Michael MusickCSC 415

BASHBOURNE AGAIN SHELL

A Brief History of bash

Language was named in tribute to Steve Bourne’s shell Brian Fox wrote the first versions of bash Official release date – January 10, 1988 Chet Ramey took over as the lead bash developer in

1993 He still maintains bash today up to its most recent 4.3

release Bash was created for use in the GNU project

Shell Shock!

Earlier this year a bash bug was discovered and then named shell shock

Roughly 25 years worth of bash versions affected by this Bug allows remote attackers to execute arbitrary code

This has been referred to as a cod injection attack

What does this mean?

An attacker can execute any shell command they want This bug left any system with bash on it vulnerable to this

type of attack An attacker with enough time could do whatever they

wanted to do Shell Shock has already been patched and is no longer a

concern

Actual BASH stuff (Variables)

Declaring variables in bash is simple COLOR=“black” NUMBER=“9”

Note the lack of spaces, this is required WRONG: color = “black” NOPE: number= “9” To see what is stored inside a variable a user can use $ to get

the content of a variable Echo “This is a string: $color” Echo “This is a number: $number”

More on variables

Even though all capital letters were used to declare the variables this is not required, it does help improve readability

Bash is case sensitive so how the variables are declared does matter

Scoping of bash

It’s a very basic concept with in bash All variables by default are treated as global variables

unless stated otherwise NUM=42 – global variable Local NUM=42 – local variable Global NUM=42 – global variable (why is this important?)

Why that last example was important

All variables with in any function are invisible outside the body of the function until that function is called

Local variables are treated the same way, global is a work around of that feature

Data Types

There are only 4 data types in bash (really?) Yes only 4

Strings Integers Constants Arrays

Every single variable is treated at a string until it is needed (wat?)

Data Types (continued)

Bash has a 50/50 shot at guessing what data type is needed for that variable if you look at the options

To declare an array – Unix[0]=‘Ubuntu’ Declare –a example=(‘Ubuntu’ ‘debian’)

To declare a constant – declare –r constant=“variable” 2 of the 4 data types have unique declarations leaving the

interpreter 2 options for what type of data type is needed for regular variables

How can I look at an array?

Simple…sort of echo ${example[@]} – this will display all elements of an array

${#example[@]} – this gives the length of an array Replace the @ with a numeric value to see a specific part

of an array The array index with bash starts at 0

Look at this neat trick!

Want to combine arrays? It is possible to concatenate two arrays into a single one!

How? LIKE THIS – Unixexample=(“${Unix[@]}” “${example[@]}”) The new array now all elements of both starting with the first

one entered into the command This array is called Unixexample

Last bit on array (tiny slide)

Where is all the cool info on multidimensional arrays? Bash does not have multidimensional arrays It is possible to “simulate” a multidimensional array but

unless you are Conal you do not want to go down that road.

Declare feature

A feature unique to bash is called the declare feature (it has a longer name “built in declare feature” its simpler to just shorten it up)

We have already seen declare –a used to declare an array and declare –r to declare a constant but there are many more such as declare –I to declare an integer

This feature is a work around for the previously mentioned trait where bash treats all variables as strings until otherwise mentioned

Expressions and Assignment Statements

Operator precedence is simple – left to right and basic order of operations (multiply, divide, add, then subtract)

Compound logical operators like && (and) || (or) have low precedence

Even though bash is a very basic language it still has all the neat expressions and assignment statements such as << >> (left and right shift) Var++ ++var (post and pre increment and decrement) Combination assignments (*=, +=, -= etc.)

File Testing

File test operators in bash check files to see if they contain certain properties

Examples: -f checks to see if the file is a regular file and not a directory or device file -x checks to see if the file has execute permission

There are a lot of these operators and are declared as such –xzvf then when the script executes it will run each of the checks present in the delcaration

Misc. stuff

Operator overloading is common in most modern languages but is not supported by bash

Due to the extremely limited data types in bash type conversion has not been implemented

Mixed mode assignments is not supported for the same reason

Statement Level Control Structures

If statements and for loops are pretty standard practice in comparison to other languages Example!if[ $1 –eq2 ]; then

return 1

Elif[ $(($1%2)) –eq0]; then

return 0

Else

For(( d=3; d*d <= $1; d+=2 )); do

if[ $(($1%$d)) –eq 0 ]; then

return 0

fi

Done

Return1

fi

I found where the semicolons went!

The semicolons indicate the end of the conditional part of the statement

Fi found at the end of the if statement is used to end if statements (if spelled backwards…duh right?)

Case statements do the same thing: esac (awful!) Bash contains all the control statements and loops found it

most other languages While loops If statements For loops

Subprograms

Subprograms are super simple with bash They are functions created within a bash script and run

their parameters when ever they are called These are obviously essential for the larger programs and

bash scripts

Hello World (a bit late)

#!/bin/bash

Function quit {

Exit

}

Function e {

Echo $1

}

E Hello

E World

quit

Issues with bash

Object oriented programming – not supported Abstract data types – not supported Encapsulation constructs – not supported Concurrency – not supported Exception and event handling – not supported

Evaluation

Readability Not too hard to read Strange syntax but easy to figure out even for newcomers

Writability Complex and strange rules make it difficult Strange spacing requirements make it easy to mess up

Reliability Aside from shell shock bash has been a pretty useful language

Cost?

Most of the software required to write and run bash scripts is free thanks to the GNU project

Cost of training or learning the language (tldp.org makes it free)

ITS ALL FREE!

Questions?