How far can you go with rm -rf / as root
This command does nothing, at least on the OS I use (Solaris) with which this security feature was first implemented:
# rm -rf /
rm of / is not allowed
On other *nix, especially the Linux family, if a recent enough Gnu rm is provided, you would need to add the --no-preserve-root
option to enable the command to complete (or at least start).
How far would this command go is undefined. It depends on plenty of more or less unpredictable events. Generally, processes can run even after their binaries have been removed.
Even with jlliagre's excellent answer, remember this is still a pretty dangerous thing to do. Always double check where you are before doing things like rm -rf
. It would be catastrophic if you were to do rm -rf *
while in the /usr directory, for instance.
As to the rest of your questions, what you can recover pretty much depends on your backup procedures. In most *nix systems there is no simple way to recover files and directories once they have been deleted. Unlike the old DOS days where files were often still on the disk after a delete was performed, most systems these days do things that make recovery very difficult. This is one of the reasons that data recovery services are so expensive.
If you are using a VM, I recommend doing snapshots from time to time at the very least. But nothing can beat following a good backup plan.
As some people said, you can still use sudo rm -rf /*
to remove anything. Without the asterisk works on the OS X too. Someone has made a footage on destroying OS X Yosemite like this, and I am sure that Linux based OS will experience much the same.
Things slowly begin getting irresponsive. I don't think that everything got deleted, as the terminal froze while the process was happening, but it was enough to freeze the whole thing and do a force restart.
Attempting to reboot causes a single-user mode like boot screen with errors.