So… I may or may not have just run sudo rm -rf /* on my arch distrobox, foolishly thinking it would break the box (and do nothing else).
Now, since it was in the default home directory AKA not really isolated, what it did instead, from my understanding, is trying to delete everything on Bluefin.
Obviously, it can’t do that, since this is a atomic distro after all.
But it does seem to have gotten a few teeny tiny things… Among others, my entire Home directory. Interestingly, the first thing I noticed was that my terminal bling was gone (and that it couldn’t re-enable it).
Curiosity killed the cat, I guess. What do I do now? Do I just reinstall Bluefin? Is pretty quick after all.
On the bright side of things, this happened while I didn’t have anything important on the system yet.
It wouldn’t have happened if I set a custom Directory (for example a folder in HOME), right?
Edit:
Only one way to find out…
Aaand the answer is nope. Also, weirdly enough, it created this folder when I made it. only thing that survived too.
This is kinda concerning. How do I properly sandbox this? If that’s a thing it makes sense to want, of course.
Guess I’ll have to read the docs better.
Ouch, condolences.
In my understanding, unless you specify a different home dir for the box, rm -rf /* will get your host home too. I mean, if you can do normal file rm -(r)fs in ~/Documents, for example, then theoretically (and practically) speaking it can nuke your home, so…
The Distrobox docs has interesting unshare options too, bit I don’t think they apply to directories.
Sorry this happened to you! Tools like distrobox are convenience wrappers and there for UX reasons, we do not (and cannot!) say that they’re any better isolation wise.
They can be for the logical part (like using -h so at least you don’t step all over your files), but container escapes are a thing, so when we use tools like distrobox it’s not for isolation reasons.
For that we need a VM. I would love it if we could magically pass a --firecracker to distrobox and get the same thing but in an isolated VM without mixing in the data from the host, but that doesn’t exist so you’d have to do VM things by hand.
When you set a custom home, it’s really just changing the the value of ~ and $HOME. It still has full access to your normal home directory.
1 Like
Alrighty then. To be fair, not like I’d run that command on a normal arch install either 
Thanks for the answers! I’m sadly having some troubles with my freshly reinstalled system (prob not necessary but is simpler and bluefin installs amazingly quick anyways), but I’ll open a separate post for that if I don’t find any solution on here. Cheers!