safe-rm

Delete a file with protection against blacklisted paths

$ safe-rm [path/to/file]

$ safe-rm -r [path/to/directory]

$ safe-rm -rf [path/to/directory]

$ safe-rm -v [file1] [file2] [file3]

safe-rm [rm options] [files]

safe-rm is a wrapper around the rm command that prevents accidental deletion of important system files and directories. It checks arguments against a configurable blacklist before passing them to the real rm.
When a user attempts to delete a protected path, safe-rm refuses the operation and displays a warning instead. This provides a safety net against catastrophic mistakes like rm -rf /.
Protected paths are configured in /etc/safe-rm.conf for system-wide protection and ~/.safe-rm for per-user settings. Each file contains one path per line. If both are empty, a default list of critical system paths is used.
To use safe-rm as the default rm, create a symlink in a directory that precedes /bin in your PATH:

$ ln -s /usr/bin/safe-rm /usr/local/bin/rm

safe-rm accepts all standard rm options and passes them through to the real rm command after verifying paths are not protected.
-r, -R, --recursive

Remove directories and their contents recursively

Ignore nonexistent files and arguments, never prompt

Prompt before every removal

Explain what is being done

safe-rm cannot protect against all deletion patterns. While rm -rf /usr/lib is blocked if /usr/lib is protected, running cd /usr/lib && rm -rf * bypasses protection since the protected path itself is not an argument.

safe-rm was created to prevent accidental deletion of critical system files. Version 1.0.0 released in November 2020 was a complete rewrite in Rust, replacing the original implementation. The project is licensed under GPLv3.

rm(1), trash-cli(1), shred(1)