Bash (Unix shell)

In computing, Bash (short for "Bourne Again SHell",)^[6] is an interactive command interpreter and command programming language developed for UNIX-like operating systems.^[7] Created in 1989^[8] by Brian Fox for the GNU Project, it is supported by the Free Software Foundation and designed as a 100% free alternative for the Bourne shell (sh) and other proprietary Unix shells.^[9]

Bash

Original author(s)	Brian Fox
Developer(s)	Chet Ramey
Initial release	8 June 1989; 36 years ago (8 June 1989)
Stable release	5.2.37[1]  / 23 September 2024
Repository	git.savannah.gnu.org/cgit/bash.git
Written in	C
Operating system	Linux Unix-like macOS Windows Android Oracle Solaris
Platform	GNU
Available in	Multilingual (gettext)
Type	Shell (computing), Unix shell, command language
License	v.4.0+: GPL-3.0-or-later[2] v.1.11 – v.3.2: GPL-2.0-or-later[3] v.0.99 – v.1.05: GPL-1.0-or-later[4][5]
Website	www.gnu.org/software/bash/

Since its inception, Bash has gained widespread adoption and is commonly used as the default login shell for numerous Linux distributions.^[10][11][12] It holds historical significance as one of the earliest programs ported to Linux by Linus Torvalds, alongside the GNU Compiler (GCC).^[13] It is available on nearly all modern operating systems, making it a versatile tool in various computing environments.

As a command-line interface (CLI), Bash operates within a terminal emulator, or text window, where users input commands to execute various tasks. It also supports the execution of commands from files, known as shell scripts, facilitating automation. In keeping with Unix shell conventions, Bash incorporates a rich set of features. The keywords, syntax, dynamically scoped variables, and other basic features of the language are all copied from the Bourne shell, (sh). Other features, e.g., history, are copied from the C shell, (csh), and the Korn Shell, (ksh). It is a POSIX-compliant shell with extensions.

History

While Bash was developed for UNIX and UNIX-like operating systems, such as GNU/Linux, it is also available on Android, macOS, Windows, and numerous other current and historical operating systems.^[14] "Although there have been attempts to create specialized shells, the Bourne shell derivatives continue to be the primary shells in use."^[15]

Timeline

Date	Event
1988-01-10	Brian Fox began coding Bash[16] after Richard Stallman became dissatisfied with the lack of progress being made by a prior developer.[17] Stallman and the FSF considered a free shell that could run existing shell scripts so strategic to a completely free system built from BSD and GNU code that this was one of the few projects they funded themselves. Fox undertook the work as an employee of FSF.[17][18]
1989-06-08	Fox released Bash as a beta, version 0.99.[8] The license was GPL-1.0-or-later. "In addition to supporting backward-compatibility for scripting, Bash has incorporated features from the Korn and C shells. You'll find command history, command-line editing, a directory stack (pushd and popd), many useful environment variables, command completion, and more."[19] Eventually it supported "regular expressions (similar to Perl), and associative arrays".
1992 ~ 1994	Brian Fox retired as the primary maintainer sometime between mid-1992 [20] and mid-1994.[21][22] His responsibility was transitioned to another early contributor, Chet Ramey.[23][11][12] Since then, Bash has become the most popular default interactive shell among the major GNU/Linux distributions, such as Fedora, Debian, and openSUSE, as well as among their derivatives and competitors.[24][25]
1994-01-26	Debian – initial release. Bash is the default interactive and non-interactive shell.[26]
1996-12-31	Chet Ramey released bash 2.0. The license was GPL-2.0-or-later
1997-06-05	Bash 2.01 released.
1998-04-18	Bash 2.02 released.
1999-02-19	Bash 2.03 released.
2000-03-21	Bash 2.04 released.
2000-09-14	Bug-bash mailing list exists.[27]
2001-04-09	Bash 2.05 released.[28]
2003	Bash became the default shell on Apple's operating systems (i.e., MacOS) starting with OS X 10.3 Panther.[29][30] It was available on OS X 10.2 Jaguar as well where the default shell was tcsh.
2004-07-27	Bash 3.0 released.[31]
2005-12-09	Bash 3.1 released.[32]
2006-10-12	Bash 3.2 released.[33] The license was GPL-2.0-or-later.
2006	Ubuntu replace bash with dash as its default shell.
2009-02-20	Bash 4.0 released[34] Its license is GPL-3.0-or-later.
2010-01-02	Bash 4.1 released.[35]
2011-02-14	Bash 4.2 released.[36]
2012	On Solaris 11, "the default user shell is the Bourne-again (bash) shell."[37]
2014-02-27	Bash 4.3 released.[38]
2014-09-08	Shellshock (software bug).[39] Patches to fix the bugs were made available soon after the bugs were identified.[40]
2015	Termux and other terminal emulation applications provide availability of Bash on Android.
2016-09-15	Bash 4.4 released.
2009 ~ 2018	Apple declines to accept version 4 of Bash being licensed under version 3 of the Gnu Public License, and ceases to supply upgrades to Bash beyond version 3.2 (as supplied in MacOS Mojave.
2019-06-05	Apple declares zsh[41] its default shell, and supplies version 5.7 in its Catalina release of MacOS.[42] [43] [44] [45]
2019-01-07	Bash 5.0 released.[46]
2020-12-07	Bash 5.1 released.[47]
2022-09-26	Bash 5.2 released.[48]
2025	Bash 5.3 released.

Features

List of short descriptions

As a command processor, Bash can operate in two modes, interactive and non-interactive. In interactive mode, commands are read from a terminal, prompting the user to enter commands. In non-interactive mode, commands are read from named files (known as shell scripts) or from the shell's standard input, facilitating automation.

In keeping with Unix shell conventions, Bash incorporates a rich set of features, including:

• A User Manual provided by the GNU Project, also available as info bash, and a technical manual available as man bash.
• A command-line interface, reading commands from a terminal;
• Invocation as:
  • an interactive shell, both as a session leader (historically referred to as a "login shell", though this is a misnomer when the shell is started within a terminal emulator) and as a subsidiary shell, or
  • a non-interactive shell, reading commands from a named file, or
  • a non-interactive shell, reading commands from its standard input;
• Exit status codes;
• Control structures for
  • Condition testing:
    • logical operators AND (&&), OR (||), and NOT (!);
    • if and case compound commands;
  • Iteration:
    • while, until, and select loop compound commands;
    • arithmetic (C-style) and list-enumerating for loop compound commands; and
    • continue, break, return, and exit flow control commands;
• Built in commands for testing file attributes, comparing string and integer values, etc.:
  • Traditional test command,
  • Traditional single bracket test: [,
  • Modern double bracket test: [[ ... ]], which includes advanced features:
    • Extended regular expression and extglob matching
    • Lexicographic comparisons with < and >;
  • (( ... )) numeric evaluation and testing; this includes almost all "C" language operators for arithmetic and numeric comparison;
• UNIX-style pipelines: |;
• Subshells: ( ... );
• Command substitutions: $( ... );
• Arithmetic substitutions: $(( ... ));
• Signaling as a means of inter-process communication using the trap builtin;
• Asynchronous execution, i.e., Jobs and job control:
  • job_spec & where job_spec can be one of:
    • A simple or compound command; or
    • A job control identifier as denoted by a leading percent symbol: %1 &;
• A shell portability mode where command lines can be interpreted in conformance with the POSIX standard;
• Command parsing:
  • Comments are ignored, from an unquoted # (hash) to the end of the same line;

^[49]

• • Commands are parsed one line at a time:
    • Control structures are honored, and
    • Backslash \ escapes are also honored at the ends of lines;
  • Split into words (i.e., word splitting) according to quoting rules,
    • Including ANSI-C quoting $'...';
  • Seven kinds of expansions are performed in the following order on the resulting string:
    • (Step 1) Brace expansion kernel{-headers},
    • (Step 2) Tilde expansion ~,
    • (Step 3) In a left-to-right fashion:
      • Parameter and variable expansion $foo or ${bar}, including
        • Dynamically scoped variables,
        • Indexed arrays of unlimited size,
        • Associative arrays via declare -A, and
        • Expansion syntaxes which can perform some tasks more quickly than external utilities, including, among others:
          • Pattern Substitution
            • ${foo//x/y} for sed 's/x/y/g',
          • Remove Matching Prefix or Suffix Pattern
            • ${bar##[a-zA-Z0-9]*} for cut -c8-,
          • Enumerate Array Keys
            • ${!array[@]}, and
          • Display Error if Null or Unset
            • ${var:?error message},
      • Command substitution: $( ... ),
      • Process substitution, <() or >(), when a system supports it:
      • Arithmetic expansion, (( ... )) or $(( ... )), including
        • Integer arithmetic in any base from two to sixty-four, although
        • Floating-point arithmetic is not available from within the shell itself (for this functionality, see current versions of bc and awk, among others),
    • (Step 4) Word splitting (again),
    • (Step 5) Pathname expansion, i.e., shell-style globbing and pattern matching using *, ?, [...], and
      • (Although they can be used in conjunction, the use of brackets in pattern matching, [...], and the use of brackets in the testing commands, [ and [[ ... ]], are each one different things.)
    • Quote removal;
  • Redirections of Standard Input, Standard Output and Standard Error data streams are performed, including
    • File writing, >, and appending, >>,
    • Here documents, <<,
    • Here strings, <<<, which allow parameters to be used as input, and
    • A redirection operator, >|, which can force overwriting of a file when a shell's noclobber setting is enabled;
  • Command name lookup is performed, in the following order:
    • Commands internal to the shell:
      • Shell aliases,
      • Shell reserved words,
      • Shell functions, and
      • Shell built-in commands;
    • Commands external to the shell:
      • Separate UNIX-style programs such as ls or ln, and
      • Shell scripts, which are files containing executable commands. (Shell scripts do not require compilation before execution and, when certain requirements are met, can be invoked as commands by using their filename.)
  • The resulting string is executed as a command.

Bash also offers...

• Configurable execution environment(s):^[50]
  • Shell and session startup files such as ~/.bashrc and ~/.profile (i.e., dotfiles);
  • Settings (set built-in) and shell options (shopt built-in) which alter shell behavior;
• Support for Unicode;
• With interactive invocation only,
  • Unlimited size command history,
  • A directory stack (see pushd and popd built-ins),
  • Tab completion,
  • Configurable prompts, and
  • Command line editing with GNU readline;
• Lightweight logging for debugging purposes (xtrace), and other lightweight debugging options (errexit, noexec, nounset, pipefail, etc.);
• Shell compatibility modes: bash 5.1 can operate as if it were bash 4.2, etc.;
• Various Built-In Commands:
  • cd
  • pwd
• Documentation:
  • A built-in help command.
  • A man page, and
  • An info page which is the same as the GNU manual;
• Informal avenues of support via:
  • IRC at libera.chat #bash
  • Mailing lists at Bash - GNU Project - Free Software Foundation

General discussion

The Bash command syntax is a superset of the Bourne shell command syntax. Bash supports brace expansion,^[51] command line completion (Programmable Completion),^[52] basic debugging^[53][54] and signal handling (using trap) since bash 2.05a^[55][56] among other features. Bash can execute the vast majority of Bourne shell scripts without modification, with the exception of Bourne shell scripts stumbling into fringe syntax behavior interpreted differently in Bash or attempting to run a system command matching a newer Bash builtin, etc. Bash command syntax includes ideas drawn from the Korn Shell (ksh) and the C shell (csh) such as command line editing, command history (history command),^[57] the directory stack, the $RANDOM and $PPID variables, and POSIX command substitution syntax $(...).

When a user presses the tab key within an interactive command-shell, Bash automatically uses command line completion, since beta version 2.04,^[58] to match partly typed program names, filenames and variable names. The Bash command-line completion system is very flexible and customizable, and is often packaged with functions that complete arguments and filenames for specific programs and tasks.

Bash's syntax has many extensions lacking in the Bourne shell. Bash can perform integer calculations ("arithmetic evaluation") without spawning external processes. It uses the ((...)) command and the $((...)) variable syntax for this purpose. Its syntax simplifies I/O redirection. For example, it can redirect standard output (stdout) and standard error (stderr) at the same time using the &> operator. This is simpler to type than the Bourne shell equivalent 'command > file 2>&1'. Bash supports process substitution using the <(command) and >(command)syntax, which substitutes the output of (or input to) a command where a filename is normally used. (This is implemented through /proc/fd/ unnamed pipes on systems that support that, or via temporary named pipes where necessary).

When using the 'function' keyword, Bash function declarations are not compatible with Bourne/Korn/POSIX scripts (the KornShell has the same problem when using 'function'), but Bash accepts the same function declaration syntax as the Bourne and Korn shells, and is POSIX-conformant. Because of these and other differences, Bash shell scripts are rarely runnable under the Bourne or Korn shell interpreters unless deliberately written with that compatibility in mind, which is becoming less common as Linux becomes more widespread. But in POSIX mode, Bash conforms with POSIX more closely.^[59]

Bash supports here documents. Since version 2.05b Bash can redirect standard input (stdin) from a "here string" using the <<< operator.

Bash 3.0 supports in-process regular expression matching using a syntax reminiscent of Perl.^[60]

In February 2009,^[61] Bash 4.0 introduced support for associative arrays.^[4] Associative array indices are strings, in a manner similar to AWK or Tcl.^[62] They can be used to emulate multidimensional arrays. Bash 4 also switches its license to GPL-3.0-or-later.^[63]

Bash supplies "conditional execution" command separators that make execution of a command contingent on the exit code set by a precedent command. For example:

cd "$SOMEWHERE" && ./do_something || echo "An error occurred" >&2

Where ./do_something is only executed if the cd (change directory) command was "successful" (returned an exit status of zero) and the echo command would only be executed if either the cd or the ./do_something command return an "error" (non-zero exit status).

For all commands the exit status is stored in the special variable $?. Bash also supports if ...;then ...;else ...;fi and case $VARIABLE in $pattern)...;;$other_pattern)...;; esac forms of conditional command evaluation.

Process management (a.k.a., "job control")

The Bash shell has two modes of execution for commands: batch (asynchronous), and concurrent (synchronous).

To execute commands in batch mode (i.e., in sequence) they must be separated by the character ";", or on separate lines:

command1; command2
command3

In this example, when command1 is finished, command2 is executed, and when command2 has completed, command3 will execute.

A background execution of command1 can occur using (symbol &) at the end of an execution command, and process will be executed in background while immediately returning control to the shell and allowing continued execution of commands.

command1 &

Or to have a concurrent execution of command1 and command2, they must be executed in the Bash shell in the following way:

command1 & command2

In this case command1 is executed in the background & symbol, returning immediately control to the shell that executes command2 in the foreground.

A process can be stopped and control returned to bash by typing Ctrl+z while the process is running in the foreground.^[64]

A list of all processes, both in the background and stopped, can be achieved by running jobs:

$ jobs
[1]-  Running                  command1 &
[2]+  Stopped                  command2

In the output, the number in brackets refers to the job id. The plus sign signifies the default process for bg and fg. The text "Running" and "Stopped" refer to the process state. The last string is the command that started the process.

The state of a process can be changed using various commands. The fg command brings a process to the foreground, while bg sets a stopped process running in the background. bg and fg can take a job id as their first argument, to specify the process to act on. Without one, they use the default process, identified by a plus sign in the output of jobs. The kill command can be used to end a process prematurely, by sending it a signal. The job id must be specified after a percent sign:

kill %1

Portability with POSIX

Invoking Bash with the --posix option or stating set -o posix in a script causes Bash to conform very closely with the POSIX 1003.2 standard.^[65] Bash shell scripts intended for portability should take into account at least the POSIX shell standard. Some bash features not found in POSIX are:^[65][66]

• Certain extended invocation options
• Brace expansion
• Arrays and associative arrays
• The double bracket [[...]] extended test construct and its regex matching
• The double-parentheses arithmetic-evaluation construct (only (( ... )); $(( ... )) is POSIX)
• Certain string-manipulation operations in parameter expansion
• local for scoped variables
• Process substitution
• Bash-specific builtins
• Coprocesses
• $EPOCHSECONDS and $EPOCHREALTIME variables^[67]

If a piece of code uses such a feature, it is called a "bashism" – a problem for portable use. Debian's checkbashisms and Vidar Holen's shellcheck can be used to make sure that a script does not contain these parts.^[68][69] The list varies depending on the actual target shell: Debian's policy allows some extensions in their scripts (as they are in the dash shell),^[66] while a script intending to support pre-POSIX Bourne shells, like autoconf's configure, are even more limited in the features they can use.^[70]

Brace Expansion

Brace expansion, also called alternation, is a feature copied from the C shell. It generates a set of alternative combinations. Generated results need not exist as files. The results of each expanded string are not sorted and left to right order is preserved:

$ echo a{p,c,d,b}e
ape ace ade abe
$ echo {a,b,c}{d,e,f}
ad ae af bd be bf cd ce cf

Users should not use brace expansions in portable shell scripts, because the Bourne shell does not produce the same output.

$ # bash shell
$/bin/bash -c 'echo a{p,c,d,b}e'
ape ace ade abe
$ # A traditional shell does not produce the same output
$ /bin/sh -c 'echo a{p,c,d,b}e'
a{p,c,d,b}e

When brace expansion is combined with wildcards, the braces are expanded first, and then the resulting wildcards are substituted normally. Hence, a listing of JPEG and PNG images in the current directory could be obtained using:

ls *.{jpg,jpeg,png}    # expands to *.jpg *.jpeg *.png – after which,
                       # the wildcards are processed
echo *.{png,jp{e,}g}   # echo just shows the expansions –
                       # and braces in braces are possible.

In addition to alternation, brace expansion can be used for sequential ranges between two integers or characters separated by double dots. Newer versions of Bash allow a third integer to specify the increment.

$ echo {1..10}
1 2 3 4 5 6 7 8 9 10
$ echo {01..10}
01 02 03 04 05 06 07 08 09 10
$ echo file{1..4}.txt
file1.txt file2.txt file3.txt file4.txt
$ echo {a..e}
a b c d e
$ echo {1..10..3}
1 4 7 10
$ echo {a..j..3}
a d g j

When brace expansion is combined with variable expansion (A.K.A. parameter expansion and parameter substitution) the variable expansion is performed after the brace expansion, which in some cases may necessitate the use of the eval built-in, thus:

$ start=1; end=10
$ echo {$start..$end} # fails to expand due to the evaluation order
{1..10}
$ eval echo {$start..$end} # variable expansion occurs then resulting string is evaluated
1 2 3 4 5 6 7 8 9 10

Configurable execution environment(s)

Shell and session startup Files (a.k.a., "dot files")

When Bash starts, it executes the commands in a variety of dot files.^[71] Unlike Bash shell scripts, dot files do typically have neither the execute permission enabled nor an interpreter directive like #!/bin/bash.

Legacy-compatible Bash startup example

The example ~/.bash_profile below is compatible with the Bourne shell and gives semantics similar to csh for the ~/.bashrc and ~/.bash_login. The [ -r filename ] && cmd is a short-circuit evaluation that tests if filename exists and is readable, skipping the part after the && if it is not.

[ -r ~/.profile ] &&. ~/.profile             # set up environment, once, Bourne-sh syntax only
if [ -n "$PS1" ]; then                       # are we interactive?
   [ -r ~/.bashrc     ] &&. ~/.bashrc        # tty/prompt/function setup for interactive shells
   [ -r ~/.bash_login ] &&. ~/.bash_login    # any at-login tasks for login shell only
fi                                            # End of "if" block

Operating system issues in Bash startup

Some versions of Unix and Linux contain Bash system startup scripts, generally under the /etc directory. Bash executes these files as part of its standard initialization, but other startup files can read them in a different order than the documented Bash startup sequence. The default content of the root user's files may also have issues, as well as the skeleton files the system provides to new user accounts upon setup. The startup scripts that launch the X window system may also do surprising things with the user's Bash startup scripts in an attempt to set up user-environment variables before launching the window manager. These issues can often be addressed using a ~/.xsession or ~/.xprofile file to read the ~/.profile — which provides the environment variables that Bash shell windows spawned from the window manager need, such as xterm or Gnome Terminal.

Settings and shell options

The set built-in

• Xtrace: [ set -x | set -o xtrace ]

The shell's primary means of debugging. Both xtrace and verbose can be turned off at the same time with the command set -.

• Verbose: [ set -v | set -o verbose ]

Prints a command to the terminal as Bash reads it. Bash reads constructs all at once, such as compound commands which include if-fi and case-esac blocks. If a set -v is included within a compound command, then "verbose" will be enabled the next time Bash reads code as input, i.e., after the end of the currently executing construct.^[72] Both xtrace and verbose can be turned off at the same time with the command set -.

The shopt built-in

• expand-aliases

On by default in interactive shells. Some developers discourage its use in scripts.

Programmable completion

Bash supports programmable completion via built-in complete, compopt, and compgen commands.^[73] The feature has been available since the beta version of 2.04 released in 2000.^[58][74] These commands enable complex and intelligent completion specification for commands (i.e. installed programs), functions, variables, and filenames.^[75]

The complete and compopt two commands specify how arguments of some available commands or options are going to be listed in the readline input. As of version 5.1 completion of the command or the option is usually activated by the Tab ↹ keystroke after typing its name.^[75]

Keyboard shortcuts with Readline

Main article: GNU Readline

Bash uses GNU Readline to provide keyboard shortcuts for command line editing using the default (Emacs) key bindings. Vi-bindings can be enabled by running set -o vi.^[76]

Documentation

As the standard upon which bash is based, the POSIX Standard, or IEEE Std 1003.1,^[77] et seq, is especially informative.

The Linux "man page"^[78][79] is intended to be the authoritative explanatory technical document for the understanding of how bash operates. It is usually available by running man bash.

The GNU manual is sometimes considered more user-friendly for reading. "You may also find information about Bash by running info bash ... or by looking at /usr/share/doc/bash/, /usr/local/share/doc/bash/, or similar directories on your system. A brief summary is available by running bash --help.^[80]

" If a user invoke RUNCOM without any arguments it prints some instructions on how to use it and stops, returning the user to the supervisor's (system's) command line.(RUNCOM)"

On modern Linuxes, information on shell built-in commands can be found by executing help, help [built-in name] or man builtins at a terminal prompt where bash is installed. Some commands, such as echo, false, kill, printf, test or true, depending on your system and on your locally installed version of bash, can refer to either a shell built-in or a system binary executable file. When one of these command name collisions occurs, bash will by default execute a given command line using the shell built-in. Specifying a binary executable's absolute path (i.e., /bin/printf) is one way of ensuring that the shell uses a system binary. This name collision issue also effects any "help summaries" viewed with kill --help and /bin/kill --help. Shell built-ins and system binary executable files of the same name often have differing options.

"The project maintainer also has a Bash page which includes Frequently Asked Questions",^[81][80] this FAQ is current as of bash version 5.1 and is no longer updated.

Security and vulnerabilities

Root scripts

Running any shell scripts as the root user has, for years, been widely criticized as poor security practice. One commonly given reason is that, when a script is executed as root, the negative effects of any bugs in a script would be magnified by root's elevated privileges.

One common example: a script contains the command, rm -rf ${dir}/, but the variable $dir is left undefined. In Linux, if the script was executed by a regular user, the shell would attempt to execute the command rm -rf / as a regular user, and the command would fail. However, if the script was executed by the root user, then the command would likely succeed and the filesystem would be erased.

It is recommended to use sudo on a per-command basis instead.

Debugging

Bash features which can be useful during debugging.

Feature			POSIX 2024	Description	Bash ver.
Grammar type	Formal name	Syntax
Parameter Expansions	Indicate Null or Unset	"${parameter:?[word]}"	Yes	"Where the expansion of [word], perhaps an error message or a line number, is written to STDERR and the shell exits with a non-zero exit code."	?
Special Parameters	Exit Status	"$?"	Yes	"Expands to the shortest representation of the decimal exit status."	?
Special Parameters	PID of Invoked Shell	"$$"	Yes	"Expands to the shortest representation of the decimal process ID of the invoked shell."	?
Special Built-In Utility	set :: xtrace	set -x	Yes	The shell's primary means of debugging. It "writes to standard error a trace for each command after it expands the command and before it executes it."	?
Special Built-In Utility	set :: verbose	set -v	Yes	"Writes its input to standard error as it is read."	?
Special Built-In Utility	set :: pipefail	set -o pipefail	Yes	"Derive the exit status of a pipeline from the exit statuses of all of the commands in the pipeline, not just the last (rightmost) command."	?
Special Built-In Utility	set :: nounset	set -u	Yes	When enabled, will cause the shell to exit with an error message when it encounters an unset variable expansion. Its use has a number of counter-intuitive pitfalls.	?
Special Built-In Utility	set :: errexit	set -e	Yes	ErrExit, is a setting that, when enabled, will, under certain very specific conditions, cause the shell to exit without an error message whenever the shell receives a non-zero exit code. Its use is somewhat controversial, to the extent that any somewhat obscure computer program can be considered controversial. Adherents claim that ErrExit provides an assurance of verifiability in situations where shell scripts "must not fail." However, opponents claim that its use is unreliable, deceptively simple, highly counter-intuitive, rife with gotchas and pitfalls, and in essence "security theater." Numerous developers of Bash have strongly discouraged the use of this particular setting.	?
Special Built-In Utility	trap :: EXIT	trap '[arg]' EXIT	Yes	"If a [sigspec] (signal specifier) is 0 or EXIT, [arg] is executed when the shell exits." If [arg] contains expansions, then [arg] should be in single quotes.	?
Utility	printf	printf '<%s>\n' "${var}"	Yes	A means of reliably printing the contents of a variable.	?
Bash Variables	BASHPID	"${BASHPID}"	No	"Expands to the process ID of the current bash process."[82]	?
Bash Variables	BASH_ARGC	"${BASH_ARGC[@]}"	No	"An array variable whose values are the number of parameters in each frame of the current bash execution call stack."[83]	?
Bash Variables	BASH_ARGV	"${BASH_ARGV[@]}"	No	"An array variable containing all of the parameters in the current bash execution call stack."[84]	?
Bash Variables	BASH_LINENO	"${BASH_LINENO[@]}"	No	"An array variable whose members are the line numbers in source files where each corresponding member of FUNCNAME was invoked."[85]	?
Bash Variables	BASH_REMATCH	"${BASH_REMATCH[@]}"	No	"An array variable whose members are assigned by the =~ binary operator to the [[ conditional command."[86]	?
Bash Variables	BASH_SOURCE	"${BASH_SOURCE}"	No	"An array variable whose members are the source filenames where the corresponding shell function names in the FUNCNAME array variable are defined."[87]	?
Bash Variables	BASH_XTRACEFD	"${BASH_XTRACEFD}"	No	"If set to an integer corresponding to a valid file descriptor, Bash will write the trace output generated when ‘set -x’ is enabled to that file descriptor."[88]	?
Bash Variables	EPOCHREALTIME	"${EPOCHREALTIME}"	No	"Each time this parameter is referenced, it expands to the number of seconds since the Unix Epoch (see time(3)) as a floating point value with micro-second granularity."[89]	?
Bash Variables	FUNCNAME	"${FUNCNAME[@]}"	No	"An array variable containing the names of all shell functions currently in the execution call stack."[90]	?
Bash Variables	LINENO	"${LINENO}"	No	"Each time this parameter is referenced, the shell substitutes a decimal number representing the current sequential line number (starting with 1) within a script or function."[91]	?
Bash Variables	PIPESTATUS	"${PIPESTATUS[@]}"	No	"An array variable containing a list of exit status values from the processes in the most-recently-executed foreground pipeline (which may contain only a single command)."[92]	?
Bash Variables	PPID	"${PPID}"	No	"The process ID of the shell's parent."[93]	?
Bash Variables	PS4	"${PS4}"	No	"The value of this parameter is expanded as with PS1 and the value is printed before each command bash displays during an execution trace."[94]	?
Shell Builtin	set :: restricted	set -r	No	Restricted mode is intended to improve the security of an individual shell instance from a malicious human with physical access to a machine. As threat models have changed, it has become less commonly used now than it once was.	?
Shell Builtin	shopt :: extdebug	shopt -s extdebug	No	"Behavior intended for use by debuggers."	?
Shell Builtin	trap :: DEBUG	trap '[arg]' DEBUG	No	"If a sigspec is DEBUG, the command arg is executed before" certain kinds of commands.	?
Shell Builtin	trap :: ERR	trap '[arg]' ERR	No	"If a sigspec is ERR, the command arg is executed whenever..." certain kinds of commands "return a non-zero exit status", subject to similar restrictions as with ErrExit.	?
Shell Builtin	trap :: RETURN	trap '[arg]' RETURN	No	"If a sigspec is RETURN, the command arg is executed each time a shell function or a script executed with the. or source builtins finishes executing."	?

• Shell features specified by POSIX:
  • Parameter Expansions:^[95]
  • Special Parameters:^[96][97]
  • Special Built-In Utility set:^[98][99]
  • Special Built-In Utility trap [-lp] [arg] [sigspec …]:^[100][99]
  • Utility printf: a means of reliably printing the contents of a variable:
• Bash features not specified by POSIX:
  • Bash Variables:^[101][102]
  • Shell Builtin set:^[98][99]
  • Shell Builtin shopt:^[103][99]
  • Shell Builtin trap [-lp] [arg] [sigspec …]:^[100][99] While POSIX does specify certain uses of the trap builtin, the following signal specs are Bash extensions.
• Third party debugging utilities:
  • ShellCheck: Shell script analysis tool;^[104][69]
  • devscripts-checkbashisms: Check whether a /bin/sh script contains any common bash-specific constructs;^[105][68]
  • kcov: Code coverage tool without special compilation options;^[106]
  • Bashdb: The Bash symbolic debugger.^[107][108]

Examples

With the :? parameter expansion, an unset or null variable can halt a script.

• ex.sh

  #!/bin/bash
  bar="foo is not defined"
  echo "${foo:?$bar}"
  echo this message doesn't print
  

  $ ./ex.sh
  ./ex.sh: line 3: foo: foo is not defined
  

Reliably printing the contents of an array that contains spaces and newlines first in a portable syntax, and then the same thing in Bash. Note that POSIX doesn't have named array, only the list of arguments, "$@", which can be re-set by the set builtin.

$ # In POSIX shell:
$ set -- "a" " b" " 
>  c "
$ printf ',%s,\n' "$@"
,a,
, b,
,
 c,

Note that in Bash, the number of spaces before the newline is made clear.

$ # In Bash:
$ array=( "a" " b" " 
>  c " )
$ declare -p array
declare -a array=([0]="a" [1]=" b" [2]=$' \n c ')

Printing an error message when there's a problem.

• error.sh

  if ! lsblk | grep sdb
  then
    echo Error, line $LINENO
  fi
  

  $ ./error.sh
  Error, line 130
  

Using xtrace. If errexit had been enabled, then echo quux would not have been executed.

• test.sh

  #!/bin/bash
  set -x
  foo=bar; echo $foo
  false
  echo quux
  

  $ ./test.sh
  + foo=bar
  + echo bar
  bar
  + false
  + echo quux
  quux
  

Deprecated syntax

• Back-tick style command substitutions: `...` is deprecated in favor of $(...);
• Use of -a or -o in test/[/[[ commands,
  • for example, [ -r ./file -a ! -l ./file ] is deprecated in favor of [ -r ./file ] && ! [ -l ./file ];
• Use of the arithmetic syntax $[...] is deprecated in favor of $((...)) or ((...)), as appropriate;
• Use of ^ as a pipeline is deprecated in favor of |;
• Any uses of expr or let.

Shellshock

In September 2014, a security bug was discovered^[109] in the program. It was dubbed "Shellshock." Public disclosure quickly led to a range of attacks across the Internet.^{[110][111][112]}

Exploitation of the vulnerability could enable arbitrary code execution in CGI scripts executable by certain versions of Bash. The bug involved how Bash passed function definitions to subshells through environment variables.^[113] The bug had been present in the source code since August 1989 (version 1.03)^[114] and was patched in September 2014 (version 4.3).

Patches to fix the bugs were made available soon after the bugs were identified. Upgrading to a current version is strongly advised.

It was assigned the Common Vulnerability identifiers CVE-2014-6271, CVE-2014-6277 and CVE-2014-7169, among others. Under CVSS Metrics 2.x and 3.x, the bug is regarded as "high" and "critical", respectively.

Bug reporting

"bashbug" redirects here. For the widely reported September 2014 bug found in Bash, see Shellshock (software bug).

An external command called bashbug reports Bash shell bugs. When the command is invoked, it brings up the user's default editor with a form to fill in. The form is mailed to the Bash maintainers (or optionally to other email addresses).^[115][116]

See also

• Free and open-source software portal

• Comparison of command shells
• Multics § Commands, exec_com: the first command processor.^[117]

Unix shells

• Almquist shell (ash)
• Bourne shell (sh)
• BusyBox
• C shell (csh)
• Debian-Almquist Shell (dash)
• Fish shell: Friendly Interactive Shell
• Google Shell (goosh) – a UNIX-like front-end for Google Search.
• Korn shell (ksh), of which there are numerous variations.
• nsh – "A command-line shell like fish, but POSIX compatible"; available on Arch.^[118]
• osh – "Oil Shell is a Bash-compatible UNIX command-line shell"; available on Arch.
• Mashey or Programmer's Workbench shell
• Qshell for IBM i
• rc from Plan 9
• RUNCOM
• rush – Restricted User Shell, available on Debian.^[26]
• Stand-alone shell (sash)
• scsh – The Scheme Shell.
• TENEX C shell (tcsh)
• Thompson shell (tsh)
• Toybox
• yash – Yet Another Shell, aims "to be the most POSIX-compliant shell in the world"; available on Arch.
• Z shell (zsh)

Further reading

• Pouzin, Louis (2 April 1965). "The SHELL: A Global Tool for Calling and Chaining Procedures in the System" (PDF). mit.edu. MIT. Retrieved 5 January 2024.
• Stephenson, Neal (2003). In the Beginning... Was the Command Line. HarperCollins. ISBN 978-0380815937.
• "Evolution of shells in Linux". IBM. Retrieved 19 May 2024.
• "Scripting Reference :: Scripting with the Bourne-Again Shell (Bash)". berkeley.edu. Retrieved 19 May 2024.
• "IRIS :: Instructional & Research Information Systems :: FAQ: Unix :: About UNIX Shells". berkeley.edu. Retrieved 19 May 2024.
• "Learning the Bash Shell, 2e". Retrieved 14 January 2025. This book describes the latest release of bash 2.0 (version 2.01, dated June 1997).
• "Apple Developer, Documentation Archive, Shell Style Guide". Retrieved 20 January 2025. Copyright © 2003, 2014 Apple Inc. All Rights Reserved. ... Updated: 2014-03-10
• "Google, Shell Style Guide". Retrieved 20 January 2025.