Jump to content

Bash (Unix shell)

From Niidae Wiki

Template:Short description Template:Use dmy dates Template:Infobox software In computing, Bash (short for "Bourne Again SHell,")<ref>Template:Multiref2</ref> is an interactive command interpreter and command programming language developed for UNIX-like operating systems.<ref>Template:Cite web</ref> Created in 1989<ref name="BashBeta">Template:Cite newsgroup</ref> by Brian Fox for the GNU Project, it is supported by the Free Software Foundation and designed as a 100% free alternative for the Bourne shell (sh) and other proprietary Unix shells.<ref>Template:Multiref2</ref>

Since its inception, Bash has gained widespread adoption and is commonly used as the default login shell for numerous Linux distributions.<ref>Template:Multiref2</ref><ref name="cmpwrld_intrw2008">Template:Cite web</ref><ref name="goftw2015">Template:Cite web</ref> It holds historical significance as one of the earliest programs ported to Linux by Linus Torvalds, alongside the GNU Compiler (GCC).<ref>Template:Cite newsgroup</ref> It is available on nearly all modern operating systems, making it a versatile tool in various computing environments.

As a command-line interface (CLI), Bash operates within a terminal emulator, or text window, where users input commands to execute various tasks. It also supports the execution of commands from files, known as shell scripts, facilitating automation. In keeping with Unix shell conventions, Bash incorporates a rich set of features. The keywords, syntax, dynamically scoped variables, and other basic features of the language are all copied from the Bourne shell, (sh). Other features, e.g., history, are copied from the C shell, (csh), and the Korn Shell, (ksh). It is a POSIX-compliant shell with extensions.

History

[edit]

While Bash was developed for UNIX and UNIX-like operating systems, such as GNU/Linux, it is also available on Android, macOS, Windows, and numerous other current and historical operating systems.<ref>Template:Cite web</ref> "Although there have been attempts to create specialized shells, the Bourne shell derivatives continue to be the primary shells in use."<ref name="developer.ibm.com">Template:Cite web</ref>

Timeline

[edit]

Template:Split portions Template:Timeline-start

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-item

Template:Timeline-end

Features

[edit]

List of Short Descriptions

[edit]

Template:Prose As a command processor, Bash can operate in two modes: an interactive and non-interactive mode. In the interactive mode a text window where users input commands to execute various tasks. The second mode, is execution of commands from files, known as shell scripts, facilitating automation. In keeping with Unix shell conventions, Bash incorporates a rich set of features, including:

  • A User Manual provided by the GNU Project, also available at info bash, and a technical manual available at man bash.
  • Invocation as a...
    • Interactive shell,
    • Non-interactive shell, or
    • Login shell;
  • A command-line interface;
  • Exit status codes;
  • Control structures for
    • Condition testing,
      • if, case, select,
      • logical AND (&&) and OR (||), and
    • Iteration:
      • for, while, until loops, and
      • Arithmetic C-style loop: for ((;
  • Syntaxes for Boolean testing of file attributes, string and integer values, etc.:
    • Traditional test command,
    • Traditional single bracket test: [,
    • Modern double bracket test: [[ ... ]], which includes advanced features:
  • UNIX-style pipelines: |;
  • Subshells: $( ... );
  • Signaling as a means of inter-process communication using the trap builtin;
  • Asynchronous execution, i.e., Jobs and job control:
    • job_spec & where job_spec can be one of:
      • A full commandline: <command_name> <options> <operands> <arguments> &, or
      • A job control identifier as denoted by a leading percent symbol: %1 &;
  • A shell portability mode where command lines can be interpreted in conformance with the POSIX standard;
  • Command parsing:
    • Comments are ignored:
      • Bourne-style # hashtag comments, and
      • Thompson-style : colon comments;
    • Commands are parsed one line at a time:
      • Control structures are honored, and
      • Backslash \ escapes are also honored at the ends of lines;
    • Split into words (i.e., word splitting) according to quoting rules,
      • Including ANSI-C quoting $'...';
    • Seven kinds of expansions are performed in the following order on the resulting string:
      • (Step 1) Brace expansion kernel{-headers},
      • (Step 2) Tilde expansion ~,
      • (Step 3) In a left-to-right fashion:
        • Parameter and variable expansion $foo or ${bar}, including
          • Dynamically scoped variables,
          • Indexed arrays of unlimited size,
          • Associative arrays via declare -A, and
          • Expansion syntaxes which can perform some tasks more quickly than external utilities, including, among others:
            • Pattern Substitution
              • ${foo//x/y} for sed 's/x/y/g',
            • Remove Matching Prefix or Suffix Pattern
              • ${bar##[a-zA-Z0-9]*} for cut -c8-,
            • Print Array Keys
              • ${!array[@]}, and
            • Display Error if Null or Unset
              • ${var:?error message},
        • Command substitution: $( ... ),
        • Process substitution, <() or >(), when a system supports it:
        • Arithmetic expansion, (( ... )) or $(( ... )), including
      • (Step 4) Word splitting (again),
      • (Step 5) Pathname expansion, i.e., shell-style globbing and pattern matching using *, ?, [...], and
        • (Although they can be used in conjunction, the use of brackets in pattern matching, [...], and the use of brackets in the testing commands, [ and [[ ... ]], are each one different things.)
      • Quote removal;
    • Redirections of Standard Input, Standard Output and Standard Error data streams are performed, including
      • File writing, >, and appending, >>,
      • Here documents, <<,
      • Here strings, <<<, which allow parameters to be used as input, and
      • A redirection operator, >|, which can force overwriting of a file when a shell's "noclobber" setting is enabled;
    • Command name lookup is performed, in the following order:
    • The resulting string is executed as a command.

Bash also offers...

General Discussion

[edit]

The Bash command syntax is a superset of the Bourne shell command syntax. Bash supports brace expansion,<ref>Template:Cite web</ref> command line completion (Programmable Completion),<ref>Template:Cite web</ref> basic debugging<ref>Template:Cite web</ref><ref>Template:Cite web</ref> and signal handling (using trap) since bash 2.05a<ref>Template:Cite web</ref><ref>Template:Cite web</ref> among other features. Bash can execute the vast majority of Bourne shell scripts without modification, with the exception of Bourne shell scripts stumbling into fringe syntax behavior interpreted differently in Bash or attempting to run a system command matching a newer Bash builtin, etc. Bash command syntax includes ideas drawn from the Korn Shell (ksh) and the C shell (csh) such as command line editing, command history (history command),<ref>Template:Cite web</ref> the directory stack, the $RANDOM and $PPID variables, and POSIX command substitution syntax $(...).

When a user presses the tab key within an interactive command-shell, Bash automatically uses command line completion, since beta version 2.04,<ref name="auto1">Template:Cite web</ref> to match partly typed program names, filenames and variable names. The Bash command-line completion system is very flexible and customizable, and is often packaged with functions that complete arguments and filenames for specific programs and tasks.

Bash's syntax has many extensions lacking in the Bourne shell. Bash can perform integer calculations ("arithmetic evaluation") without spawning external processes. It uses the ((...)) command and the $((...)) variable syntax for this purpose. Its syntax simplifies I/O redirection. For example, it can redirect standard output (stdout) and standard error (stderr) at the same time using the &> operator. This is simpler to type than the Bourne shell equivalent 'command > file 2>&1'. Bash supports process substitution using the <(command) and >(command)syntax, which substitutes the output of (or input to) a command where a filename is normally used. (This is implemented through /proc/fd/ unnamed pipes on systems that support that, or via temporary named pipes where necessary).

When using the 'function' keyword, Bash function declarations are not compatible with Bourne/Korn/POSIX scripts (the KornShell has the same problem when using 'function'), but Bash accepts the same function declaration syntax as the Bourne and Korn shells, and is POSIX-conformant. Because of these and other differences, Bash shell scripts are rarely runnable under the Bourne or Korn shell interpreters unless deliberately written with that compatibility in mind, which is becoming less common as Linux becomes more widespread. But in POSIX mode, Bash conforms with POSIX more closely.<ref name="GNUBASHREF">Template:Citation</ref>

Bash supports here documents. Since version 2.05b Bash can redirect standard input (stdin) from a "here string" using the <<< operator.

Bash 3.0 supports in-process regular expression matching using a syntax reminiscent of Perl.<ref>Template:Cite web</ref>

In February 2009,<ref>Template:Cite web</ref> Bash 4.0 introduced support for associative arrays.<ref name="bashfaq061" /> Associative array indices are strings, in a manner similar to AWK or Tcl.<ref>Template:Cite web</ref> They can be used to emulate multidimensional arrays. Bash 4 also switches its license to GPL-3.0-or-later.<ref>Template:Cite web</ref>

Control Structures

[edit]

Bash supplies "conditional execution" command separators that make execution of a command contingent on the exit code set by a precedent command. For example:

<syntaxhighlight lang="bash"> cd "$SOMEWHERE" && ./do_something || echo "An error occurred" >&2 </syntaxhighlight>

Where Template:Code is only executed if the Template:Code (change directory) command was "successful" (returned an exit status of zero) and the Template:Code command would only be executed if either the Template:Code or the Template:Code command return an "error" (non-zero exit status).

For all commands the exit status is stored in the special variable $?. Bash also supports Template:Code and Template:Code forms of conditional command evaluation.

Process Management (a.k.a., "Job control")

[edit]

The Bash shell has two modes of execution for commands: batch (asynchronous), and concurrent (synchronous).

To execute commands in batch mode (i.e., in sequence) they must be separated by the character ";", or on separate lines:

<syntaxhighlight lang="bash"> command1; command2 command3 </syntaxhighlight>

In this example, when command1 is finished, command2 is executed, and when command2 has completed, command3 will execute.

A background execution of command1 can occur using (symbol &) at the end of an execution command, and process will be executed in background while immediately returning control to the shell and allowing continued execution of commands. <syntaxhighlight lang="bash">command1 &</syntaxhighlight>

Or to have a concurrent execution of command1 and command2, they must be executed in the Bash shell in the following way:

<syntaxhighlight lang="bash"> command1 & command2 </syntaxhighlight>

In this case command1 is executed in the background & symbol, returning immediately control to the shell that executes command2 in the foreground.

A process can be stopped and control returned to bash by typing Template:Key press while the process is running in the foreground.<ref>Template:Cite web</ref>

A list of all processes, both in the background and stopped, can be achieved by running jobs: <syntaxhighlight lang="console"> $ jobs [1]- Running command1 & [2]+ Stopped command2 </syntaxhighlight>

In the output, the number in brackets refers to the job id. The plus sign signifies the default process for bg and fg. The text "Running" and "Stopped" refer to the process state. The last string is the command that started the process.

The state of a process can be changed using various commands. The fg command brings a process to the foreground, while bg sets a stopped process running in the background. bg and fg can take a job id as their first argument, to specify the process to act on. Without one, they use the default process, identified by a plus sign in the output of jobs. The kill command can be used to end a process prematurely, by sending it a signal. The job id must be specified after a percent sign:

<syntaxhighlight lang="bash"> kill %1 </syntaxhighlight>

Portability with POSIX

[edit]

Invoking Bash with the --posix option or stating set -o posix in a script causes Bash to conform very closely with the POSIX 1003.2 standard.<ref name="tldp">Template:Cite web</ref> Bash shell scripts intended for portability should take into account at least the POSIX shell standard. Some bash features not found in POSIX are:<ref name="tldp" /><ref name="deb">Template:Cite web</ref>

Template:Div col start

  • Certain extended invocation options
  • Brace expansion
  • Arrays and associative arrays
  • The double bracket Template:Code extended test construct and its regex matching
  • The double-parentheses arithmetic-evaluation construct (only Template:Code; Template:Code is POSIX)
  • Certain string-manipulation operations in parameter expansion
  • Template:Code for scoped variables
  • Process substitution
  • Bash-specific builtins
  • Coprocesses
  • $EPOCHSECONDS and $EPOCHREALTIME variables<ref>Template:Cite web</ref>

Template:Div col end

If a piece of code uses such a feature, it is called a "bashism" – a problem for portable use. Debian's Template:Code and Vidar Holen's Template:Code can be used to make sure that a script does not contain these parts.<ref name="checkbashisms, ManKier man page">Template:Man</ref><ref name="shellcheck, ManKier man page">Template:Man</ref> The list varies depending on the actual target shell: Debian's policy allows some extensions in their scripts (as they are in the dash shell),<ref name=deb/> while a script intending to support pre-POSIX Bourne shells, like autoconf's Template:Code, are even more limited in the features they can use.<ref>Template:Cite web</ref>


Brace Expansion

[edit]

Brace expansion, also called alternation, is a feature copied from the C shell. It generates a set of alternative combinations. Generated results need not exist as files. The results of each expanded string are not sorted and left to right order is preserved:

<syntaxhighlight lang="console"> $ echo a{p,c,d,b}e ape ace ade abe $ echo {a,b,c}{d,e,f} ad ae af bd be bf cd ce cf </syntaxhighlight> Users should not use brace expansions in portable shell scripts, because the Bourne shell does not produce the same output.

<syntaxhighlight lang="console"> $ # bash shell $/bin/bash -c 'echo a{p,c,d,b}e' ape ace ade abe $ # A traditional shell does not produce the same output $ /bin/sh -c 'echo a{p,c,d,b}e' a{p,c,d,b}e </syntaxhighlight>

When brace expansion is combined with wildcards, the braces are expanded first, and then the resulting wildcards are substituted normally. Hence, a listing of JPEG and PNG images in the current directory could be obtained using:

<syntaxhighlight lang="bash"> ls *.{jpg,jpeg,png} # expands to *.jpg *.jpeg *.png - after which, 

                      # the wildcards are processed

echo *.{png,jp{e,}g} # echo just shows the expansions - 

                      # and braces in braces are possible.

</syntaxhighlight>

In addition to alternation, brace expansion can be used for sequential ranges between two integers or characters separated by double dots. Newer versions of Bash allow a third integer to specify the increment.

<syntaxhighlight lang="console"> $ echo {1..10} 1 2 3 4 5 6 7 8 9 10 $ echo {01..10} 01 02 03 04 05 06 07 08 09 10 $ echo file{1..4}.txt file1.txt file2.txt file3.txt file4.txt $ echo {a..e} a b c d e $ echo {1..10..3} 1 4 7 10 $ echo {a..j..3} a d g j </syntaxhighlight>

When brace expansion is combined with variable expansion (A.K.A. parameter expansion and parameter substitution) the variable expansion is performed after the brace expansion, which in some cases may necessitate the use of the eval built-in, thus:

<syntaxhighlight lang="console"> $ start=1; end=10 $ echo {$start..$end} # fails to expand due to the evaluation order {1..10} $ eval echo {$start..$end} # variable expansion occurs then resulting string is evaluated 1 2 3 4 5 6 7 8 9 10 </syntaxhighlight>


Configurable execution environment(s)

[edit]

Shell and Session Startup Files (a.k.a., "Dot Files")

[edit]

Template:How-to section

When Bash starts, it executes the commands in a variety of dot files.<ref>Template:Cite web</ref> Unlike Bash shell scripts, dot files do typically have neither the execute permission enabled nor an interpreter directive like #!/bin/bash.

Legacy-compatible Bash startup example
[edit]

The example ~/.bash_profile below is compatible with the Bourne shell and gives semantics similar to csh for the ~/.bashrc and ~/.bash_login. The [ -r filename ] && cmd is a short-circuit evaluation that tests if filename exists and is readable, skipping the part after the && if it is not.

<syntaxhighlight lang="bash"> [ -r ~/.profile ] &&. ~/.profile # set up environment, once, Bourne-sh syntax only if [ -n "$PS1" ]; then # are we interactive? 

  [ -r ~/.bashrc     ] &&. ~/.bashrc        # tty/prompt/function setup for interactive shells
  [ -r ~/.bash_login ] &&. ~/.bash_login    # any at-login tasks for login shell only

fi # End of "if" block </syntaxhighlight>

Operating system issues in Bash startup
[edit]

Some versions of Unix and Linux contain Bash system startup scripts, generally under the /etc directory. Bash executes these files as part of its standard initialization, but other startup files can read them in a different order than the documented Bash startup sequence. The default content of the root user's files may also have issues, as well as the skeleton files the system provides to new user accounts upon setup. The startup scripts that launch the X window system may also do surprising things with the user's Bash startup scripts in an attempt to set up user-environment variables before launching the window manager. These issues can often be addressed using a ~/.xsession or ~/.xprofile file to read the ~/.profile — which provides the environment variables that Bash shell windows spawned from the window manager need, such as xterm or Gnome Terminal.

Settings and Shell Options

[edit]
The set Built-in
[edit]
  • Xtrace: [ set -x | set -o xtrace ]

The shell's primary means of debugging. Both xtrace and verbose can be turned off at the same time with the command set -.

  • Verbose: [ set -v | set -o verbose ]

Prints a command to the terminal as Bash reads it. Bash reads constructs all at once, such as compound commands which include if-fi and case-esac blocks. If a set -v is included within a compound command, then "verbose" will be enabled the next time Bash reads code as input, i.e., after the end of the currently executing construct.<ref>Template:Cite mailing list</ref> Both xtrace and verbose can be turned off at the same time with the command set -.

The shopt Built-in
[edit]
  • expand-aliases

On by default in interactive shells. Some developers discourage its use in scripts.


Programmable Completion

[edit]

Bash supports programmable completion via built-in complete, Template:Code, and compgen commands.<ref>Template:Cite web</ref> The feature has been available since the beta version of 2.04 released in 2000.<ref name="auto1"/><ref>Template:Cite web</ref> These commands enable complex and intelligent completion specification for commands (i.e. installed programs), functions, variables, and filenames.<ref name=":1">Template:Cite web</ref>

The complete and Template:Code two commands specify how arguments of some available commands or options are going to be listed in the readline input. As of version 5.1 completion of the command or the option is usually activated by the Template:Key keystroke after typing its name.<ref name=":1" />

Keyboard shortcuts with Readline

[edit]

Template:Main Bash uses GNU Readline to provide keyboard shortcuts for command line editing using the default (Emacs) key bindings. Vi-bindings can be enabled by running set -o vi.<ref>Template:Cite web</ref>

Documentation

[edit]

As the standard upon which bash is based, the POSIX Standard, or IEEE Std 1003.1,<ref>Template:Cite web</ref> et seq, is especially informative.

The Linux "man page"<ref>Template:Cite web</ref><ref>Template:Cite web</ref> is intended to be the authoritative explanatory technical document for the understanding of how bash operates. It is usually available by running man bash.

The GNU manual is sometimes considered more user-friendly for reading. "You may also find information about Bash by running info bash ... or by looking at /usr/share/doc/bash/, /usr/local/share/doc/bash/, or similar directories on your system. A brief summary is available by running bash --help.<ref name="auto">Template:Cite web</ref>

" If a user invoke RUNCOM without any arguments it prints some instructions on how to use it and stops, returning the user to the supervisor's (system's) command line.(RUNCOM)"

On modern Linuxes, information on shell built-in commands can be found by executing help, help [built-in name] or man builtins at a terminal prompt where bash is installed. Some commands, such as echo, false, kill, printf, test or true, depending on your system and on your locally installed version of bash, can refer to either a shell built-in or a system binary executable file. When one of these command name collisions occurs, bash will by default execute a given command line using the shell built-in. Specifying a binary executable's absolute path (i.e., /bin/printf) is one way of ensuring that the shell uses a system binary. This name collision issue also effects any "help summaries" viewed with kill --help and /bin/kill --help. Shell built-ins and system binary executable files of the same name often have differing options.

"The project maintainer also has a Bash page which includes Frequently Asked Questions",<ref>Template:Multiref</ref><ref name="auto" /> this FAQ is current as of bash version 5.1 and is no longer updated.

Security and Vulnerabilities

[edit]

Root Scripts

[edit]

Running any shell scripts as the root user has, for years, been widely criticized as poor security practice. One commonly given reason is that, when a script is executed as root, the negative effects of any bugs in a script would be magnified by root's elevated privileges.

One common example: a script contains the command, rm -rf ${dir}/, but the variable $dir is left undefined. In Linux, if the script was executed by a regular user, the shell would attempt to execute the command rm -rf / as a regular user, and the command would fail. However, if the script was executed by the root user, then the command would likely succeed and the filesystem would be erased.

It is recommended to use sudo on a per-command basis instead.

Debugging

[edit]
Bash features which can be useful during debugging.
Feature POSIX 2024 Description Bash ver.
Grammar type Formal name Syntax
Parameter Expansions Indicate Null or Unset Template:Code Template:Yes "Where the expansion of [word], perhaps an error message or a line number, is written to STDERR and the shell exits with a non-zero exit code." Template:Dunno
Special Parameters Exit Status Template:Code Template:Yes "Expands to the shortest representation of the decimal exit status." Template:Dunno
Special Parameters PID of Invoked Shell Template:Code Template:Yes "Expands to the shortest representation of the decimal process ID of the invoked shell." Template:Dunno
Special Built-In Utility set :: xtrace Template:Code Template:Yes The shell's primary means of debugging. It "writes to standard error a trace for each command after it expands the command and before it executes it." Template:Dunno
Special Built-In Utility set :: verbose Template:Code Template:Yes "Writes its input to standard error as it is read." Template:Dunno
Special Built-In Utility set :: pipefail Template:Code Template:Yes "Derive the exit status of a pipeline from the exit statuses of all of the commands in the pipeline, not just the last (rightmost) command." Template:Dunno
Special Built-In Utility set :: nounset Template:Code Template:Yes When enabled, will cause the shell to exit with an error message when it encounters an unset variable expansion. Its use has a number of counter-intuitive pitfalls. Template:Dunno
Special Built-In Utility set :: errexit Template:Code Template:Yes ErrExit, is a setting that, when enabled, will, under certain very specific conditions, cause the shell to exit without an error message whenever the shell receives a non-zero exit code. Its use is somewhat controversial, to the extent that any somewhat obscure computer program can be considered controversial. Adherents claim that ErrExit provides an assurance of verifiability in situations where shell scripts "must not fail." However, opponents claim that its use is unreliable, deceptively simple, highly counter-intuitive, rife with gotchas and pitfalls, and in essence "security theater." Numerous developers of Bash have strongly discouraged the use of this particular setting. Template:Dunno
Special Built-In Utility trap :: EXIT Template:Code Template:Yes "If a [sigspec] (signal specifier) is 0 or EXIT, [arg] is executed when the shell exits." If [arg] contains expansions, then [arg] should be in single quotes. Template:Dunno
Utility printf Template:Code Template:Yes A means of reliably printing the contents of a variable. Template:Dunno
Bash Variables BASHPID Template:Code Template:No "Expands to the process ID of the current bash process."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_ARGC Template:Code Template:No "An array variable whose values are the number of parameters in each frame of the current bash execution call stack."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_ARGV Template:Code Template:No "An array variable containing all of the parameters in the current bash execution call stack."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_LINENO Template:Code Template:No "An array variable whose members are the line numbers in source files where each corresponding member of FUNCNAME was invoked."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_REMATCH Template:Code Template:No "An array variable whose members are assigned by the =~ binary operator to the [[ conditional command."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_SOURCE Template:Code Template:No "An array variable whose members are the source filenames where the corresponding shell function names in the FUNCNAME array variable are defined."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables BASH_XTRACEFD Template:Code Template:No "If set to an integer corresponding to a valid file descriptor, Bash will write the trace output generated when ‘set -x’ is enabled to that file descriptor."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables EPOCHREALTIME Template:Code Template:No "Each time this parameter is referenced, it expands to the number of seconds since the Unix Epoch (see time(3)) as a floating point value with micro-second granularity."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables FUNCNAME Template:Code Template:No "An array variable containing the names of all shell functions currently in the execution call stack."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables LINENO Template:Code Template:No "Each time this parameter is referenced, the shell substitutes a decimal number representing the current sequential line number (starting with 1) within a script or function."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables PIPESTATUS Template:Code Template:No "An array variable containing a list of exit status values from the processes in the most-recently-executed foreground pipeline (which may contain only a single command)."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables PPID Template:Code Template:No "The process ID of the shell's parent."<ref>Template:Cite web</ref> Template:Dunno
Bash Variables PS4 Template:Code Template:No "The value of this parameter is expanded as with PS1 and the value is printed before each command bash displays during an execution trace."<ref>Template:Cite web</ref> Template:Dunno
Shell Builtin set :: restricted Template:Code Template:No Restricted mode is intended to improve the security of an individual shell instance from a malicious human with physical access to a machine. As threat models have changed, it has become less commonly used now than it once was. Template:Dunno
Shell Builtin shopt :: extdebug Template:Code Template:No "Behavior intended for use by debuggers." Template:Dunno
Shell Builtin trap :: DEBUG Template:Code Template:No "If a sigspec is DEBUG, the command arg is executed before" certain kinds of commands. Template:Dunno
Shell Builtin trap :: ERR Template:Code Template:No "If a sigspec is ERR, the command arg is executed whenever..." certain kinds of commands "return a non-zero exit status," subject to similar restrictions as with ErrExit. Template:Dunno
Shell Builtin trap :: RETURN Template:Code Template:No "If a sigspec is RETURN, the command arg is executed each time a shell function or a script executed with the. or source builtins finishes executing." Template:Dunno


  • Shell features specified by POSIX:
  • Bash features not specified by POSIX:
    • Bash Variables:<ref name="GNU Bash Manual, 5.2 Bash Variables">Template:Cite web</ref><ref name="bash(1): Shell Variables">Template:Cite web</ref>
    • Shell Builtin Template:Code:<ref name="the_set" /><ref name="bash(1), SHELL BUILTIN COMMANDS" />
    • Shell Builtin Template:Code:<ref name="GNU Bash Manual, 4.3.2 The Shopt Builtin">Template:Cite web</ref><ref name="bash(1), SHELL BUILTIN COMMANDS" />
    • Shell Builtin Template:Code:<ref name="GNU Bash Manual, 4.1 Bourne Shell Builtins: trap" /><ref name="bash(1), SHELL BUILTIN COMMANDS" /> While POSIX does specify certain uses of the Template:Code builtin, the following signal specs are Bash extensions.
  • Third party debugging utilities:
    • ShellCheck: Shell script analysis tool;<ref name="ShellCheck">Template:Multiref2</ref><ref name="shellcheck, ManKier man page" />
    • devscripts-checkbashisms: Check whether a /bin/sh script contains any common bash-specific constructs;<ref name="Package: devscripts: scripts to make the life of a Debian Package maintainer easier">Template:Cite web</ref><ref name="checkbashisms, ManKier man page" />
    • kcov: Code coverage tool without special compilation options;<ref name="Kcov - code coverage">Kcov - code coverage</ref>
    • Bashdb: The Bash symbolic debugger.<ref name="Debugging with the BASH debugger">Template:Cite web</ref><ref name="Documentation of Project Homepage">Template:Cite mailing list</ref>

Examples

[edit]

With the Template:Code parameter expansion, an unset or null variable can halt a script.

  • ex.sh
    <syntaxhighlight lang="bash">
  1. !/bin/bash

bar="foo is not defined" echo "${foo:?$bar}" echo this message doesn't print </syntaxhighlight>

  • <syntaxhighlight lang="console">

$ ./ex.sh ./ex.sh: line 3: foo: foo is not defined </syntaxhighlight>

Reliably printing the contents of an array that contains spaces and newlines first in a portable syntax, and then the same thing in Bash. Note that in Bash, the number of spaces before the newline is made clear.

<syntaxhighlight lang="console">

$ # In POSIX shell: $ array=( "a" "b" " > c " ) $ printf ',%s,\n' "${array[@]}" ,a, , b, , 

c,

</syntaxhighlight>

<syntaxhighlight lang="bash">
  1. In Bash:

declare -p array declare -a array=([0]="a" [1]=" b" [2]=$' \n c ') </syntaxhighlight>

Printing an error message when there's a problem.

  • error.sh
    <syntaxhighlight lang="bash">

if ! lsblk | grep sdb then 

 echo Error, line $LINENO

fi </syntaxhighlight>

  • <syntaxhighlight lang="console">

$ ./error.sh Error, line 130 </syntaxhighlight>

Using xtrace. If errexit had been enabled, then Template:Code would not have been executed.

  • test.sh
    <syntaxhighlight lang="bash">
  1. !/bin/bash

set -x foo=bar; echo $foo false echo quux </syntaxhighlight>

  • <syntaxhighlight lang="console">

$ ./test.sh + foo=bar + echo bar bar + false + echo quux quux </syntaxhighlight>

Deprecated syntax

[edit]
  • Back-tick style command substitutions: `...` is deprecated in favor of $(...);
  • Use of -a or -o in test/[/[[ commands,
    • for example, [ -r ./file -a ! -l ./file ] is deprecated in favor of [ -r ./file ] && ! [ -l ./file ];
  • Use of the arithmetic syntax $[...] is deprecated in favor of $((...)) or ((...)), as appropriate;
  • Use of ^ as a pipeline is deprecated in favor of |;
  • Any uses of expr or let.

Shellshock

[edit]

In September 2014, a security bug was discovered<ref>Template:Cite news</ref> in the program. It was dubbed "Shellshock." Public disclosure quickly led to a range of attacks across the Internet.<ref name="TR-20140924">Template:Cite web</ref><ref name="NYT-20140925-NP">Template:Cite news</ref><ref name="ZDN-20140929">Template:Cite web</ref>

Exploitation of the vulnerability could enable arbitrary code execution in CGI scripts executable by certain versions of Bash. The bug involved how Bash passed function definitions to subshells through environment variables.<ref>Template:Cite web</ref> The bug had been present in the source code since August 1989 (version 1.03)<ref name="Seclists-20141004">Template:Cite web</ref> and was patched in September 2014 (version 4.3).

Patches to fix the bugs were made available soon after the bugs were identified. Upgrading to a current version is strongly advised.

It was assigned the Common Vulnerability identifiers Template:CVE, among others. Under CVSS Metrics 2.x and 3.x, the bug is regarded as "high" and "critical," respectively.

Bug reporting

[edit]

Template:Redirect

An external command called bashbug reports Bash shell bugs. When the command is invoked, it brings up the user's default editor with a form to fill in. The form is mailed to the Bash maintainers (or optionally to other email addresses).<ref>Template:Cite web</ref><ref>Template:Cite web</ref>

See also

[edit]

Template:Portal

Unix Shells

[edit]

Template:Clear

Further reading

[edit]


References

[edit]

Template:Reflist

Template:GNU Template:Unix shells Template:Programming languages Template:Authority control

Retrieved from "https://wiki.niidae.com/index.php?title=Bash_(Unix_shell)&oldid=8582"