SlideShare a Scribd company logo

Beautiful Bash: Let's make reading and writing bash scripts fun again!

Aaron Zauner
Aaron Zauner

This document discusses Beautiful Bash, a community-driven effort to promote best practices for writing Bash scripts. It outlines common bad coding styles, recommends modern approaches like testing and linting, and aims to create a definitive style guide through community contributions. The presenter argues that Bash is still widely used and can be developed defensively through techniques like testing, error handling, and modular functions.

1 of 32
Downloaded 85 times
Beautiful Bash: A community driven effort Lets make reading & writing Bash scripts fun again! Aaron Zauner azet@azet.org lambda.co.at: Highly-Available, Scalable & Secure Distributed Systems DevOps/Security Meetup Vienna - 17/12/2014
Introduction Working towards a community style guide Doing it wrong Modern Bash scripting (Welcome to 2014!) Conclusion
Caveat Emptor I’m not endorsing Bash for large-scale projects, difficult or performance critical tasks. If your project needs to talk to a database, object store, interact with a filesystem or dynamically handle block devices - you SHOULD NOT use Bash in the first place. You can. But you’ll regret it - I speak from years of experience doing completely insane stuff in Bash for fun (certainly not for profit). Bash is useful for one thing and one thing only: as glue! ..and it’s the glue that holds Linux distributions, Embedded Appliances and even Commercial networking gear together - so you better use the best glue on the market, right? DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 1/30
Do we really need another style guide? For starters: It’s not only a style guide, but more on that later. A lot of the internet actually runs on poorly written Bash. Your company probably depends on a lot of Bash-glue. Everyone uses it on a daily basis to glue userland utilities together. Some scripts unintentionally look like they are submissions for an obfuscated code contest. There are some style guides (e.g. by Google) and tutorials - but nothing definitive. Most books on the subject are ancient and often reflect personal opinions of authors, outdated Bash versions and userland utilities and most haven’t been updated in decades. I don’t know a single good book on Bash. The best resource is still http://wiki.bash-hackers.org. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 2/30
Working towards a community style guide I’ve started collecting style guides, tutorials, write-ups, tools and debugging projects during the last couple of years. ..chose the best ideas and clearest styles and combined them into one big community driven effort. People started contributing. Nothing is written in stone. Come up with a better idea for a certain topic and I’ll gladly accept it. I’ve also included a lot of mistakes people do or even rely on when writing their (often production) scripts. I’ve also collected a lot of tricks and shortcuts I’ve learned over the years specific to bash scripting and the Linux userland. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 3/30
Bad Example Here’s a cool and bad example at the same time. rpm2cpio reimplemented in bash. As Debian package: Installed-Size: 1044 As Bash script: 4 DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 4/30
Bad Example (cont.) https://trac.macports.org/attachment/ticket/33444/rpm2cpio DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 5/30
Common bad style practices overusing grep for tasks that Bash can do by itself. using bourne-shell backticks instead of $() for subshell calls. .. ever tried to nest backtick subshells? yea. you’ll have to escape them. instead of e.g.: $(util1 $(util2 ${some_variable_as_argument})). manual argument parsing instead of using the getopts builtin. using awk for arithmetic operations bash can do very well. .. same goes for expr(1). please stop using it in bash scripts. .. same goes for bc(1). please stop using it in bash scripts. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 6/30
Common bad style practices (cont.) using the echo builtin where printf can (and probably should) be used. using seq 1 15 for range expressions instead of {1..15} many coreutils you do not need & you save on subshell calls. .. a lot is set as a variable in your environment already (protip: see what env gives you to work with in the first place) worst of all: endless and unreadable pipe glue. . . . . . . . . . . . DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 7/30
Common bad style practices (cont.) So what is more readable to you and probably the angry sysadmin that might take over your codebase at some point in time? ls ${long_list_of_parameters} | grep ${foo} | grep -v grep | pgrep | wc -l | sort | uniq or ls ${long_list_of_parameters} | grep ${foo} | grep -v grep | pgrep | wc -l | sort | uniq DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 8/30
awk(1) for everything But why? $ du -sh Downloads | awk ‚{ print $1 }‚ 366G $ folder_size=($(du -sh Downloads)) $ echo ${folder_size[1]} Downloads $ echo ${folder_size[0]} 366G DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 9/30
DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 10/30
Debugging is a mess One of the reasons nobody should aim for big projects in Bash is that it is terrible to debug, most of you will know this already. This project aims to make it easier for you to debug your scripts. By writing beautiful, solid and testable code. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 11/30
Modern Bash scripting Most people don’t know that there are a lot of useful paradigms and tools that are used for software engineering in serious languages available also to Bash. Let’s not kid ourselves: some Bash scripts will run in production, even for years. They’d better work. And not take your business offline. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 12/30
Conventions I’ve come up with a few conventions: use #!/usr/bin/env bash do not use TABs for (consistently use 2, 3 or 4 spaces) but conditional and loop clauses on the same line: if ..; then instead of if ... then ... fi there’re no private functions in Bash, RedHat has a convention for that, prepend with two underscores function __my_private_function() as in Ruby, Python; don’t use indents in switch (case) blocks always “escape” varabiles. Bad: $MyVar, Good: ${MyVar}.DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 13/30
DocOpt DocOpt is a Command-line interface description language with support for all popular programming languages. http://docopt.org/ https://github.com/docopt ..also for Bash https://github.com/docopt/docopts DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 14/30
Test Driven Development and Unit tests with Bash #!/usr/bin/env bats @test "addition using bc" { result="$(echo 2+2 | bc)" [ "$result" -eq 4 ] } @test "addition using dc" { result="$(echo 2 2+p | dc)" [ "$result" -eq 4 ] } . . . DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 15/30
Test Driven Development and Unit tests with Bash (cont.) 1. Sam Stephenson (of rbenv fame) wrote an automated testing system for Bash scripts called ‘bats’ using TAP (Test Anything Protocol): https://github.com/sstephenson/bats 2. Sharness: another TAP library. there’s even a Chef cookbook for it: https://github.com/mlafeldt/sharness 3. Cram: a functional testing framework based on Marcurial’s unified test format - https://bitheap.org/cram/ 4. rnt: Automated testing of commandline interfaces - https://github.com/roman-neuhauser/rnt 5. shUnit2: is a xUnit framework (similar to PyUnit, JUnit et cetera) - https://code.google.com/p/shunit2/ 6. shpec: Tests/Specs - https://github.com/rylnd/shpec ..there are more, but these I’ve found to be most useful. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 16/30
Linting A online Bash style linter: https://github.com/koalaman/shellcheck Ubuntu ships with a tool called checkbashisms based on Debians lintian (portability). shlint tests for portability between zsh, ksh, bash, dash and bourne shell (if need be): https://github.com/duggan/shlint For Node fans: Grunt task that checks if a Bash script is valid (not anything else, btw): https://www.npmjs.com/package/grunt-lint-bash DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 17/30
Inter-shell portability Personal opinion: Inter-shell portability doesn’t matter. I’ve spent years writing OS agnostic bourne-shell scripts. Today every modern OS ships with a reasonably recent version of Bash. These days Solaris (and FOSS forks like SmartOS) ship even with a GNU userland. Use Bash. I love zsh and it can do a lot more. I still use Bash for (semi-) production scripts. They run basically everywhere when done right. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 18/30
Defensive Bash programming As you would in every other language, write helper functions, test these functions. Set constants readonly. Write concise, well defined and tested functions for every action. Use the local keyword for function-local variables. Prepend every function with the function keyword. Return proper error codes and check for them. Write unit tests. Some people write a function main() as people would with Python. So one can import and test ones main call as well. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 19/30
Defensive Bash programming (cont.) function fail() { local msg=${@} # handle failure appropriately cleanup && logger "my message to syslog" echo "ERROR: ${msg}" exit 1 } et cetera DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 20/30
Defensive Bash programming (cont.) function linux_distro() { local releasefile=$(cat /etc/*release* 2> /dev/null) case ${releasefile} in *Debian*) printf "debiann" ;; *Suse*) printf "slesn" ;; *CentOS* | *RedHat*) printf "eln" ;; *) return 1 ;; esac } ... [[ $(linux_distro) ]] || fail "Unkown distribution!" readonly linux_distro=$(linux_distro) ... DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 21/30
Defensive Bash programming (cont.) function debian_version() { # convert debian version to single unsigned integer local dv=$(printf "%.f" $(</etc/debian_version)) printf "%u" ${dv} } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 22/30
Defensive Bash programming (cont.) function is_empty() { local var=${1} [[ -z ${var} ]] } function is_file() { local file=${1} [[ -f ${file} ]] } function is_dir() { local dir=${1} [[ -d ${dir} ]] } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 23/30
Signal Handling Bash supports signal handling with the builtin trap: # call the fail() function if one # of these signals is caught by trap: trap ‚fail "caught signal!"‚ HUP KILL QUIT DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 24/30
Anonymous Functions (Lambdas) You’ll probably never ever need this in Bash, but it’s possible: function lambda() { _f=${1} ; shift function _l { eval ${_f}; } _l ${*} ; unset _l } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 25/30
Bash Profiling Sam Stephenson also wrote a profiler for Bash scripts: https://github.com/sstephenson/bashprof DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 26/30
Bash Debugging Hopefully you’ll write code that you do not have to debug often, but eventually you’ll have to. There’s only one real way to debug a Bash script unfortunately: bash -evx script.sh or setting set -evx in your script directly that being said, someone wrote a Bash debugger with gdb command syntax: http://bashdb.sourceforge.net/ DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 27/30
Conclusion There’s a lot more to tell (just ask me afterwards) - but this was supposed to be a lightning talk. All this, a lot of references and other projects are mentioned in my Community Bash Style Guide which is on GitHub. Please contribute in any way you can if you come up with useful Bashisms, tricks or find any cool projects. Any input is very much appreciated! Fork and open Pull Requests, Issues or Complaints! https://github.com/azet/community_bash_style_guide DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 28/30
Trivia: Do not try this at home OOP in Bash: https://github.com/tomas/skull https://github.com/kristopolous/TickTick https://code.google.com/p/object-oriented-bash/ https://github.com/patrickd-/ooengine http://hipersayanx.blogspot.co.at/2012/12/ object-oriented-programming-in-bash.html LISP Dialect implemented in Bash: https://github.com/alandipert/gherkin The original Macros used in the source of Bourne Shell (To make it look like ALGOL68 - the author was a big fan): http://research.swtch.com/shmacro DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 29/30
Thanks for your patience. Are there any questions? Twitter: @a_z_e_t E-Mail: azet@azet.org XMPP: azet@jabber.ccc.de GitHub: https://github.com/azet GPG Fingerprint: 7CB6 197E 385A 02DC 15D8 E223 E4DB 6492 FDB9 B5D5 [I have ECDSA (Brainpool) & EdDSA (Curve25519) subkeys as well.] DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 30/30

Recommended

Web application security
Web application securityWeb application security
Web application security
Kapil Sharma
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
Mentorcs
 
Jenkins Pipelines
Jenkins PipelinesJenkins Pipelines
Jenkins Pipelines
Steffen Gebert
 
20分でわかるgVisor入門
20分でわかるgVisor入門20分でわかるgVisor入門
20分でわかるgVisor入門
Shuji Yamada
 
マイクロサービスバックエンドAPIのためのRESTとgRPC
マイクロサービスバックエンドAPIのためのRESTとgRPCマイクロサービスバックエンドAPIのためのRESTとgRPC
マイクロサービスバックエンドAPIのためのRESTとgRPC
disc99_
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
 
Dvwa low level
Dvwa low levelDvwa low level
Dvwa low level
hackstuff
 
Owasp Top 10 A1: Injection
Owasp Top 10 A1: InjectionOwasp Top 10 A1: Injection
Owasp Top 10 A1: Injection
Michael Hendrickx
 
Ansible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニングAnsible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニング
sugoto
 
SSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAPSSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAP
ERPScan
 
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホンそろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
Naoki Nagazumi
 
Jenkins
JenkinsJenkins
Jenkins
penetration Tester
 
Crash Analysis with Reverse Taint
Crash Analysis with Reverse TaintCrash Analysis with Reverse Taint
Crash Analysis with Reverse Taint
marekzmyslowski
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
karthik menon
 
OWASP Top 10 API Security Risks
OWASP Top 10 API Security RisksOWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
IndusfacePvtLtd
 
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
臺灣塔米歐
 
Building flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on QuarkusBuilding flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on Quarkus
Ivelin Yanev
 
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValueDevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
RapidValue
 
Recon in Pentesting
Recon in PentestingRecon in Pentesting
Recon in Pentesting
Komal Armarkar
 
Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)
Ajay Negi
 
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Edureka!
 
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
Kohei Tokunaga
 
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
Docker, Inc.
 
Asynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/SpringAsynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/Spring
Naresh Chintalcheru
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
apidays
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
 
Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...
Kevin Fealey
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Robert Reiz
 
Bash is not a second zone citizen programming language
Bash is not a second zone citizen programming languageBash is not a second zone citizen programming language
Bash is not a second zone citizen programming language
René Ribaud
 
Building an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learnedBuilding an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learned
Wojciech Koszek
 

More Related Content

What's hot (20)

Ansible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニングAnsible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニング
sugoto
 
SSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAPSSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAP
ERPScan
 
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホンそろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
Naoki Nagazumi
 
Jenkins
JenkinsJenkins
Jenkins
penetration Tester
 
Crash Analysis with Reverse Taint
Crash Analysis with Reverse TaintCrash Analysis with Reverse Taint
Crash Analysis with Reverse Taint
marekzmyslowski
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
karthik menon
 
OWASP Top 10 API Security Risks
OWASP Top 10 API Security RisksOWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
IndusfacePvtLtd
 
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
臺灣塔米歐
 
Building flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on QuarkusBuilding flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on Quarkus
Ivelin Yanev
 
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValueDevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
RapidValue
 
Recon in Pentesting
Recon in PentestingRecon in Pentesting
Recon in Pentesting
Komal Armarkar
 
Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)
Ajay Negi
 
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Edureka!
 
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
Kohei Tokunaga
 
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
Docker, Inc.
 
Asynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/SpringAsynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/Spring
Naresh Chintalcheru
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
apidays
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
 
Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...
Kevin Fealey
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Robert Reiz
 
Ansible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニングAnsible AWXで一歩進んだプロビジョニング
Ansible AWXで一歩進んだプロビジョニング
sugoto
 
SSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAPSSRF vs. Business-critical applications. XXE tunneling in SAP
SSRF vs. Business-critical applications. XXE tunneling in SAP
ERPScan
 
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホンそろそろ知っておきたい!!コンテナ技術と Dockerのキホン
そろそろ知っておきたい!!コンテナ技術と Dockerのキホン
Naoki Nagazumi
 
Jenkins
JenkinsJenkins
Jenkins
penetration Tester
 
Crash Analysis with Reverse Taint
Crash Analysis with Reverse TaintCrash Analysis with Reverse Taint
Crash Analysis with Reverse Taint
marekzmyslowski
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
karthik menon
 
OWASP Top 10 API Security Risks
OWASP Top 10 API Security RisksOWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
IndusfacePvtLtd
 
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
我要如何設定遠端管理,可以到外網的時候也可以管理在家裡的WF2409
臺灣塔米歐
 
Building flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on QuarkusBuilding flexible ETL pipelines with Apache Camel on Quarkus
Building flexible ETL pipelines with Apache Camel on Quarkus
Ivelin Yanev
 
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValueDevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
DevOps Continuous Integration & Delivery - A Whitepaper by RapidValue
RapidValue
 
Recon in Pentesting
Recon in PentestingRecon in Pentesting
Recon in Pentesting
Komal Armarkar
 
Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)
Ajay Negi
 
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Edureka!
 
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
OCIv2?!軽量高速なイケてる次世代イメージ仕様の最新動向を抑えよう!
Kohei Tokunaga
 
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
A Story of Cultural Change: PayPal's 2 Year Journey to 150,000 Containers wit...
Docker, Inc.
 
Asynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/SpringAsynchronous Processing in Java/JEE/Spring
Asynchronous Processing in Java/JEE/Spring
Naresh Chintalcheru
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
apidays
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
 
Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...Static Application Security Testing Strategies for Automation and Continuous ...
Static Application Security Testing Strategies for Automation and Continuous ...
Kevin Fealey
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Robert Reiz
 

Similar to Beautiful Bash: Let's make reading and writing bash scripts fun again! (20)

Bash is not a second zone citizen programming language
Bash is not a second zone citizen programming languageBash is not a second zone citizen programming language
Bash is not a second zone citizen programming language
René Ribaud
 
Building an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learnedBuilding an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learned
Wojciech Koszek
 
How to build LibreOffice on your desktop
How to build LibreOffice on your desktopHow to build LibreOffice on your desktop
How to build LibreOffice on your desktop
Masataka Kondo
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to Android
Vlatko Kosturjak
 
Automate Yo' Self
Automate Yo' SelfAutomate Yo' Self
Automate Yo' Self
John Anderson
 
The Cost Of Free Linux
The Cost Of Free LinuxThe Cost Of Free Linux
The Cost Of Free Linux
Albert Mietus
 
Lpi Part 1 Linux Fundamentals
Lpi Part 1 Linux FundamentalsLpi Part 1 Linux Fundamentals
Lpi Part 1 Linux Fundamentals
YemenLinux
 
Reverse Engineering in Linux - The tools showcase
Reverse Engineering in Linux - The tools showcaseReverse Engineering in Linux - The tools showcase
Reverse Engineering in Linux - The tools showcase
Levis Nickaster
 
Bash shell programming in linux
Bash shell programming in linuxBash shell programming in linux
Bash shell programming in linux
Norberto Angulo
 
3stages Wdn08 V3
3stages Wdn08 V33stages Wdn08 V3
3stages Wdn08 V3
Boris Mann
 
Linux: Beyond ls and cd
Linux: Beyond ls and cdLinux: Beyond ls and cd
Linux: Beyond ls and cd
jacko91
 
Foss Presentation
Foss PresentationFoss Presentation
Foss Presentation
Ahmed Mekkawy
 
Jenkins pipeline -- Gentle Introduction
Jenkins pipeline -- Gentle IntroductionJenkins pipeline -- Gentle Introduction
Jenkins pipeline -- Gentle Introduction
Ramanathan Muthaiah
 
Resources For Floss Projects
Resources For Floss ProjectsResources For Floss Projects
Resources For Floss Projects
Jon Spriggs
 
Open event (show&tell april 2016)
Open event (show&tell april 2016)Open event (show&tell april 2016)
Open event (show&tell april 2016)
Jorge López-Lago
 
hw1a
hw1ahw1a
hw1a
tutorialsruby
 
hw1a
hw1ahw1a
hw1a
tutorialsruby
 
Pyhton-1a-Basics.pdf
Pyhton-1a-Basics.pdfPyhton-1a-Basics.pdf
Pyhton-1a-Basics.pdf
Mattupallipardhu
 
Continuous Security in DevOps
Continuous Security in DevOpsContinuous Security in DevOps
Continuous Security in DevOps
Maciej Lasyk
 
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
PROIDEA
 
Bash is not a second zone citizen programming language
Bash is not a second zone citizen programming languageBash is not a second zone citizen programming language
Bash is not a second zone citizen programming language
René Ribaud
 
Building an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learnedBuilding an Open Source iOS app: lessons learned
Building an Open Source iOS app: lessons learned
Wojciech Koszek
 
How to build LibreOffice on your desktop
How to build LibreOffice on your desktopHow to build LibreOffice on your desktop
How to build LibreOffice on your desktop
Masataka Kondo
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to Android
Vlatko Kosturjak
 
Automate Yo' Self
Automate Yo' SelfAutomate Yo' Self
Automate Yo' Self
John Anderson
 
The Cost Of Free Linux
The Cost Of Free LinuxThe Cost Of Free Linux
The Cost Of Free Linux
Albert Mietus
 
Lpi Part 1 Linux Fundamentals
Lpi Part 1 Linux FundamentalsLpi Part 1 Linux Fundamentals
Lpi Part 1 Linux Fundamentals
YemenLinux
 
Reverse Engineering in Linux - The tools showcase
Reverse Engineering in Linux - The tools showcaseReverse Engineering in Linux - The tools showcase
Reverse Engineering in Linux - The tools showcase
Levis Nickaster
 
Bash shell programming in linux
Bash shell programming in linuxBash shell programming in linux
Bash shell programming in linux
Norberto Angulo
 
3stages Wdn08 V3
3stages Wdn08 V33stages Wdn08 V3
3stages Wdn08 V3
Boris Mann
 
Linux: Beyond ls and cd
Linux: Beyond ls and cdLinux: Beyond ls and cd
Linux: Beyond ls and cd
jacko91
 
Foss Presentation
Foss PresentationFoss Presentation
Foss Presentation
Ahmed Mekkawy
 
Jenkins pipeline -- Gentle Introduction
Jenkins pipeline -- Gentle IntroductionJenkins pipeline -- Gentle Introduction
Jenkins pipeline -- Gentle Introduction
Ramanathan Muthaiah
 
Resources For Floss Projects
Resources For Floss ProjectsResources For Floss Projects
Resources For Floss Projects
Jon Spriggs
 
Open event (show&tell april 2016)
Open event (show&tell april 2016)Open event (show&tell april 2016)
Open event (show&tell april 2016)
Jorge López-Lago
 
hw1a
hw1ahw1a
hw1a
tutorialsruby
 
hw1a
hw1ahw1a
hw1a
tutorialsruby
 
Pyhton-1a-Basics.pdf
Pyhton-1a-Basics.pdfPyhton-1a-Basics.pdf
Pyhton-1a-Basics.pdf
Mattupallipardhu
 
Continuous Security in DevOps
Continuous Security in DevOpsContinuous Security in DevOps
Continuous Security in DevOps
Maciej Lasyk
 
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
4Developers 2015: Continuous Security in DevOps - Maciej Lasyk
PROIDEA
 

More from Aaron Zauner (13)

Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Aaron Zauner
 
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
Aaron Zauner
 
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
Aaron Zauner
 
State of Transport Security in the E-Mail Ecosystem at Large
State of Transport Security in the E-Mail Ecosystem at LargeState of Transport Security in the E-Mail Ecosystem at Large
State of Transport Security in the E-Mail Ecosystem at Large
Aaron Zauner
 
Javascript Object Signing & Encryption
Javascript Object Signing & EncryptionJavascript Object Signing & Encryption
Javascript Object Signing & Encryption
Aaron Zauner
 
Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)
Aaron Zauner
 
Introduction to and survey of TLS Security
Introduction to and survey of TLS SecurityIntroduction to and survey of TLS Security
Introduction to and survey of TLS Security
Aaron Zauner
 
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
Introduction to and survey of TLS Security
Introduction to and survey of TLS SecurityIntroduction to and survey of TLS Security
Introduction to and survey of TLS Security
Aaron Zauner
 
BetterCrypto: Applied Crypto Hardening
BetterCrypto: Applied Crypto HardeningBetterCrypto: Applied Crypto Hardening
BetterCrypto: Applied Crypto Hardening
Aaron Zauner
 
How to save the environment
How to save the environmentHow to save the environment
How to save the environment
Aaron Zauner
 
Sc12 workshop-writeup
Sc12 workshop-writeupSc12 workshop-writeup
Sc12 workshop-writeup
Aaron Zauner
 
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating...
Aaron Zauner
 
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
Aaron Zauner
 
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
No need for Black Chambers: Testing TLS in the E-Mail Ecosystem at Large (hac...
Aaron Zauner
 
State of Transport Security in the E-Mail Ecosystem at Large
State of Transport Security in the E-Mail Ecosystem at LargeState of Transport Security in the E-Mail Ecosystem at Large
State of Transport Security in the E-Mail Ecosystem at Large
Aaron Zauner
 
Javascript Object Signing & Encryption
Javascript Object Signing & EncryptionJavascript Object Signing & Encryption
Javascript Object Signing & Encryption
Aaron Zauner
 
Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)
Aaron Zauner
 
Introduction to and survey of TLS Security
Introduction to and survey of TLS SecurityIntroduction to and survey of TLS Security
Introduction to and survey of TLS Security
Aaron Zauner
 
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
[IETF Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
Aaron Zauner
 
Introduction to and survey of TLS Security
Introduction to and survey of TLS SecurityIntroduction to and survey of TLS Security
Introduction to and survey of TLS Security
Aaron Zauner
 
BetterCrypto: Applied Crypto Hardening
BetterCrypto: Applied Crypto HardeningBetterCrypto: Applied Crypto Hardening
BetterCrypto: Applied Crypto Hardening
Aaron Zauner
 
How to save the environment
How to save the environmentHow to save the environment
How to save the environment
Aaron Zauner
 
Sc12 workshop-writeup
Sc12 workshop-writeupSc12 workshop-writeup
Sc12 workshop-writeup
Aaron Zauner
 

Recently uploaded (20)

Unlock AI Creativity: Image Generation with DALL·E
Unlock AI Creativity: Image Generation with DALL·EUnlock AI Creativity: Image Generation with DALL·E
Unlock AI Creativity: Image Generation with DALL·E
Expeed Software
 
Wondershare Filmora Crack 14.3.2.11147 Latest
Wondershare Filmora Crack 14.3.2.11147 LatestWondershare Filmora Crack 14.3.2.11147 Latest
Wondershare Filmora Crack 14.3.2.11147 Latest
udkg888
 
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog GavraReplacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
ScyllaDB
 
Brave Browser Crack 1.45.133 Activated 2025
Brave Browser Crack 1.45.133 Activated 2025Brave Browser Crack 1.45.133 Activated 2025
Brave Browser Crack 1.45.133 Activated 2025
kherorpacca00126
 
CFD Studio Credentials – Branding, Design & Development
CFD Studio Credentials – Branding, Design & DevelopmentCFD Studio Credentials – Branding, Design & Development
CFD Studio Credentials – Branding, Design & Development
trannghia2018
 
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramentoAIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
Alessandro Bogliolo
 
Integrated Operating Window - A Gateway to PM
Integrated Operating Window - A Gateway to PMIntegrated Operating Window - A Gateway to PM
Integrated Operating Window - A Gateway to PM
Farhan Tariq
 
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPathUiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
DianaGray10
 
World Information Architecture Day 2025 - UX at a Crossroads
World Information Architecture Day 2025 - UX at a CrossroadsWorld Information Architecture Day 2025 - UX at a Crossroads
World Information Architecture Day 2025 - UX at a Crossroads
Joshua Randall
 
Data Intelligence Platform Transforming Data into Actionable Insights.pptx
Data Intelligence Platform Transforming Data into Actionable Insights.pptxData Intelligence Platform Transforming Data into Actionable Insights.pptx
Data Intelligence Platform Transforming Data into Actionable Insights.pptx
Lisa Gerard
 
Verbose AI: The Accessibility Challenge - CSUN 2025
Verbose AI: The Accessibility Challenge - CSUN 2025Verbose AI: The Accessibility Challenge - CSUN 2025
Verbose AI: The Accessibility Challenge - CSUN 2025
Ted Drake
 
Automated Minutes - Redefining Capturing & Creating Minutes
Automated Minutes - Redefining Capturing & Creating MinutesAutomated Minutes - Redefining Capturing & Creating Minutes
Automated Minutes - Redefining Capturing & Creating Minutes
OnBoard
 
UiPath Document Understanding - Generative AI and Active learning capabilities
UiPath Document Understanding - Generative AI and Active learning capabilitiesUiPath Document Understanding - Generative AI and Active learning capabilities
UiPath Document Understanding - Generative AI and Active learning capabilities
DianaGray10
 
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
ScyllaDB
 
The Future of Repair: Transparent and Incremental by Botond Dénes
The Future of Repair: Transparent and Incremental by Botond DénesThe Future of Repair: Transparent and Incremental by Botond Dénes
The Future of Repair: Transparent and Incremental by Botond Dénes
ScyllaDB
 
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOTSMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
TanmaiArni
 
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
MichaelLee15927
 
FinTech - US Annual Funding Report - 2024.pptx
FinTech - US Annual Funding Report - 2024.pptxFinTech - US Annual Funding Report - 2024.pptx
FinTech - US Annual Funding Report - 2024.pptx
Tracxn
 
Endpoint Backup: 3 Reasons MSPs Ignore It
Endpoint Backup: 3 Reasons MSPs Ignore ItEndpoint Backup: 3 Reasons MSPs Ignore It
Endpoint Backup: 3 Reasons MSPs Ignore It
MSP360
 
Elements of Indigenous Style: Insights and applications for the book industry...
Elements of Indigenous Style: Insights and applications for the book industry...Elements of Indigenous Style: Insights and applications for the book industry...
Elements of Indigenous Style: Insights and applications for the book industry...
BookNet Canada
 
Unlock AI Creativity: Image Generation with DALL·E
Unlock AI Creativity: Image Generation with DALL·EUnlock AI Creativity: Image Generation with DALL·E
Unlock AI Creativity: Image Generation with DALL·E
Expeed Software
 
Wondershare Filmora Crack 14.3.2.11147 Latest
Wondershare Filmora Crack 14.3.2.11147 LatestWondershare Filmora Crack 14.3.2.11147 Latest
Wondershare Filmora Crack 14.3.2.11147 Latest
udkg888
 
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog GavraReplacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
Replacing RocksDB with ScyllaDB in Kafka Streams by Almog Gavra
ScyllaDB
 
Brave Browser Crack 1.45.133 Activated 2025
Brave Browser Crack 1.45.133 Activated 2025Brave Browser Crack 1.45.133 Activated 2025
Brave Browser Crack 1.45.133 Activated 2025
kherorpacca00126
 
CFD Studio Credentials – Branding, Design & Development
CFD Studio Credentials – Branding, Design & DevelopmentCFD Studio Credentials – Branding, Design & Development
CFD Studio Credentials – Branding, Design & Development
trannghia2018
 
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramentoAIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
AIXMOOC 2.3 - Modelli di reti neurali con esperimenti di addestramento
Alessandro Bogliolo
 
Integrated Operating Window - A Gateway to PM
Integrated Operating Window - A Gateway to PMIntegrated Operating Window - A Gateway to PM
Integrated Operating Window - A Gateway to PM
Farhan Tariq
 
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPathUiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
UiPath NY AI Series: Session 1: Introduction to Agentic AI with UiPath
DianaGray10
 
World Information Architecture Day 2025 - UX at a Crossroads
World Information Architecture Day 2025 - UX at a CrossroadsWorld Information Architecture Day 2025 - UX at a Crossroads
World Information Architecture Day 2025 - UX at a Crossroads
Joshua Randall
 
Data Intelligence Platform Transforming Data into Actionable Insights.pptx
Data Intelligence Platform Transforming Data into Actionable Insights.pptxData Intelligence Platform Transforming Data into Actionable Insights.pptx
Data Intelligence Platform Transforming Data into Actionable Insights.pptx
Lisa Gerard
 
Verbose AI: The Accessibility Challenge - CSUN 2025
Verbose AI: The Accessibility Challenge - CSUN 2025Verbose AI: The Accessibility Challenge - CSUN 2025
Verbose AI: The Accessibility Challenge - CSUN 2025
Ted Drake
 
Automated Minutes - Redefining Capturing & Creating Minutes
Automated Minutes - Redefining Capturing & Creating MinutesAutomated Minutes - Redefining Capturing & Creating Minutes
Automated Minutes - Redefining Capturing & Creating Minutes
OnBoard
 
UiPath Document Understanding - Generative AI and Active learning capabilities
UiPath Document Understanding - Generative AI and Active learning capabilitiesUiPath Document Understanding - Generative AI and Active learning capabilities
UiPath Document Understanding - Generative AI and Active learning capabilities
DianaGray10
 
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
30B Images and Counting: Scaling Canva's Content-Understanding Pipelines by K...
ScyllaDB
 
The Future of Repair: Transparent and Incremental by Botond Dénes
The Future of Repair: Transparent and Incremental by Botond DénesThe Future of Repair: Transparent and Incremental by Botond Dénes
The Future of Repair: Transparent and Incremental by Botond Dénes
ScyllaDB
 
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOTSMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
SMART SENTRY CYBER THREAT INTELLIGENCE IN IIOT
TanmaiArni
 
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
Cisco Duo 2024 Cisco Duo 2024 Cisco Duo 2024
MichaelLee15927
 
FinTech - US Annual Funding Report - 2024.pptx
FinTech - US Annual Funding Report - 2024.pptxFinTech - US Annual Funding Report - 2024.pptx
FinTech - US Annual Funding Report - 2024.pptx
Tracxn
 
Endpoint Backup: 3 Reasons MSPs Ignore It
Endpoint Backup: 3 Reasons MSPs Ignore ItEndpoint Backup: 3 Reasons MSPs Ignore It
Endpoint Backup: 3 Reasons MSPs Ignore It
MSP360
 
Elements of Indigenous Style: Insights and applications for the book industry...
Elements of Indigenous Style: Insights and applications for the book industry...Elements of Indigenous Style: Insights and applications for the book industry...
Elements of Indigenous Style: Insights and applications for the book industry...
BookNet Canada
 

Beautiful Bash: Let's make reading and writing bash scripts fun again!

  • 1. Beautiful Bash: A community driven effort Lets make reading & writing Bash scripts fun again! Aaron Zauner [email protected] lambda.co.at: Highly-Available, Scalable & Secure Distributed Systems DevOps/Security Meetup Vienna - 17/12/2014
  • 2. Introduction Working towards a community style guide Doing it wrong Modern Bash scripting (Welcome to 2014!) Conclusion
  • 3. Caveat Emptor I’m not endorsing Bash for large-scale projects, difficult or performance critical tasks. If your project needs to talk to a database, object store, interact with a filesystem or dynamically handle block devices - you SHOULD NOT use Bash in the first place. You can. But you’ll regret it - I speak from years of experience doing completely insane stuff in Bash for fun (certainly not for profit). Bash is useful for one thing and one thing only: as glue! ..and it’s the glue that holds Linux distributions, Embedded Appliances and even Commercial networking gear together - so you better use the best glue on the market, right? DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 1/30
  • 4. Do we really need another style guide? For starters: It’s not only a style guide, but more on that later. A lot of the internet actually runs on poorly written Bash. Your company probably depends on a lot of Bash-glue. Everyone uses it on a daily basis to glue userland utilities together. Some scripts unintentionally look like they are submissions for an obfuscated code contest. There are some style guides (e.g. by Google) and tutorials - but nothing definitive. Most books on the subject are ancient and often reflect personal opinions of authors, outdated Bash versions and userland utilities and most haven’t been updated in decades. I don’t know a single good book on Bash. The best resource is still http://wiki.bash-hackers.org. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 2/30
  • 5. Working towards a community style guide I’ve started collecting style guides, tutorials, write-ups, tools and debugging projects during the last couple of years. ..chose the best ideas and clearest styles and combined them into one big community driven effort. People started contributing. Nothing is written in stone. Come up with a better idea for a certain topic and I’ll gladly accept it. I’ve also included a lot of mistakes people do or even rely on when writing their (often production) scripts. I’ve also collected a lot of tricks and shortcuts I’ve learned over the years specific to bash scripting and the Linux userland. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 3/30
  • 6. Bad Example Here’s a cool and bad example at the same time. rpm2cpio reimplemented in bash. As Debian package: Installed-Size: 1044 As Bash script: 4 DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 4/30
  • 8. Common bad style practices overusing grep for tasks that Bash can do by itself. using bourne-shell backticks instead of $() for subshell calls. .. ever tried to nest backtick subshells? yea. you’ll have to escape them. instead of e.g.: $(util1 $(util2 ${some_variable_as_argument})). manual argument parsing instead of using the getopts builtin. using awk for arithmetic operations bash can do very well. .. same goes for expr(1). please stop using it in bash scripts. .. same goes for bc(1). please stop using it in bash scripts. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 6/30
  • 9. Common bad style practices (cont.) using the echo builtin where printf can (and probably should) be used. using seq 1 15 for range expressions instead of {1..15} many coreutils you do not need & you save on subshell calls. .. a lot is set as a variable in your environment already (protip: see what env gives you to work with in the first place) worst of all: endless and unreadable pipe glue. . . . . . . . . . . . DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 7/30
  • 10. Common bad style practices (cont.) So what is more readable to you and probably the angry sysadmin that might take over your codebase at some point in time? ls ${long_list_of_parameters} | grep ${foo} | grep -v grep | pgrep | wc -l | sort | uniq or ls ${long_list_of_parameters} | grep ${foo} | grep -v grep | pgrep | wc -l | sort | uniq DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 8/30
  • 11. awk(1) for everything But why? $ du -sh Downloads | awk ‚{ print $1 }‚ 366G $ folder_size=($(du -sh Downloads)) $ echo ${folder_size[1]} Downloads $ echo ${folder_size[0]} 366G DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 9/30
  • 12. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 10/30
  • 13. Debugging is a mess One of the reasons nobody should aim for big projects in Bash is that it is terrible to debug, most of you will know this already. This project aims to make it easier for you to debug your scripts. By writing beautiful, solid and testable code. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 11/30
  • 14. Modern Bash scripting Most people don’t know that there are a lot of useful paradigms and tools that are used for software engineering in serious languages available also to Bash. Let’s not kid ourselves: some Bash scripts will run in production, even for years. They’d better work. And not take your business offline. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 12/30
  • 15. Conventions I’ve come up with a few conventions: use #!/usr/bin/env bash do not use TABs for (consistently use 2, 3 or 4 spaces) but conditional and loop clauses on the same line: if ..; then instead of if ... then ... fi there’re no private functions in Bash, RedHat has a convention for that, prepend with two underscores function __my_private_function() as in Ruby, Python; don’t use indents in switch (case) blocks always “escape” varabiles. Bad: $MyVar, Good: ${MyVar}.DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 13/30
  • 16. DocOpt DocOpt is a Command-line interface description language with support for all popular programming languages. http://docopt.org/ https://github.com/docopt ..also for Bash https://github.com/docopt/docopts DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 14/30
  • 17. Test Driven Development and Unit tests with Bash #!/usr/bin/env bats @test "addition using bc" { result="$(echo 2+2 | bc)" [ "$result" -eq 4 ] } @test "addition using dc" { result="$(echo 2 2+p | dc)" [ "$result" -eq 4 ] } . . . DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 15/30
  • 18. Test Driven Development and Unit tests with Bash (cont.) 1. Sam Stephenson (of rbenv fame) wrote an automated testing system for Bash scripts called ‘bats’ using TAP (Test Anything Protocol): https://github.com/sstephenson/bats 2. Sharness: another TAP library. there’s even a Chef cookbook for it: https://github.com/mlafeldt/sharness 3. Cram: a functional testing framework based on Marcurial’s unified test format - https://bitheap.org/cram/ 4. rnt: Automated testing of commandline interfaces - https://github.com/roman-neuhauser/rnt 5. shUnit2: is a xUnit framework (similar to PyUnit, JUnit et cetera) - https://code.google.com/p/shunit2/ 6. shpec: Tests/Specs - https://github.com/rylnd/shpec ..there are more, but these I’ve found to be most useful. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 16/30
  • 19. Linting A online Bash style linter: https://github.com/koalaman/shellcheck Ubuntu ships with a tool called checkbashisms based on Debians lintian (portability). shlint tests for portability between zsh, ksh, bash, dash and bourne shell (if need be): https://github.com/duggan/shlint For Node fans: Grunt task that checks if a Bash script is valid (not anything else, btw): https://www.npmjs.com/package/grunt-lint-bash DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 17/30
  • 20. Inter-shell portability Personal opinion: Inter-shell portability doesn’t matter. I’ve spent years writing OS agnostic bourne-shell scripts. Today every modern OS ships with a reasonably recent version of Bash. These days Solaris (and FOSS forks like SmartOS) ship even with a GNU userland. Use Bash. I love zsh and it can do a lot more. I still use Bash for (semi-) production scripts. They run basically everywhere when done right. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 18/30
  • 21. Defensive Bash programming As you would in every other language, write helper functions, test these functions. Set constants readonly. Write concise, well defined and tested functions for every action. Use the local keyword for function-local variables. Prepend every function with the function keyword. Return proper error codes and check for them. Write unit tests. Some people write a function main() as people would with Python. So one can import and test ones main call as well. DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 19/30
  • 22. Defensive Bash programming (cont.) function fail() { local msg=${@} # handle failure appropriately cleanup && logger "my message to syslog" echo "ERROR: ${msg}" exit 1 } et cetera DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 20/30
  • 23. Defensive Bash programming (cont.) function linux_distro() { local releasefile=$(cat /etc/*release* 2> /dev/null) case ${releasefile} in *Debian*) printf "debiann" ;; *Suse*) printf "slesn" ;; *CentOS* | *RedHat*) printf "eln" ;; *) return 1 ;; esac } ... [[ $(linux_distro) ]] || fail "Unkown distribution!" readonly linux_distro=$(linux_distro) ... DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 21/30
  • 24. Defensive Bash programming (cont.) function debian_version() { # convert debian version to single unsigned integer local dv=$(printf "%.f" $(</etc/debian_version)) printf "%u" ${dv} } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 22/30
  • 25. Defensive Bash programming (cont.) function is_empty() { local var=${1} [[ -z ${var} ]] } function is_file() { local file=${1} [[ -f ${file} ]] } function is_dir() { local dir=${1} [[ -d ${dir} ]] } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 23/30
  • 26. Signal Handling Bash supports signal handling with the builtin trap: # call the fail() function if one # of these signals is caught by trap: trap ‚fail "caught signal!"‚ HUP KILL QUIT DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 24/30
  • 27. Anonymous Functions (Lambdas) You’ll probably never ever need this in Bash, but it’s possible: function lambda() { _f=${1} ; shift function _l { eval ${_f}; } _l ${*} ; unset _l } DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 25/30
  • 28. Bash Profiling Sam Stephenson also wrote a profiler for Bash scripts: https://github.com/sstephenson/bashprof DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 26/30
  • 29. Bash Debugging Hopefully you’ll write code that you do not have to debug often, but eventually you’ll have to. There’s only one real way to debug a Bash script unfortunately: bash -evx script.sh or setting set -evx in your script directly that being said, someone wrote a Bash debugger with gdb command syntax: http://bashdb.sourceforge.net/ DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 27/30
  • 30. Conclusion There’s a lot more to tell (just ask me afterwards) - but this was supposed to be a lightning talk. All this, a lot of references and other projects are mentioned in my Community Bash Style Guide which is on GitHub. Please contribute in any way you can if you come up with useful Bashisms, tricks or find any cool projects. Any input is very much appreciated! Fork and open Pull Requests, Issues or Complaints! https://github.com/azet/community_bash_style_guide DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 28/30
  • 31. Trivia: Do not try this at home OOP in Bash: https://github.com/tomas/skull https://github.com/kristopolous/TickTick https://code.google.com/p/object-oriented-bash/ https://github.com/patrickd-/ooengine http://hipersayanx.blogspot.co.at/2012/12/ object-oriented-programming-in-bash.html LISP Dialect implemented in Bash: https://github.com/alandipert/gherkin The original Macros used in the source of Bourne Shell (To make it look like ALGOL68 - the author was a big fan): http://research.swtch.com/shmacro DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 29/30
  • 32. Thanks for your patience. Are there any questions? Twitter: @a_z_e_t E-Mail: [email protected] XMPP: [email protected] GitHub: https://github.com/azet GPG Fingerprint: 7CB6 197E 385A 02DC 15D8 E223 E4DB 6492 FDB9 B5D5 [I have ECDSA (Brainpool) & EdDSA (Curve25519) subkeys as well.] DevOps/Security Meetup Vienna - 17/12/2014 Beautiful Bash: A community driven effort Aaron Zauner 30/30