broken, even if the command being run is stupid. Next time you want to wipe a Linux machine, make sure to format it instead.
➤No POST after rm -rf / [Arch Linux]