(A) the user skipped --no-preserve-root to the command, if he really wanted to delete /, he would need to try harder on a modern distro, because the rm command would stop the attempt
(B) ansible by default fails on undefined variables, meaning it would never execute the command
(C) Jinja template variables are actually {{foo}} not {foo}, so {foo} in bash prints a literal foo
So this triply couldn't happen. Finally, most people should probably be using the file module to delete files, though if people want to call out to the shell they can with any config tool.
I hate this was even posted because it reflects poorly on me and was in exceptionally bad taste to imply ansible would let it happen.
But can you shoot yourself in the foot with any config tool? If you want to, yes. Can you be bitten by a bug? Yes. Do tool authors make mistakes? Yes.
But it was a mean thing to do, and it's not something the tool would even allow, and it hurts when tech journalists (arguably some of the worst reporters in existance) blindly parrot the article without fake checking (just like they'll also do fake comparisons that just recycle blog posts).
Thanks! Yeah not there anymore but good group of folks! Not too many people pushing immutable systems and continuous deployment so well either, which was nice to see!
I guess part of the reason the hoax is annoying is that it usually couldn't happen. Recent versions of GNU coreutils rm will refuse to delete /, in order to avoid this kind of bug [1]. So if he was on a linux system like he described, his bug should not have had that effect. The question spreads misinformation (although a fairly harmless kind).
My guess is because there's already a question about accidentally your whole system, which makes it a "dup". Not to mention, it _was_ a "viral" marketing campaign, and I'm sure the community isn't too happy about advertising disguised as legitimate questions.
I wrote Ansible, but no longer work on it.
There are numerous problems with the hoax.
(A) the user skipped --no-preserve-root to the command, if he really wanted to delete /, he would need to try harder on a modern distro, because the rm command would stop the attempt (B) ansible by default fails on undefined variables, meaning it would never execute the command (C) Jinja template variables are actually {{foo}} not {foo}, so {foo} in bash prints a literal foo
So this triply couldn't happen. Finally, most people should probably be using the file module to delete files, though if people want to call out to the shell they can with any config tool.
I hate this was even posted because it reflects poorly on me and was in exceptionally bad taste to imply ansible would let it happen.
But can you shoot yourself in the foot with any config tool? If you want to, yes. Can you be bitten by a bug? Yes. Do tool authors make mistakes? Yes.
But it was a mean thing to do, and it's not something the tool would even allow, and it hurts when tech journalists (arguably some of the worst reporters in existance) blindly parrot the article without fake checking (just like they'll also do fake comparisons that just recycle blog posts).