"# Scary" is my new fear.

Potentially catastrophic bug that could potentially erase all of someone's data: "Ooh! Scary!" *Does absolutely nothing about it*

This is the programming equivalent of leaving a loaded gun on the floor and wondering how your dog died

I love how the bug nuked the backup drive for good measure.

"Everything is impermanent and transient. Especially bits on a disk. No use crying over flipped bits." I want to be like keyvin

Dude you have seriously found your niche with this type of content, covering software failures in a funny and digestible way. Love watching your videos.

In the 90s, when Diablo had an extension called Hellfire, made by Sierra, the uninstaller of the extension was deleting everything in C:\Games\ instead of C:\Games\Sierra Online\. Too bad for those who installed in Program Files at the time.

Wow! I can't believe they'd script something like that with an rm -rf. It clearly rang alarm bells from the comment. How did this get through code review without someone shouting NOPE!

I love that there was clearly a steam engineer who saw this coming and even left a comment but nothing was changed

Imagine being Valve, one of the most well-known software companies that builds and maintains Steam, writing a launcher for Linux that invokes rm -rf with no safeguards. Invoking the command at all is seriously risky. Who in their right mind would look at that line of code and just say "Scary" and allow it to be part of the script?

Whenever "root" is mentioned in a "bug" video, you know exactly what's up

Installing Steam on Linux just for it to delete everything sure sounds familiar

There was an Nvidia driver bug that did the same thing once. It was caused by them accidentally adding a space in the delete command.

I like the theory, because it explains why Keyvin was so calm and collected; he didn't have much to lose if he just built the PC.

they used a "rm -rf" and didnt even make a check to see if the string afterwards was empty? broo i get that they tecnically DID do so to enter the restart steam function, but like, rm -rf is like a loaded gun, double precausions is a must

Correctly referencing relative directories is one of the greatest struggles with shell scripts. It's why so often simple install scripts are still written Python or even C, just to have access to the OS tools to reliably tell you where you are.

“Scary!” Good one, Valve!

If you find yourself pushing a comment to production that says #scary! - Maybe you are doing it wrong.

Huh... I tried completely switching to Linux a few years ago. And when installing and running Steam, this actually happened to me. But only _after_ I installed Steam. I was so furious that I stopped using Ubuntu as my daily driver. I checked my drive and most of the files were gone. 5 years later and I maybe know what was the cause. Thanks for digging yourself into the topic, been very enlightening. ;)

I've been joking around how rm -rf / is (pretty much) the equivalent of removing system 32 or whatever on Windows. Now knowing that this managed to be an actual thing on a legit piece of software is just as hilarious as scary

What gets me is someone wrote this code, looked at it, knew it would be a problem so they commented # Scary, did nothing to fix it, and will you look at that.... It ended up being a problem.

Man, I'm so glad you made this channel/make this content. I had an idea like this ages ago, a channel that went over software bugs/issues in business but am neither creative nor smart enough to put stuff like that together. Funny that you're channel pops up and is basically exactly what I was looking for, thanks for that.

I like potential in this series. Especially how you go over seemingly simple things like the Linux filesystem for the people who are new or curious, keep that in there.

My helpdesk system (that I mentioned in a comment last video) has an archiving system. Any ticket that was closed more than 30 days ago is archived in a different Sharepoint location and deleted from the main list. Because your channel makes me careful with my code, I implemented a check that the ticket existed in the archive before deleting it from the main ticket list. Due to race conditions caused by operating in the cloud, this didnt consistently work; the check might fail because the archive will not show the new item for up to 30 seconds. So instead I set up an email notification when tickets are added to the archive, and also when deleted from the main ticket list, and I check them manually that both operations worked. This actually helped me find an instance where somebody deleted a ticket from the main list, so this was probably the correct course of action, lol. My point is: If the employee who wrote the Steam shell script watched your videos, they probably would have diligently tried to avoid this bug, just like I did in my helpdesk software!

Your stuff is so good! Love how you always spend some portion at a really low level, like explaining bash scripting minute details, but keep it high level too

this is horrifying. Like wtf. The "only one person has gotten this issue in a few years so we can safely mark it resolved" reads like a horror movie where someone sacrifices lives for selfish reasons. What about the dozens of people who never made a comment/issue (r didn't know where to) and just took the loss, or went AFK when it happened and didn't realize it was steam that did it? This is frankly disturbing and steam should really do better.

This is just the right amount of horror mixed in with some hilarious scripting gotcha's. Please make this series a regular, I don't care where you get your issues/blog posts/articles, I need this in my life ❤

I love these videos. people always say that code looks dull on video but I never understood that. code can have as much expression as any written work. just that you need to know how to frame it the right way. thanks for the vids Kevin!

Every time a video of yours pops up I feel the urge to binge-watch, only to realize I have already done so when the previous video released

I like these series about a tiny piece of code that damaged a lot with a detailed explanation of what gone wrong. Keep going, subbed

The problem with shell scripts is not that they cannot be safe, it's also not that they will cause issues. It is however very easy to make these type of errors. Far more so than in other languages.

Windows users will never understand having the freedom to wipe your filesystem with a typo

Steam really just said “Go touch Grass”

- Where is your homework? - Steam ate it

You often can recover rm -rf data, though it is more likely to work on harddrives than on ssds. The first thing to do in such a case is to clone the entire disc using dd rescue. Then one can use proprietary tools to recover the deleted files. Though a good first start may be testdisk and photorec which are totally free.

"this is very far fetched but technically possible" many situations in work atm

that one poor Ubuntu user a few years ago who came across this bug. God help them they got everything sorted. I'd be going mad in that situation.

This has been my favourite KZbin channel for some time now. The thought of writing a bug that may end up on one of these videos keeps me writing good code everyday.

Man loses all of his files and stays calm and collected. He is a psychopath. "Scary!"

"A very scary operation." has become a potent non sequitur in my life.

These are so damn well made, nice work dude!

New fear unlocked

This is one of my favorite channels, I love the topics and the presentation

Love the Lemmino vibe, this is such a great video! Amazing stuff, never seen anyone else do anything similar, keep it up!

I'm not sure what it is but hearing the Windows error prompt sound while looking at a Ubuntu GUI makes me chuckle every time. Can't wait for the next video in 9.9 years! Keep it up

Awesome content, learned a lot and hoping for more in less than 10 years

And that is why before you recursively delete things in a script, you check for an expected value present at that location! (A file named "this_is_the_steam_folder.txt" for example.) I always try to implement such sanity checks, just to be sure i don't rm-rf my home folder with all my precious files. (that i don't have a backup of! 😅)

So I think bash is good for simple things, but unfortunately doing anything other than running a few core utils gets complicated quick, and the edge cases in it makes you want to use a “proper” language. But unfortunately these scripts usually start out simple, but then organically gain more and more functionality until stuff like this happens. So I avoid writing bash scripts unless I know I won’t have to support the script long term. If I will, I use a different language

I liked how you explained and Subbed Immediately. It tell me how much you have put a lot of effort into making one. Thank you for the video and would love , if the series continues.

If you must use rm -rf you must also ensure that whatever function you are building cant return in such a way that it runs on root. Or on the whole user folder.

you can also add an alias to your .profile/.bashrc/.zshrc for rm making it so it moves files to your trashbin or wtv instead of deleting. this way even if your comp crashes you can still recover most your files by mounting ssd/hd directly to another computer

glad to see one of my favorite bugs covered!!!

Its also good to know that the rm command forces you to use the option --no-preserve-root in order to delete your hole file system

btw the music used in the video between 3:25 and 6:22 is named "LEMMiNO - Firecracker (BGM)", thank me later :D

This is a great real world example of why you need offsite backups. I'm paying $3.6 a month for 1TB of storage in Germany. If you have the cash to spare it's well worth doing, even if you think it's never going to happen. Another good tip is to try backing stuff up from it just to test the backups. You don't wanna realize you forgot to include something when you actually need to go get it from backup.

Modern versions of the rm command now require a --no-preserve-root switch in order to allow you to use the command on / to prevent exactly this type of issue. Edit: Actually I think using a wildcard in /* bypasses this restriction which is why it didn't get caught! Valve doesn't know how to write Linux software? OK then I'll just go play with my Steam Deck now.

2:05 I believe Windows also has symbolic links as well, though it wasn't very readily accessible until Windows 10 iirc since I think it was originally only enabled for kernel level applications Edit: As correctly pointed out, it's actually been a feature since Vista!

"Oopsie whoopsie just ran rm -rf *" X3

Im picturing the one gif of the old guy dragging "my computer" into the recycling bin and deleting his entire pc

How a steam bug deleted someone's entire pc "sudo apt install steam"

A moment of silence for the data destroyed by this event.

And this is why I use Timeshift to take regular file system snapshots (a backup would also work if it isn’t mounted and writable, but it’d take longer to restore). If something like that ever happens, it’s a matter of minutes to roll back. Of course, they’re not a substitute for backups, as they don’t protect against hardware (HDD/SSD) failure.

Can’t wait to see more of this series!

No joke this video taught me more about Linux than anything else I've come across. I'm a complete and utter novice with command lines, but this was incredibly digestible. Well done, thank you!

*Takes sip out of my soda while all i need to do to start steam is just double click it on my window's desktop*

Oh my god I cannot imagine the horror of losing that much data at once

Lemmino "firecracker" at 3:45 was timed perfectly.

Learned more new stuff about Linux and coding from watching this than from a dozen dedicated videos for Linux noobs. I recently learned how to load a Windows kernel from the GRUB command line, after I actually deleted the drive containing my Ubuntu installation (and boot menu) on my dual boot laptop. So instead, it boots to a Linux command line because it obviously can't find the missing bootloader. Reminded me of the good old days when I would boot into DOS and then manually start Win 9x from the command line. Except I didn't have to set a root or tell it which filesystem the drive used.

I’m excited for this series, especially if it includes the flame wars that pop time to time on github issues threads.

I write scripts in bash all the time and I would never EVER run rm -rf without checking the path first. Also, bash is crazy scary when running things as sudo. Basically like running around on ice, barefoot, with a kinfe in one hand and a loaded gun in the other. Whenever I find myself doing things like deleting entire directories, my alarms go off that maybe I shouldn't be writing this in bash in the first place. It's crazy to me how many stories I've heard about systems getting nuked like this, but rm still hasn't implemented a mechanism where "/" is allowed only if a special flag is provided

Unix engineers back in the day: Let's have a recursive rm -rf Also them: A single file tree that holds all the connected storage devices is a brilliant idea

This is a perfect example of why you make backups and don't save them to the same machine you're backing up...

thanks for the vid, I've also learned some basics about linux file system along the way. Really informative, a great way to onboard anyone to IT basics

THIS IS SUCH A GOOD VIDEO + subtitles??? This is awesome :O

In first class of any linux tutorial, it is always said.. don't run rm -rf casually... never..

Devs please stop using rm -rf with variable paths

Ah yes. Writing a command any time you need to open anything at all.

Everything that could go wrong went wrong 😢

The comment being fucking "Scary!" is the most unhinged shit in coding ever

While this was certainly a bad bug that shouldn't have happened, I also have to ask why that user had his backup disk mounted. A backup disk should be mounted only for two occasions: when you're making a backup and when you are restoring from backup.

The issue is that script writers are usually too lazy to check for command outputs. Setting the flag at the top of the script to exit on any failure is one good way to avoid problems. Another thing is to add logs, but yeah since it deleted the everything the log file may get deleted as well. Anyways, interesting bug and quite scary indeed.

can someone explain why there was a rm -rf command in the 1st place? even for reset steam command rm -rf seems too much no?

yo this is so cool, i clicked thinking: "no way ill watch all of this" and when i watched the video. i found myself commenting this and i realized it was about to end. your way of making videos is really, really engaging and its fun to watch, keep it up. 👍

Keyvin being "so cool and collected" is the best part of this video

bruh, I loved how they added a "Scary!" commentary in the thing, hahahaha

Something similar happened to a game on windows (and linux, but I think it only occurred on windows) called Realm of the Mad God where uninstalling the launcher would delete the entire directory it was installed to. It was even worse cause uninstalling would give the UAC prompt which is pretty common for program uninstallers, so yeah... lol

Shell as programming language was a mistake

Currently Steam is distributed is a Flatpak package. So I guess it should be confined in its own area and the damage it brings is quite limited by the environment itself.

It’s so simple to throw an exception there for an empty string, especially if you have the foresight to add “# scary!” Thats inexcusable lol

Why in gods name would you ever use rm -rf in a script? Like, you know the specific directory names, delete those specific directories one by one.

This is why Linux scares me. The root directory being named "/" instead of "C:" fucks up so many things. If you try to delete ./* (current directory) but forget to include that period, you end up wiping /* (everything on the drive). In windows, it will just say your path is invalid. Windows has a lot of problems, but this one thing has saved so many people. I've made a lot of windows scripts that do that exact thing - delete .\* (deletes all single files because someone else on the network might have a single file open which prevents the folder from being deleted)

This code is astonishingly stupidly written. Everything about it is stupid. Literally nothing is redeemable. Everything from the logic, the commands and thought process of the engineer are all stupid. How did Valve approve it?

Great video! You earned yourself a sub! I thought your voice was real at first. What AI program do you use for the voice?

Not a complaint, just to let you know that sound of your voice is not always consistent in headphones L/R ears. 3:47 ("enviroment variable" buzzes in my left ear) (I also believe that there are more examples in the video)

After reading through the comments, it's become clear most people completely missed the point. The issue isn't in how the variable was set. The issue is that the script used rm at all. There are commands that move files to the user's trash bin. This is much safer because it can be easily undone and there are so many checks built in. Don't use rm. Instead use something like gio trash.

Great explaination. Surprising there wasn't a sanity check to ensure the path is not blank before removing everything. Well, now they know 🤣

Minor inconvenience

It's incredible how you managed to make Linux command line so entertaining. Keep up the good work.

Congratulations for your first video of the issue tracker series Kevin

Shell is a language that is surprisingly bad at paths considering its uses.