Skip Navigation

General Advice for shell scripts

What do you advice for shell usage?

  • Do you use bash? If not, which one do you use? zsh, fish? Why do you do it?
  • Do you write #!/bin/bash or #!/bin/sh? Do you write fish exclusive scripts?
  • Do you have two folders, one for proven commands and one for experimental?
  • Do you publish/ share those commands?
  • Do you sync the folder between your server and your workstation?
  • What should've people told you what to do/ use?
  • good practice?
  • general advice?
  • is it bad practice to create a handful of commands like podup and poddown that replace podman compose up -d and podman compose down or podlog as podman logs -f --tail 20 $1 or podenter for podman exec -it "$1" /bin/sh?

Background

I started bookmarking every somewhat useful website. Whenever I search for something for a second time, it'll popup as the first search result. I often search for the same linux commands as well. When I moved to atomic Fedora, I had to search for rpm-ostree (POV: it was a horrible command for me, as a new user, to remember) or sudo ostree admin pin 0. Usually, I bookmark the website and can get back to it. One day, I started putting everything into a .bashrc file. Sooner rather than later I discovered that I could simply add ~/bin to my $PATH variable and put many useful scripts or commands into it.

For the most part I simply used bash. I knew that you could somehow extend it but I never did. Recently, I switched to fish because it has tab completion. It is awesome and I should've had completion years ago. This is a game changer for me.

I hated that bash would write the whole path and I was annoyed by it. I added PS1="$ " to my ~/.bashrc file. When I need to know the path, I simply type pwd. Recently, I found starship which has themes and adds another line just for the path. It colorizes the output and highlights whenever I'm in a toolbox/distrobox. It is awesome.

69 comments
  • I use bash for scripts almost exclusively even though i use zsh interactively (startup scripts for zsh are an obvious exception).

    The vast majority of my scripts start with

     undefined
        
      set -e -u
    
    
      

    which makes the script exit if a command (that is not in a few special places like an if) exits with an error status code and also complains about unbound variables when you use them.

    Use

     undefined
        
    bash -n
    
    
      

    and

     undefined
        
    shellcheck
    
    
      

    to test your script for errors and problems if you try it.

    Always use curly braces for variables to avoid issues with strings after the variable name being interpreted as part of the variable name.

    Always use 10# before numbers in $(()) expressions to avoid leading zeroes turning your decimal number variables into octal ones.

    Always use

     undefined
        
    while read -r foo
    do
    ...
    done < <(command ...)
    
      

    instead of

     undefined
        
    command ... | while read -r foo
    do
    ...
    done
    
    
      

    to avoid creating a subshell where some changes you make will not affect your script outside the loop.

    In

     undefined
        
    while read -r foo
    do
    ...
    done < ...
    
    
      

    loops always make sure you redirect all stdin from /dev/null or otherwise close it with suitable parameters or the content of your loop will eat some of the lines you meant for the read. Alternatively fill a bash array in the loop and then use a for loop to call your commands and do more complex logic.

    When using temporary directories or similar resources use

     undefined
        
    cleanup()
    {
     ...
    }
    trap cleanup EXIT
    
    
      

    handlers to clean up after the script in case it dies or is killed (by SIGTERM or SIGINT,...; obviously not SIGKILL).

    When writing scripts for cronjobs take into account that the environment (PATH In particular) might be more limited. Also take into account that stderr output and non-zero exit status can lead to an email about the cronjob.

    Use pushd and popd instead of cd (especially cd ..), redirect their output to /dev/null. This will prevent your scripts from accidentally running later parts of the script in a wrong directory.

    There are probably many other things to consider but that is just standard stuff off the top of my head.

    If you do need any sort of data structure and in particular arrays of data structures use a proper programming language. I would recommend Rust since a compiled language is much easier to run on a variety of systems than the Python so many others here recommend, especially if you need to support the oldest supported version of an OS and the newest one at the same time.

    • Fish. Much, much saner defaults.
    • I am writing #!/usr/bin/env sh for dead simple scripts, so they will be a tiny bit more portable and run a tiny bit faster. The lack of arrays causes too much pain in longer scripts. I would love to use Fish, but it lacks a strict mode.
    • No, why would I?
    • I used to share all my dotfiles, scripts included, but I was too afraid that I would publish some secrets someday, so I stopped doing that. For synchronizing commands, aliases and other stuff between computers I use Chezmoi.
    • To use Fish instead of fighting with start up time of Zsh with hundreds of plugins
    • Always use the so-called "strict mode" in Bash, that is, the set -euo pipefail line. It will make Bash error on non-zero exit code, undefined variables and non-zero exit codes in commands in pipe. Also, always use shellcheck. It's extremely easy to make a mistake in Bash. If you want to check the single command exit code manually, just wrap it in set +e and set -e.
    • Consider writing your scripts in Python. Like Bash, it also has some warts, but is multiplatform and easy to read. I have a snippet which contains some boilerplate like a main function definition with ArgumentParser instantiated. Then at the end of the script the main function is called wrapped in try … except KeyboardInterrupt: exit(130) which should be a default behavior.
    • Absolutely not a bad practice. If you need to use them on a remote server and can't remember what they stand for, you can always execute type some_command. Oh, and read about abbreviations in Fish. It always expands the abbreviation, so you see what you execute.
  • I use bash as my interactive shell. When ~20 years ago or so I encountered "smart" tab completion for the first time, I immediately disabled that and went back to dumb completion, because it caused multi-second freezes when it needed to load stuff from disk. I also saw it refuse to complete filenames because they had the wrong suffix. Maybe I should try to enable that again, see if it works any better now. It probably does go faster now with the SSDs.

    I tried OpenBSD at some point, and it came with some version of ksh. Seems about equivalent to bash, but I had to modify some of my .bashrc so it would work on ksh. I would just stick to the default shell, whatever it is, it's fine.

    I try to stick to POSIX shell for scripts. I find that I don't need bashisms very often, and I've used systems without bash on them. Most bash-only syntax has an equivalent that will work on POSIX sh. I do use bash if I really need some bash feature (I recently wanted to set -o pipefail, which dash cannot do apparently, and the workaround is really annoying).

    Do not use #!/bin/sh if you're writing bash-only scripts. This will break on Debian, Ubuntu, BSD, busybox etc. because /bin/sh is not bash on those systems.

    • Do not use #!/bin/sh if you’re not writing bash-only scripts

      Actually #!/bin/sh is for bourne shell compatible scripts. Bash is a superset of the bourne shell, so anything that works in bourne should work in bash as well as in other bourne compatible shells, but not vice versa. Bash specific syntax is often referred to as a "bashism", because it's not compatible with other shells. So you should not use bashisms in scripts that start with #!/bin/sh.

      The trouble is that it is very common for distros to links /bin/sh to /bin/bash, and it used to be that bash being called as /bin/sh would change its behavior so that bashisms would not work, but this doesn't appear to be the case anymore. The result is that people often write what they think are bourne shell scripts but they unintentionally sneak in bashisms... and then when those supposed "bourne shell" scripts get run on a non-bash bourne compatible shell, they fail.

  • Do you use bash? Yes because it is everywhere and available by default.

  • Yes fish is great. It has some special syntax for functions, I will add my configs soo.

    set fish_greeting is useful to silence it.

    User scripts can go to ~/.local/bin which is already in the path.

    You can split up your shell configs into topics, and put them into ~/.config/fish/conf.d/abc.conf

  • I recommend writing everything in Bourne shell (/bin/sh) for a few reasons:

    • Bash is more capable, which is nice, but if you're fiddling with complex data structures, you probably should be using a more maintainable language like Python.
    • Bash is in most places, but crucially not everywhere. Docker-based deployments for example often use Ash which is very similar to Bash, but lacks support for arrays and a few other things.
    • Bourne's limitations force you to rethink your choices regularly. If you find yourself hacking around a lack of associative arrays for example, it's probably time to switch to a proper language.

    Also two bits of advice.

    1. Use shellcheck. There's a website that'll check your script for you as well as a bunch of editor extensions that'll do it in real time. You will absolutely write better, safer code with it.
    2. If your script exceeds 300 lines. Stop and rewrite it in a proper language. Your future self will thank you.
  • A good idea i have been spreading around relevant people lately is to use ShellCheck as you code in Bash, integrate it in your workflow, editor or IDE as relevant to you (there's a commandline tool as well as being available for editors in various forms), and pass your scripts through it, trying to get the warnings to go away. That should fix many obvious errors and clean up your code a bit.

    • Do you use bash? If not, which one do you use? zsh, fish? Why do you do it?
    • Do you write #!/bin/bash or #!/bin/sh? Do you write fish exclusive scripts?

    I use bash, and I use #!/bin/bash for my scripts. Some are POSIX compliant, some have bashisms. But I really don't care about bashisms, since I explicitly set the bash as interpreter. So no, no fish exclusive scripts, but some "bash exclusive" scripts. Since fish is aimed towards being used as interactive shell I don't see a real reason to use it as interpreter for scripts anyways.

    • Do you have two folders, one for proven commands and one for experimental?
    • Do you publish/ share those commands?
    • Do you sync the folder between your server and your workstation?

    I have my scripts in $HOME/.scripts and softlink them from a directory in $PATH. Some of the scripts are versioned using Git, but the repository is private and I do not plan sharing them because the repoand the scripts scripts contain some not-tho-share information and mostly are simply not useful outside my carefully crafted and specific environment. If I want to share a script, I do it individually or make a proper public Git repository for it.

    Since my server(s) and my workstations have different use cases I do not share any configuration between them. I share some configuration between different workstations, though. My dotfiles repository is mainly there for me to keep track of changes in my dotfiles.

    is it bad practice to create a handful of commands

    It becomes bad practice if it is against your personal or corporate guidelines regarding best practices. While it is not particularly bad or insecure, etc. to create bash scripts containing a single command, maybe use an alias instead. The $1 is automatically the first parameter after typing the alias in the shell.

     bash
        
    alias podup="podman compose up -d"
    alias poddown="podman compose down"
    alias podlog="podman logs -f --tail 20"
    
      

    Not quite sure about the podman syntax, if podman exec /bin/sh -it "$1" also works, you can use alias podenter="podman exec /bin/sh -it, Otherwise a simple function would do the trick.

  • Btw, if you ever wondered why Debian uses dash as /bin/sh (the switch was a bit annoying at the time), I think the reasoning was something like this:

    • dash is a bit faster, which might have saved a second or two on boot times (this was before systemd). Same applies to compilation times, configure scripts run faster with dash.
    • A bunch of #!/bin/sh scripts in Debian did not actually work if you replaced /bin/sh with another shell, which I guess some people wanted to do. Making dash the default /bin/sh forced everyone to fix their scripts.

    Also some history on the abomination that is m4sh, famously used by GNU autoconf configure.ac scripts. Apparently when autoconf was released in 1991, there were still some Unix systems that shipped some 70s shells as the default /bin/sh. These shells do not support shell functions, which makes creating any sort of shell programming library pretty much impossible (I guess you could make a folder full of scripts instead of functions). They decided to use m4 preprocessor macros instead, as a sort of poor man's replacement for functions.

    In hindsight, it wish they had told commercial Unix sysadmins to install a proper /bin/sh or gtfo. But the GNU people thought it was important to make it as easy as possible to install free software even on commercial Unices.

69 comments