AaronPhalen · September 28, 2015 10:06
diff --git a/linux_file_remove_restore.txt b/linux_file_remove_restore.txt
 Linux File Remove Command And Recovery
 ======================================

 Motivation:
 Since using an Ubuntu 12.04 server for the last couple years, I had not once erroneously
 keystroked a faulty rm command. As a Linux users knows, the rm commands is used to remove a file or directory.
 Futhermore, like most Linux commands various options can be added, such as: -r, -f, -i, etc. 
 While not pertinent to the discusion, I will define these quickly for the inquisitve reader: 
   
   1. -r recursively delete directory and child files/directories.
   2. -f delete final when may encounter delete prompts.
   3. -i confirm action with input prompt.
   
 The rm command issued on a server is different than the shift + del commands
 on a gui desktop -- the difference between these cannot be overstated.
 Running rm on a server has a permanent consequence, where the shift + del
 has a more temporary consequence moving to file into the system trash.

 Unfortunately, my keystroke luck came to a hault last night as I lost a dictory
 of test suites I had written in Python. Essentially, preventing others from 
 wasting their time on an all to common mistake, I decided to be proactive, 
 creating a gist to describe by finds, experimentation, and solution.

 Solution: Preventing permanent removal of files/directories

    1. Back up disk image or server periodically and .tar any files for extra precaution.
    2. If you have source control (if you don't, get it!), update and commit repo frequently.
    3. Utilize rm -i to issue a prompt before removing a file or directory.
    4. Alter the rm command to move file into trash (will require research on google or stackoverflow)
   
 Extra: Below are some commands that will be useful in a long-shot attempt to recover files

   1. df -T --> display disk and file system data (important to determine /dev/ and file Type ext3/ext4, etc..
   2. extundeleted --help --> program for restoring deleted files.
   3. scalpel --help --> file forensics for restoring hard drive.
   4. ext3grep --help --> file forensics for restoring hard drive.
   
 Note: None of these worked to recover my files; I simply had to write the test suite.
      Sometimes, if multiple windows were open including the deleted file, a recovery 
      can be made by running "lsof" and restoring based off the process id.
      The follow steps are recommended to increase the probability that above recovery
      commands will yield a desired result:
      
          1. Unmount disk immediately (umount)
          2. do not shutdown server
          3. do not create any files or directories.
	Linux File Remove Command And Recovery
	======================================

	Motivation:
	Since using an Ubuntu 12.04 server for the last couple years, I had not once erroneously
	keystroked a faulty rm command. As a Linux users knows, the rm commands is used to remove a file or directory.
	Futhermore, like most Linux commands various options can be added, such as: -r, -f, -i, etc.
	While not pertinent to the discusion, I will define these quickly for the inquisitve reader:

	1. -r recursively delete directory and child files/directories.
	2. -f delete final when may encounter delete prompts.
	3. -i confirm action with input prompt.

	The rm command issued on a server is different than the shift + del commands
	on a gui desktop -- the difference between these cannot be overstated.
	Running rm on a server has a permanent consequence, where the shift + del
	has a more temporary consequence moving to file into the system trash.

	Unfortunately, my keystroke luck came to a hault last night as I lost a dictory
	of test suites I had written in Python. Essentially, preventing others from
	wasting their time on an all to common mistake, I decided to be proactive,
	creating a gist to describe by finds, experimentation, and solution.

	Solution: Preventing permanent removal of files/directories

	1. Back up disk image or server periodically and .tar any files for extra precaution.
	2. If you have source control (if you don't, get it!), update and commit repo frequently.
	3. Utilize rm -i to issue a prompt before removing a file or directory.
	4. Alter the rm command to move file into trash (will require research on google or stackoverflow)

	Extra: Below are some commands that will be useful in a long-shot attempt to recover files

	1. df -T --> display disk and file system data (important to determine /dev/ and file Type ext3/ext4, etc..
	2. extundeleted --help --> program for restoring deleted files.
	3. scalpel --help --> file forensics for restoring hard drive.
	4. ext3grep --help --> file forensics for restoring hard drive.

	Note: None of these worked to recover my files; I simply had to write the test suite.
	Sometimes, if multiple windows were open including the deleted file, a recovery
	can be made by running "lsof" and restoring based off the process id.
	The follow steps are recommended to increase the probability that above recovery
	commands will yield a desired result:

	1. Unmount disk immediately (umount)
	2. do not shutdown server
	3. do not create any files or directories.