Bash (Unix shell)


Bash is an interactive command interpreter and scripting language developed for Unix-like operating systems. Created in 1989 by Brian Fox for the GNU Project, it is designed as a completely free software alternative for the Bourne shell,, and other proprietary Unix shells, supported by the Free Software Foundation. Having gained widespread adoption, Bash is commonly used as the default login shell for numerous Linux distributions. It also supports the execution of commands from files, known as shell scripts, facilitating automation.
The Bash command syntax is a superset of the Bourne shell's syntax, from which all basic features of the Bash syntax were copied. As a result, Bash can execute the vast majority of Bourne shell scripts without modification. Some other ideas were borrowed from the C shell, its successor tcsh, and the Korn Shell. It is available on nearly all modern operating systems, making it a versatile tool in various computing environments.

Definitions

ASCII, strings and numbers

$ printf ': <%b>\n' $'\n'
: <
$ printf ': <%b>\n' $'\t'
: < >
$ printf ': <%s>\n' " "
: < >
$ printf ': <%b>\n' $'\0'
: <>

Any series of characters is called a "string", or sometimes a "string literal". In Unix-like operating systems, all characters, printable and non-printing, except for a few such as the null character and forward slash, can be used in filenames. In addition, all strings are case-sensitive.
Bash, like many other programming languages, uses zero-based numbering.

Control+key combinations

The Control+key functionality is provided by GNU Readline and is available in interactive mode only.
Certain keypress combinations allow a user to operate Bash to use tab completion and to search the command history.
  • – Activate tab completion
  • – Scroll up in the command history
  • – Scroll down in the command history
  • – Search the command history
Some keypress combinations also allow a user to operate the terminal emulator in order to move the cursor within the terminal window and to control the emulator program. By default, these keypress combinations in Bash mirror those of Emacs.
Default keybindings for control codes include:
  • – Move the cursor one character to the right
  • – Move the cursor one character to the left
  • – Move the cursor one word to the right
  • – Move the cursor one word to the left
  • – Move the cursor to the beginning of the current commandline
  • – Cancels the current command and presents a new prompt
  • – Closes the current Bash instance, possibly also closing the terminal-emulator
  • – Move the cursor to the end of the current commandline
  • – Wake the terminal; buffered keypresses are then processed
  • – Put the terminal to sleep
  • – Remove one word to the left of the cursor
  • – Stop a foregrounded process
Vi keybindings are also available and can be enabled by running.

Syntax

When Bash reads a full command line, the complete string is broken down into tokens.
"Tokens" are identified using, and separated from each other using metacharacters.
As of Bash 5.3, the 10 metacharacters are the space, tab, and newline, as well as the following characters:
"Blanks" are composed entirely of unquoted metacharacters, "operators" each contain at least one unquoted metacharacter and "words" may not include any unquoted metacharacters.
In practice, Bash breaks down full command strings into tokens or groups of tokens that do contain metacharacters and tokens or groups of tokens that do not contain any metacharacters—called "words".
From there it further breaks words down into more specific, meaningful pieces like command names, variable assignment statements, etc.
The two blanks are space and tab.

Operators

Control operators perform a control function. They can be either a newline or one of the following: ||, &&, &, ;, ;;, ;&, ;;&, |, |&, .
Redirection operators redirect the input or output streams. They include <, >, &>, <<, and <<<.

Words

A word is a sequence of characters treated as a single unit by the shell. A reserved word is a kind of a word that has a special meaning to the shell.
A name is a kind of a word separate from reserved words. Names consist solely of letters, underscores and numbers; which begins with either a letter or an underscore; which, however, may not begin with a number.
Names also called identifiers, may be used for naming variables and functions.
Sixteen of the twenty-two "reserved words", which may be characters or words are as follows:

'!' case in esac for do done if then elif else fi...

Names may only contain the characters ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.
In the following example of a full command string, metacharacters have a comma placed above them,, reserved words have a caret placed beneath them,, and other tokens have a backtick placed also beneath them,.

$ #, , , ,, , ,, ,
$ if echo foo; then bar=abc; fi
$ # ^^ ```` ``` ^^^^ ``````` ^^

Subshells

A "subshell" is an additional instance of the shell which has been initialized by a current instance of the shell.
When a "parent" shell creates a subshell, or a "child" shell, an exact copy of the parent's environment information is re-created and becomes the environment of the subshell.
In Bash, in non-arithmetic contexts, one can force the use of a subshell by enclosing a full command string in single parentheses.

$ echo foo
foo
$
foo

For this simple case, the preceding two commands are equivalent, however, use of subshells can have certain unexpected side effects.
There are numerous different forms of syntax which can cause the initialization of a subshell.

Expansion

Data structures

Bash offers variables and arrays as data structures, and though there are numerous kinds of each of these available, the data structures are relatively simple compared to other languages like C or Java. All data is stored in memory as a string.
Beginning a word with a dollar character signifies that the word is the name of a variable or array.
Surrounding the dollar / variable name syntax in double quotes is always advised. This practice shields the value held by the parameter from unwanted side effects.
Wrapping the variable name in curly brackets is recommended for readability and consistency between variables and arrays. When writing variables, curly brackets are optional and square brackets would be a syntax error. The parameter names are always on the left side of the equals sign and values are always on the right.

Variables

A variable is assigned to using the syntax name=value.
To use a variable, the syntax $name is used, or $, which expands to the value assigned to the variable.
The latter syntax must be used for certain names to prevent unwanted side effects. For example, $10 will be parsed as $0, so using $ means it will be parsed as intended.
Positional parameters, usually passed to a bash script, are denoted by the variables numbered starting from $0.
Special parameters are signified by punctuation characters. For example, expands to a list of the first through last positional parameters, "individually requoted, separated by spaces".
Environment variables are signified by all capital letters. Environment variables include UNIX variables like, and Bourne shell variables such as. Scripting variables are signified by all lower case letters or CamelCase. This is only convention; any variable can be passed to the command to be made into an environment variable.

Arrays

Arrays are data structures which hold multiple values. Arrays have a set of square brackets placed at the end of the variable name and inside the curly braces. When writing arrays, curly braces and square brackets are required.
An array is assigned using the syntax name=. It is expanded using or or, depending on the use case.
Each kind of parameter is distinguished by a specific naming convention.
Since Bash 4.0, Bash also supports associative arrays.
In this article, examples of variables from this section include, and.

Execution

"Execution" of a given program occurs when a user asks the operating system to act upon the instructions contained in the given program.
By default, Bash reads user code one line at a time, interprets any newline or semi-colon character as the end of the current command, and executes commands in sequence. If an interactive command extends beyond the width of the terminal emulator, it is usually possible to keep typing and the command will wrap around. To extend a command beyond a newline onto an additional line, it is necessary that the final character of the first line be an unescaped backslash,, which signals "line continuation".
Bash always finishes parsing and executing one full commandline before moving on to and beginning with the parsing of the next commandline.

$ foo=aa bar=bb quux=cc zork=dd; set -o xtrace
$ : "$"; : "$"
+ : aa
+ : bb
$ : "$" \
> : "$"
+ : cc : dd

The first word of a command line is known as the "command position".
Under UNIX coventionality, the first word of the command line is always some kind of command, and the rest of the words in the command line string are either options for the command, arguments for the options, or some kind of input upon which the command will operate. "Options" are also called "flags", "switches", or, more formally, "operators". When Bash attempts to locate a command for execution, the directories it searches are those listed in the variable and the current working directory.

$ #
$ #,--^ ,------------^ ,----^
$ declare -p USER BASH_VERSION
declare -x USER="liveuser"
declare -- BASH_VERSION="5.2.37-release"

Users and PS1

A user account can be created for either a human or a programmatic user.
In Unix-like operating systems, there are two kinds of users: "privileged" and "regular". A privileged user, such as root or the operating system kernel, is allowed to do anything whatsoever on the machine. Unprivileged users are limited in various ways.
When an interactive shell session waits for user input, by default it prints a particular string of characters to the screen. In Bash, the value of this waiting-string is held in the shell variable. For regular users, a common default value for is the dollar character,. For the superuser, a common default value is hashtag

$ sudo --login --user root
password for liveuser:
  1. vim /home/liveuser/names.txt
  2. exit
$ grep -e bob./names.txt
grep:./names.txt: Permission denied

Modes

Programming paradigm

Bash is written in C. A modular style can be approximated through good style and careful design. It is often used in an imperative or procedural style.

Interactive and non-interactive modes

As a command processor, Bash can operate in two modes: interactive or non-interactive.
In interactive mode, commands are usually read from a terminal emulator. In non-interactive mode, which facilitates automation, commands are usually read from named files known today as shell scripts. When executed as a standalone command at the command-line interface, by default Bash opens a new shell in interactive mode.

Scripts

are text files that contain code, often commands, intended to be read and acted upon by some particular interpreter in a batch process in a non-interactive mode and without any further user interaction. Interpreted scripts are programs that do not require their source code to be compiled: all of the relevant source code is contained within the script.
There are many programs which can serve as a script interpreter: Perl, AWK, etc. Interpreted scripts are most often written for Unix shells.
The first two characters of the first line of any shell script begins with a something called a shebang: literally the characters hashtag and bang side by side.

$ cat./example.sh
  1. ! /bin/env bash
echo foo
exit

If a script is intended to be run by a user as a stand-alone program on the commandline, then it is referred to as an "executable". By convention, the filenames of executable unix shell scripts are identified the suffix. The "execute" bit can be enabled on a shell script with the utility :

$ ls -l./example.sh
-rw-r--r--.1 liveuser liveuser 32 Aug 3 22:33 example.sh
$./example.sh
bash:./example.sh: Permission denied
$ chmod 0744./example.sh
$ ls -l./example.sh
-rwxr--r--.1 liveuser liveuser 32 Aug 3 22:33 example.sh
$./example.sh
foo

The builtin

With the, or synonymous command, Bash reads and executes shell commands from any text file by name.

Login and non-login shells

Bash can be executed as a login shell, or "session leader," in both interactive and non-interactive modes via the option. "Logging in" requires user authentication. For this reason, only one login shell exists per user session. In GNU/Linux, a user's login shell is identified in the /etc/passwd file.

$ awk -F ':' '$1 ~ /root/' /etc/passwd
root:x:0:0:Super User:/root:/bin/bash

When a human user initiates a login session, this procedure often occurs in a graphical user interface.
When a user opens a terminal emulator, the emulator executes a non-login instance of the user's login shell.
Logging out of a shell session from within a terminal emulator can be accomplished with the command or, by default in Bash, pressing.

Startup files

When Bash starts, it uses to execute commands in a variety of dotfiles.
These dotfiles, unlike shell scripts, typically have neither the execute permission enabled nor a hash-bang. By default Bash will source a somewhat different set of files, and in a different sequence, depending on:
  • How Bash is called: interactively, non-interactively, invoked with name
  • Which options are used:,,,
  • Which environment variables are defined:,, and
  • Which files exist:
  • *
  • *
  • *
  • *
  • *, and
  • * among others.
Of course, any startup file can also execute commands from any other file.
Startup files can affect shell behavior, terminal emulators, the X window system and the window manager.

POSIX mode

The POSIX IEEE 1003.1 standard specifies a common set of definitions that any shell system application may conform to.
Any shell user script written in conformance with POSIX guidelines should be executable by any shell system application that has implemented the POSIX specification. As a result, there can be a reasonable expectation that POSIX-compliant scripts can be executed with success on any Unix or Unix-like operating systems which implements the POSIX standard. These scripts are considered "portable" as they are and without any further modifications. The portion of POSIX that applies to shells and command line utilities is a subset of a larger group of POSIX standards that further specify how terminals and terminal emulators aught to function in order to also be considered portable.
When Bash is operating in POSIX mode, fewer features are available but the resulting code can be executed on a greater variety of operating systems.
To enable POSIX mode at the initialization of an interactive shell, Bash can be executed as either, or. To cause a script to be initialized in POSIX mode, one would use the either the hashbang or the less portable. When an instance of Bash is operating in POSIX mode, the environment variable is defined, and the value of the environment variable includes the string.

$ declare -p POSIXLY_CORRECT
bash: declare: POSIXLY_CORRECT: not found
$ sh
$ declare -p POSIXLY_CORRECT
declare -- POSIXLY_CORRECT="y"

The full list of features available in Bash which are not specified by POSIX is considerable. Here is a partial list:
  • Any arrays other than the array of positional parameters,, are not POSIX
  • The double bracket extended test construct,, is not POSIX
  • * and are POSIX
  • One of the double-parentheses arithmetic-evaluation syntaxes,, is not POSIX
  • * is POSIX
  • Brace expansion, kernel, is not POSIX
  • Dynamic scoping of parameters and the builtin are not POSIX
  • Process substitution,, is not POSIX
  • Certain string-manipulation operations in parameter expansions are not POSIX
  • Most Bash builtin commands are not POSIX
  • * The command prints the list of Bourne special builtins, which are POSIX
$ enable -s | wc --lines
16
$ enable | wc --lines
61

  • * The builtin itself is not POSIX
  • * In Bash, in non-POSIX mode, the and builtins are synonymous
  • ** The builtin is POSIX, however
  • ** The builtin is not POSIX
  • The and shell variables are not POSIX
System commands which are available in modern Unix-like operating systems, and which are also specified by POSIX, may have fewer option flags or fewer relevant environment variables available under POSIX. Most are standalone programs in the,, or directories rather than Bash builtins.
Because of these and other differences, modern Bash shell scripts are rarely runnable "as-is" under the Bourne or legacy Korn shell interpreters. Scripting with portability in mind is becoming less common as GNU/Linux becomes more widespread.
Code that is valid syntax in Bash but not specified by POSIX is called a "bashism". The program can be used to make sure that a script can be executed in Debian Linux without any portability errors. Vidar Holen's is another static linter written in Haskell which can parse script syntax for compatibility with any or all of bash, dash, ksh, and Bourne sh.
The syntax requirements for each shell are each a little different. For example, Debian's policy allows some extensions in their scripts, while a script intending to support pre-POSIX Bourne shells, like autoconf's, are even more limited in the features they can use.

Other modes

Restricted mode

A restricted shell is used to set up an environment more controlled than the standard shell. A restricted shell behaves identically to bash with the exception that numerous actions are disallowed or not performed, including:
  • Changing directories with the builtin.
  • Setting or unsetting the values of the,,,, or variables.
  • Specifying command names containing slashes on the CLI.
  • Using absolute pathnames as arguments to the,, or commands.
  • Specifying a path search with or.
  • Importing function definitions and parsing the value of from the shell environment at startup.
  • Redirecting output using the,,,,, and redirection operators.
  • Using the builtin to replace the shell with another command.
  • Altering shell builtins.
Once restricted mode is enabled, it cannot be disabled. These restrictions are enforced after any startup files are read, and it does not apply to shell scripts. Restricted mode is rarely used.

Privileged mode

In Bash, "privileged mode" is a rarely used option inherited from the SVR4.2 UNIX System V shell. It can be enabled with and disabled with. When privileged mode is enabled, the shell variables includes the string "privileged".

Extended debugging mode

Enabled via at invocation or via during either interactive or non-interactive modes. It uses a separate program called. is not available in POSIX mode. See documentation for more information. See also.

Compatibility modes

Observability

The option

When is enabled, simple debugging content is printed to the terminal.
It can be enabled with or, and disabled with, or.
These options are also accepted at the commandline and at hash-bangs:, etc.

$ bash -x
$ echo $)
+ echo 4
$ set -- 1 2 3
$ printf '<%s>\n' "$@"
+ printf '<%s>\n' 1 2 3
<1>
<2>
<3>

The shell setting is specified by POSIX.
See also.

The option

The verbose option prints strings to the terminal as they are read, and before any expansions are performed. Rarely used.

Comments

Comments can be a valuable way of clarifying information or explaining a script or source file to someone else who might not be familiar with the scripter's intentions or context.
Standard comments in Bash are denoted with a hash character:.
Any text to the right of the hash to the end of the line will be ignored.
Inline comments are allowed, but hash comments will not print during debugging. See also:.
Comments denoted with a colon character,, originated with the Thompson shell. Any arguments to the right of colon builtin are ignored. Inline comments are not possible, but colon comments will print during debugging and any parameters will have been expanded.
$ # Define foo
$ foo=bar # An inline hash comment occurs on the same line as a command
$ set -x
$ # A regular comment
$ : "$"
+ : bar

Exit codes

When bash executes commands, exit status codes, also called "return codes," are produced which can offer some insight into the manner in which a program ceased running.
The value of the most recently captured exit code is held within the shell parameter, 'question mark:'.
In non-arithmetic contexts, the numerical or "Boolean" value of "true" is zero, and the value of "false" is one.
When a system command has executed, the intended meaning of its exit status can most often be found in its man page; usually a zero indicates success and a nonzero exit status indicates some kind of failure condition or partial success.
is a well known command with three meaningful exit codes: 0, 1, and 2.
In Bash, within arithmetic contexts, the numerical truth values are reversed: "true" is one and "false" is zero.
An arithmetic context can usually be identified by the syntax or.
If an arithmetic statement evaluates to the integer zero, then the statement is considered "true," and the exit code is one.
If the statement evaluates to any number other than zero the arithmetic statement is "false" and the exit code is zero.
Not all Linux/UNIX commands provide meaningful exit codes beyond zero and one, and there is no standard system for definitions of exit codes in Linux.
$ true; echo "$?" # Exit code means "true"
$ false; echo "$?"; echo # Exit code means "false"
$ bash -c 'exit 99'; printf 'exit-code: %d\n\n' "$?"
exit-code: 99
$ ); printf '%d\n' "$?" # This exit code means "true"
$ ); printf '%d\n' "$?" #...and this exit code means "false"

Job control

The Bash shell has two modes of execution for commands: batch, and concurrent.
To execute commands in batch mode they must be separated by the character, or on separate lines:
$ command1; command2
$ command3

In this example, when is finished, is executed, and when has completed, will execute.
A background execution of can occur using symbol at the end of an execution command, and process will be executed in background while immediately returning control to the shell and allowing continued execution of commands.
$ command1 &

Or to have a concurrent execution of and, they must be executed in the Bash shell in the following way:
$ command1 & command2

In this case is executed in the background, symbol, returning immediate control to the shell that executes in the foreground.
A process can be stopped and control returned to bash by typing while the process is running in the foreground.
A list of all processes, both in the background and stopped, can be achieved by running :
$ jobs
- Running command1 &

In the output, the number in brackets refers to the job id.
The plus sign signifies the default process for and.
The text "Running" and "Stopped" refer to the process state.
The last string is the command that started the process.
The state of a process can be changed using various commands.
The command brings a process to the foreground, while sets a stopped process running in the background.
and can take a job id as their first argument, to specify the process to act on.
Without one, they use the default process, identified by a plus sign in the output of.
The command can be used to end a process prematurely, by sending it a signal.
The job id must be specified after a percent sign:
$ sleep 100 &
4904
$ kill %1
$ jobs
+ Terminated sleep 100

Job control, also known as "Monitor mode," is enabled by default in interactive shells, and can be disabled with.

Signals

is a means of inter-process communication. Sometimes a commandline process may seem to freeze in the middle of execution.
In these instances it may become necessary to identify which process may be blocked and to manually end the offending process.
At an interactive terminal, it is usually sufficient to press to end the current foreground process and return control back to the user prompt, or to press to suspend it.
Occasionally attempting to suspend a process will succeed when attempts to cancel a process appear unresponsive.
In other cases it may be necessary to use the program to send an IPC signal.
In this example, we use the command from a second terminal screen to terminate the process with PID 4331.
$ tty # Terminal one
/dev/pts/0
$ whoami
liveuser
$ sleep 1000 # Command hangs

$ tty # Terminal two
/dev/pts/1
$ whoami
liveuser
$ ps aux | grep -e sleep -e PID
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
liveuser 4331 0.0 0.0 230336 2312 pts/1 S+ 11:19 0:00 sleep 1000
liveuser 4333 0.0 0.0 231248 2516 pts/0 S+ 11:19 0:00 grep --color=auto -e sleep -e PID
$ kill 4331
$ ps aux | grep -e sleep -e PID # The sleep process has ended
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
liveuser 4333 0.0 0.0 231248 2516 pts/0 S+ 11:19 0:00 grep --color=auto -e sleep -e PID
$

$ tty # Terminal one again
/dev/pts/0
$ whoami
liveuser
$ sleep 1000
Terminated

In Unix-like operating systems, a user is allowed to instruct the kernel to send a signal to a process that is owned by the user.
A regular user may not send a signal to a privileged process.
Signals can be sent to a process using the builtin or using the system binary of the same name.
$ whoami
liveuser
$ ps aux | awk '$2 ~ /\<1\>/' # Let\s view some info on the kernel process, process 1.
root 1 0.0 0.2 37140 20440 ? Ss 04:44 0:18 /usr/lib/systemd/systemd --switched-root --system --deserialize=53 rhgb
$ kill -s SIGKILL 1
bash: kill: - Operation not permitted
$ type -a kill
kill is a shell builtin
kill is /usr/bin/kill
$ /usr/bin/kill -s SIGKILL 1
kill: sending signal to 1 failed: Operation not permitted

The most commonly used signals can be viewed with kill -L | head -n 4.
Each IPC signal is associated with a signal number, but exit codes and signal codes are two different things.
While sending a process an IPC signal of 9 will almost certainly terminate the process immediately, it will most likely not result in the process returning an exit code of 9.
By default in Bash, builtin kill sends a TERM signal.
It's common for commandline utilities to respond to a SIGTERM by shutting down and exiting cleanly.
The Ctrl-c keypress sequence in Bash sends a SIGINT, interrupt signal, to the foreground process.
The Ctrl-z keypress sequence sends the SIGSTOP, stop signal.
When a process receives a SIGKILL, the process terminates immediately and messily.
It is recommended to use SIGKILL only as a last resort.
The SIGKILL signal cannot be blocked or handled.
Processes can "catch" and "handle" IPC signals they receive.
A user can use the kill builtin to "send" an IPC signal to another process.
That target process can set up a mechanism, some plan beforehand, for how to repsond whenever any particular signal might be received, or "caught."
The way a target program responds is referred to as how the program "handles" receiving the signal.
In the man pages one can see how some system commands will print out certain information to the terminal when they receive a SIGHUP: for example, the command.
By default Bash shell scripts receive and respond to any and all IPC signals sent to them, however, Bash scripts can utilize the builtin to catch and handle signals.
$ cat./trap-example.sh
  1. ! /usr/bin/env bash
trap umask EXIT
echo bar
exit 0
$ chmod 0700 trap-example.sh
$./trap-example.sh
bar
0077

There are a few signals which are only available from within Bash as GNU extensions:,, and.
These signals can be useful in debugging, and can only be sent and handled by shell builtins.
See also.

Values of parameters

There are many different implementations of. Some have the option, and some don't.
The list of options is not uniform across implementations, though and are both specified by POSIX.
If a scripter wishes to know the precise value of a string contained by a variable, then the most consistent way of doing so is to use.
For any string containing any character including digits, the format specifier is.
$ foo=abc bar=123
$ printf '<%s>\n' "$" "$"

<123>

For digits only, the format specifier is.
$ printf '<%d>\n' "$" "$"
bash: printf: abc: invalid number
<0>
<123>

With, a newline is never included in the output unless the scripter includes a newline in the format string.
In the example below, where a newline has been omitted from the format string, the value of PS1 is printed on the same line as the output of the previous command.
$ printf '<%s>' "$" "$"
<123>$

Another very consistent method is to use.
The output of can be reused as input.
However, not all variables and parameters can be printed using, for example, the values of the Special Parameters.
The Special Parameter hashtag,, reports how many Positional Parameters are currently defined.
$ declare -p foo bar
declare -- foo="abc"
declare -- bar="123"
$ declare -p "$#"
bash: declare: 0: not found

For a full string of input at an interactive shell...
$ declare -p #

...the hashtag would be interpreted by Bash as an inline comment.
With the comment and all text to the right of it removed, the command that Bash would execute would be.
This command would, according to, "display the values and attributes of each NAME," i.e., each variable, and, "if no NAMEs are given, display the values and attributes and values of all variables," which can be over 100 lines of output.
On the other hand, cannot display variables' attributes.
See also.
$ readonly foo
$ declare -p foo
declare -r foo="abc"
$ printf '<%s>' "$"

$

Environment

Configurable execution environment:
  • Shell and session startup files such as and ;
  • Settings and shell options which alter shell behavior;
Shell and session startup Files
When Bash starts, it executes the commands in a variety of dot files.
Unlike Bash shell scripts, dot files typically have neither the execute permission enabled nor an interpreter directive like.
  • Legacy-compatible Bash startup example
The example below is compatible with the Bourne shell and gives semantics similar to csh for the and.
The && cmd is a short-circuit evaluation that tests if filename exists and is readable, skipping the part after the if it is not.
&& ~/.profile # set up environment, once, Bourne-sh syntax only
if ; then # are we interactive?
&& ~/.bashrc # tty/prompt/function setup for interactive shells
&& ~/.bash_login # any at-login tasks for login shell only
fi # End of "if" block

  • Operating system issues in Bash startup
Some versions of Unix and Linux contain Bash system startup scripts, generally under the directory.
Bash executes these files as part of its standard initialization, but other startup files can read them in a different order than the documented Bash startup sequence.
The default content of the root user's files may also have issues, as well as the skeleton files the system provides to new user accounts upon setup.
The startup scripts that launch the X window system may also do surprising things with the user's Bash startup scripts in an attempt to set up user-environment variables before launching the window manager.
These issues can often be addressed using a or file to read the — which provides the environment variables that Bash shell windows spawned from the window manager need, such as xterm or Gnome Terminal.

Standard streams

- STDIN, STDOUT and STDERR

Commands

System commands

Aliases

Keywords and reversed words

  • * Bash function declarations which include this particular keyword are not compatible with Bourne/Korn/POSIX scripts, however, Bash does accepts the function declaration syntax used by Bourne, Korn and POSIX-compliant shells.

    Functions

Builtin commands

  • Various Built-In Commands:
  • * POSIX Special builtins:
  • **,, etc.
  • *
  • ** Xtrace: . The shell's primary means of debugging. Both xtrace and verbose can be turned off at the same time with the command.
  • ** Verbose: . Prints a command to the terminal as Bash reads it. Bash reads constructs all at once, such as compound commands which include if-fi and case-esac blocks. If a is included within a compound command, then "verbose" will be enabled the next time Bash reads code as input, i.e., after the end of the currently executing construct.
  • ** Both xtrace and verbose can be turned off at the same time with the command.
  • *
  • ** expand-aliases: On by default in interactive shells. Some developers discourage its use in scripts.

    PATH and system commands

When the shell looks for external commands, it relies on the Bourne shell variable. contains a list of directories separated by colons,.
Beginning with the leftmost directory and selecting directories in a left to right pattern, each directory is searched until a match is found.
In Linux, so that a user can locate additional commands, it's common practice for distribution administrators and package developers to alter the value of an end user's by including source files in and other locations.
When looking for the command,, for instance, after considering internal commands and finding nothing, Bash will search the directories in and will select the absolute path of the first executable found that has a basename which matches the search string.
If there is more than one command available in the directories listed in, during the process of parsing and executing a commandline, by default only the first command found will be selected.
lookups are slow.
The shell speeds up the commandline execution process by remembering command locations in a hash table.
To perform a full search without any interference from the hash table, remove the current table with and search for all kinds of commands with.
$ # Force a full path search
$ PATH=$:$
$ printf 'echo script_file: "$@"\n' >./echo
$ chmod 0700./echo
$ hash -r; type -a echo
echo is a shell builtin
echo is /usr/bin/echo
echo is /home/liveuser/echo
$

In order to execute a commandline with a command found later in the string, you can specify an absolute path or you can anchor path resolution relative to the current working directory.
$ /home/liveuser/echo foo
script_file: foo
$./echo bar
script_file: bar

For security reasons it is advisable to make sure the directories in PATH are not world-writeable, or are writeable only by root and trusted users.

Command lookup

  • Command position: after expansions, the first word of the full text of the command line.
  • Command name lookup is performed, in the following order:
  • * Commands internal to the shell:
  • ** Shell aliases,
  • ** Shell reserved words,
  • ** Shell functions, and
  • ** [Shell builtin|Shell built-in commands];
  • * Commands external to the shell, using the PATH shell variable:
  • ** Separate UNIX-style programs such as [ls|] or [Ln (Unix)|], and
  • ** Shell scripts, which are files containing executable commands.
  • The resulting string is executed as a command.

    Control structures

Subshells

Pipelines

However, by using a pipeline, they can engage in multiple cycles of computation at the same time, substantially increasing their speed. In a pipelined control unit, different instructions simultaneously go through the process but at different points. While one instruction is being fetched, a second is being decoded, and so forth.
Unix-style pipelines: |.

Logical operators

  • AND
  • OR
  • NOT
Bash supplies "conditional execution" command separators that make execution of a command contingent on the exit code set by a precedent command.
For example:

$ cd "$SOMEWHERE" &&./do_something || echo "An error occurred" >&2

Where is only executed if the command was "successful" and the command would only be executed if either the or the command return an "error".

Iteration

  • ,, and loop compound commands;
  • Arithmetic C-style and list-enumerating loop compound commands; and
  • ,,, and flow control commands;

    Compound commands

Bash also supports and forms of conditional command evaluation.

Testing

Built in commands for testing file attributes, comparing string and integer values, etc.:
  • Traditional command,
  • Traditional single bracket test:,
  • Modern double bracket test: [[...]], which includes advanced features:
  • * Extended regular expression and extglob matching
  • * Lexicographic comparisons with and ;
  • numeric evaluation and testing; this includes almost all "C" language operators for arithmetic and numeric comparison;
For all commands the exit status is stored in the special variable.

Regular Expressions

Bash 3.0 supports in-process regular expression matching using a syntax reminiscent of Perl.
Regexp matching is limited to strings on the right side of the =~ operator in the extended test construct.
$line =~ :space:*?b means values for line like 'aab', ' aaaaaab', 'xaby', and ' ab' will all match, as will a line containing a 'b' anywhere in its value.

Coprocesses

Data manipulation

Word Splitting

Split into words

Quoting

Bash has certain quoting rules: uses of
  • single quotes
  • double quotes
  • backslashes, and
  • ANSI-C quoting.
See also,
See also backticks :.

Unicode

Support for Unicode in and ANSI-C quoting.

Brace Expansion

$ echo kernel
kernel kernel-headers

Brace expansion, also called alternation, is a feature copied from the C shell.
It generates a set of alternative combinations.
Generated results need not exist as files.
The results of each expanded string are not sorted and left to right order is preserved:
$ echo ae
ape ace ade abe
$ echo
ad ae af bd be bf cd ce cf

Users should not use brace expansions in portable shell scripts, because the Bourne shell does not produce the same output.
$ # bash shell
$/bin/bash -c 'echo ae'
ape ace ade abe
$ # A traditional shell does not produce the same output
$ /bin/sh -c 'echo ae'
ae

When brace expansion is combined with wildcards, the braces are expanded first, and then the resulting wildcards are substituted normally.
Hence, a listing of JPEG and PNG images in the current directory could be obtained using:
ls *. # expands to *.jpg *.jpeg *.png – after which,
# the wildcards are processed
echo *. # echo just shows the expansions –
# and braces in braces are possible.

In addition to alternation, brace expansion can be used for sequential ranges between two integers or characters separated by double dots.
Newer versions of Bash allow a third integer to specify the increment.
$ echo
1 2 3 4 5 6 7 8 9 10
$ echo
01 02 03 04 05 06 07 08 09 10
$ echo file.txt
file1.txt file2.txt file3.txt file4.txt
$ echo
a b c d e
$ echo
1 4 7 10
$ echo
a d g j

When brace expansion is combined with variable expansion the variable expansion is performed after the brace expansion, which in some cases may necessitate the use of the built-in, thus:
$ start=1; end=10
$ echo # fails to expand due to the evaluation order
$ eval echo # variable expansion occurs then resulting string is evaluated
1 2 3 4 5 6 7 8 9 10

Tilde Expansion

Parameter and variable expansion

  • Type
  • Shell parameters
  • Environment variables
  • User variables
  • Scope
  • Arrays
  • * Indexed arrays: size is unlimited.
  • * Associative arrays: via
  • Parameter Expansion
  • :Expansion syntaxes which can perform some tasks more quickly than external utilities, including, among others:
  • * Pattern Substitution
  • ** for sed '',
  • * Remove Matching Prefix or Suffix Pattern
  • ** for,
  • * Enumerate Array Keys
  • **, and
  • * Display Error if Null or Unset
  • **,

    Pathname expansion

Pathname expansion, i.e., shell-style globbing and pattern matching using,,.

Locales

Locale-specific translation via quoting syntax.

Process redirections and parsing

Command substitution

Process substitution

, or, when a system supports it:
Bash supports process substitution using the and syntax, which substitutes the output of a command where a filename is normally used.
.

Arithmetic expansion

Arithmetic expansion, or, including
Bash can perform integer calculations without spawning external processes.
It uses the command and the variable syntax for this purpose.

Redirection

of Standard Input, Standard Output and Standard Error data streams are performed, including
  • File writing,, and appending,,
  • Here documents,,
  • Here strings,, which allow parameters to be used as input, and
  • A redirection operator,, which can force overwriting of a file when a shell's setting is enabled;
Its syntax simplifies I/O redirection.
For example, it can redirect standard output and standard error at the same time using the operator.
This is simpler to type than the Bourne shell equivalent ''.
Bash supports here documents.
Since version 2.05b Bash can redirect standard input from a "here string" using the operator.

Command parsing

  • Comments are ignored, from an unquoted to the end of the same line;
  • Commands are parsed one line at a time:
  • * Control structures are honored, and
  • * Backslash escapes are also honored at the ends of lines;
  • Split into words according to quoting rules,
  • * Including ANSI-C quoting ;
  • Seven types of expansions are performed in the following order on the resulting string:
  • # ' Brace expansion kernel,
  • # ' Tilde expansion,
  • # In a left-to-right fashion:
  • #* ' Parameter and variable expansion or, including
  • #* ' Command substitution:,
  • #* ' Process substitution, or, when a system supports it:
  • #* ' Arithmetic expansion, or, including
  • #** Integer arithmetic in any base from two to sixty-four, although
  • #** Floating-point arithmetic is not available from within the shell itself.
  • # Word splitting,
  • # Pathname expansion, i.e., shell-style globbing and pattern matching using,,,
  • # Quote removal;
  • Redirections of Standard Input, Standard Output and Standard Error data streams are performed, including
  • * File writing,, and appending,,
  • * Here documents,,
  • * Here strings,, which allow parameters to be used as input, and
  • * A redirection operator,, which can force overwriting of a file when a shell's setting is enabled;
  • Command name lookup is performed, in the following order:
  • # Commands internal to the shell:
  • #* Shell aliases,
  • #* Shell reserved words,
  • #* Shell functions, and
  • #* Shell built-in commands;
  • # Commands external to the shell:
  • #* Separate UNIX-style programs such as [ls|] or [Ln (Unix)|], and
  • #* Shell scripts, which are files containing executable commands.
  • The resulting string is executed as a command.

    Interactive-only features

Command History

Unlimited size command history.
This feature is available in interactive mode only.

Directory stack

A directory stack feature is available in interactive mode only.

Programmable completion

Also known as "tab completion" or "command-line completion", when a user presses the, within an interactive command-shell Bash automatically uses any available completion scripts to suggest partly typed program names, filenames and variable names. The Bash command-line completion system is very flexible and customizable, and is often packaged with functions that complete arguments and filenames for specific programs and tasks.
Bash supports programmable completion via built-in,, and commands.
The feature has been available since the beta version of 2.04 released in 2000.
These commands enable complex and intelligent completion specification for commands, functions, variables, and filenames.
The and two commands specify how arguments of some available commands or options are going to be listed in the readline input.As of version 5.1 completion of the command or the option is usually activated by the keystroke after typing its name.
This feature is available in interactive mode only.

Prompts

Configurable prompts.
This feature is available in interactive mode only.

Documentation

User Manual

A for Bash is provided by the GNU Project.
It is sometimes considered to be a more user-friendly document than the man page.
"You may also find information about Bash...by looking at,, or similar directories on your system."
On GNU/Linux systems, if the program is available then the GNU Manual version relevant for your installation should also be available at.

Man page

The most recent technical manual, or , is intended to be the authoritative explanatory technical document for the understanding of how bash operates.
On GNU/Linux systems, the version relevant for your installation is usually available through the program at.

help builtin

With recent versions of Bash, information on shell built-in commands can be found by executing, or at a terminal prompt where bash is installed.
The command can be invoked via to ensure that you run the program found via your shell's search path, and not a shell alias or built-in function:.

POSIX Specification

For the purpose of allowing inter-operability among different shell programs running on different operating systems, the influences how modern UNIX-like shells are written.
Bash "is intended to be a conformant implementation of the IEEE POSIX "Shell and Utilities" portion of the IEEE POSIX specification."
The most recent publication of the standard is available online.
As the standard upon which bash is based, the POSIX Standard, or IEEE Std 1003.1,
et seq, is especially informative.

Further resources

"The project maintainer also has a Bash page which includes Frequently Asked Questions",
this FAQ is current as of bash version 5.1 and is no longer updated.
Informal avenues of support are available via IRC at libera.chat, in the #bash channel, and mailing lists are available at - GNU Project - Free Software Foundation.

Security and vulnerabilities

Root scripts

Running any shell scripts as the root user has, for years, been widely criticized as poor security practice.
One commonly given reason is that, when a script is executed as root, the negative effects of any bugs in a script would be magnified by root's elevated privileges.
One common example: a script contains the command,, but the variable is left undefined.
In Linux, if the script was executed by a regular user, the shell would attempt to execute the command as a regular user, and the command would fail.
However, if the script was executed by the root user, then the command would likely succeed and the filesystem would be erased.
It is recommended to use on a per-command basis instead.

CGI scripts

CGI scripts are a significant source of vulnerability.

builtin

"The eval command is extremely powerful and extremely easy to abuse."

Input validation

"Input validation is the process of ensuring data has undergone data cleansing to confirm it has data quality, that is, that it is both correct and useful."

Shellshock

In September 2014, a security bug was discovered
in the program.
It was dubbed "Shellshock." Public disclosure quickly led to a range of attacks across the Internet.
Exploitation of the vulnerability could enable arbitrary code execution in CGI scripts executable by certain versions of Bash.
The bug involved how Bash passed function definitions to subshells through environment variables.
The bug had been present in the source code since August 1989 and was patched in September 2014.
Patches to fix the bugs were made available soon after the bugs were identified.
Upgrading to a current version is strongly advised.
It was assigned the Common Vulnerability identifiers, among others.
Under CVSS Metrics 2.x and 3.x, the bug is regarded as "high" and "critical", respectively.

Deprecated syntax

  • Backtick style command substitutions: is deprecated in favor of
  • * ;
  • Use of or in // commands,
  • * for example, is deprecated in favor of
  • ** ;
  • Use of the arithmetic syntax is deprecated in favor of
  • * or
  • *, as appropriate;
  • Use of as a pipeline is deprecated in favor of |;
  • Any uses of or.

    Debugging

Table of Features

FeatureFeatureFeaturePOSIX 2024DescriptionBash ver.
Grammar typeFormal nameSyntaxPOSIX 2024DescriptionBash ver.
Special Built-In Utilityset / xtraceThe shell's primary means of debugging.
It "writes to standard error a trace for each command after it expands the command and before it executes it."
Special ParametersExit Status"Expands to the shortest representation of the decimal exit status."
Parameter ExpansionsIndicate Null or Unset"Where the expansion of, perhaps an error message or a line number, is written to standard error and the shell exits with a non-zero exit code."
Special ParametersPID of Invoked Shell"Expands to the shortest representation of the decimal process ID of the invoked shell."
Special Built-In Utilityset / verbose"Writes its input to standard error as it is read."
Special Built-In Utilityset / pipefail"Derive the exit status of a pipeline from the exit statuses of all of the commands in the pipeline, not just the last command."
Special Built-In Utilityset / nounsetWhen enabled, will cause the shell to exit with an error message when it encounters an unset variable expansion.
Its use has a number of counter-intuitive pitfalls.
Special Built-In Utilityset / errexitErrexit is a setting that, when enabled, will, under certain very specific conditions, cause the shell to exit without an error message whenever the shell receives a non-zero exit code.
Its use is somewhat controversial, to the extent that any somewhat obscure computer program can be controversial.
Adherents claim that Errexit provides an assurance of verifiability in situations where shell scripts "must not fail." However, opponents claim that its use is unreliable, deceptively simple, highly counter-intuitive, rife with gotchas and pitfalls, and in essence "security theater." Numerous developers of Bash have strongly discouraged the use of this particular setting.
Special Built-In Utilitytrap / EXIT"If a signal specifier is or, is executed when the shell exits." If contains expansions, then should be in single quotes.
UtilityprintfA means of reliably printing the contents of a variable.
Bash VariablesBASHPID"Expands to the process ID of the current bash process."
Bash VariablesBASH_ARGC"An array variable whose values are the number of parameters in each frame of the current bash execution call stack."
Bash VariablesBASH_ARGV"An array variable containing all of the parameters in the current bash execution call stack."
Bash VariablesBASH_LINENO"An array variable whose members are the line numbers in source files where each corresponding member of was invoked."
Bash VariablesBASH_REMATCH"An array variable whose members are assigned by the =~ binary operator to the conditional command."
Bash VariablesBASH_SOURCE"An array variable whose members are the source filenames where the corresponding shell function names in the array variable are defined."
Bash VariablesBASH_XTRACEFD"If set to an integer corresponding to a valid file descriptor, Bash will write the trace output generated when is enabled to that file descriptor."
Bash VariablesEPOCHREALTIME"Each time this parameter is referenced, it expands to the number of seconds since the Unix Epoch as a floating point value with micro-second granularity."
Bash VariablesFUNCNAME"An array variable containing the names of all shell functions currently in the execution call stack."
Bash VariablesLINENO"Each time this parameter is referenced, the shell substitutes a decimal number representing the current sequential line number within a script or function."
Bash VariablesPIPESTATUS"An array variable containing a list of exit status values from the processes in the most-recently-executed foreground pipeline."
Bash VariablesPPID"The process ID of the shell's parent."
Bash VariablesPS4"The value of this parameter is expanded as with PS1 and the value is printed before each command bash displays during an execution trace."
Shell Builtinset / restrictedRestricted mode is intended to improve the security of an individual shell instance from a malicious human with physical access to a machine.
As threat models have changed, it has become less commonly used now than it once was.
Shell Builtinshopt / extdebug"Behavior intended for use by debuggers."
Shell Builtintrap / DEBUG"If a sigspec is DEBUG, the command arg is executed before" certain kinds of commands.
Shell Builtintrap / ERR"If a sigspec is ERR, the command arg is executed whenever..." certain kinds of commands "return a non-zero exit status", subject to similar restrictions as with ErrExit.
Shell Builtintrap / RETURN"If a sigspec is RETURN, the command arg is executed each time a shell function or a script executed with the or builtins finishes executing."

  • Shell features specified by POSIX:
  • * Parameter Expansions:
  • * Special Parameters:
  • * Special Built-In Utility :
  • * Special Built-In Utility :
  • ** POSIX does specify certain uses of the builtin:...
  • * Utility : a means of reliably printing the contents of a variable:
  • Bash features not specified by POSIX:
  • * Bash Variables:
  • * Shell Builtin :
  • * Shell Builtin :
  • * Shell Builtin :
  • ** While POSIX does specify certain uses of the builtin, the following signal specs are Bash extensions:...
  • Third party debugging utilities:
  • * ShellCheck: Shell script analysis tool;
  • * devscripts-checkbashisms: Check whether a /bin/sh script contains any common bash-specific constructs;
  • * kcov: Code coverage tool without special compilation options;
  • * Bashdb: The Bash symbolic debugger.

    Examples

With the parameter expansion, an unset or null variable can halt a script.
$ cat ex.sh
  1. !/bin/bash
bar="foo is not defined"
echo "$"
echo this message doesn't print
$./ex.sh
./ex.sh: line 3: foo: foo is not defined

Reliably printing the contents of an array that contains spaces and newlines first in a portable syntax, and then the same thing in Bash.
Note that POSIX doesn't have named array, only the list of arguments,, which can be re-set by the builtin.
$ # In POSIX shell:
$ set -- "a" " b" "
> c "
$ printf ',%s,\n' "$@"
,a,
, b,
c,

Note that in Bash, the number of spaces before the newline is made clear.
$ # In Bash:
$ array=
$ declare -p array
declare -a array=

Printing an error message when there's a problem.
$ cat error.sh
  1. !/bin/env bash
if ! lsblk | grep sdb
then
echo Error, line "$"
fi
$./error.sh
Error, line 130

Using xtrace.
If errexit had been enabled, then would not have been executed.
$ cat test.sh
  1. !/bin/env bash
set -x
foo=bar; echo "$"
false
echo quux
$./test.sh
+ foo=bar
+ echo bar
bar
+ false
+ echo quux
quux

Note: differs from in certain circumstances, such as subshells that do not require bash to be reinitialized.
$ echo $ $$ $BASHPID
25680 16920 16920 16920
  1. | | | |
  2. | | | \-- $BASHPID outside of the subshell
  3. | | \-- $$ outside of the subshell
  4. | \-- $$ inside of the subshell
  5. \-- $BASHPID inside of the subshell

Bug reporting

An external command called bashbug reports Bash shell bugs.
When the command is invoked, it brings up the user's default editor with a form to fill in.
The form is mailed to the Bash maintainers.

History

Shell script functionality originated with files called "runcoms" in reference to the 1963 macro processor of the same name.
The suffix "rc" is short for "runcom."
The term "shell" was coined by Louis Pouzin in 1964 or 1965,
and appeared in his 1965 paper, "The SHELL, A Global Tool for Calling and Chaining Procedures in the System," which describes many features later found in many UNIX shells.
The ASCII standard for character encoding was defined in 1969 in a document called Request for Comments 20.

Timeline

Significant events in Bash history are listed below:

Unix shells

There are many programs that allow you to create a graphical interface for shell scripts.
  • curses - curses is a terminal control library for Unix-like systems, enabling the construction of text user interfaces applications.
  • dialog - is a utility that allows you to create dialog boxes in the console, using the curses and ncurses libraries.
  • gtkdialog - is the most functional utility for creating graphical applications on bash scripts.
  • kdialog - is a KDE equivalent of zenity.
  • ncurses - a programming library for creating textual user interfaces that work across a wide variety of terminals.
  • whiptail - is an analogue of the dialog utility, it uses the newt library.
  • xdialog - is a replacement for dialog that is designed to give programs launched from the terminal an X Window System interface.
  • yad - is a fork of zenity, with more features.
  • zenity - is the most popular application for creating a graphical interface for scripts.