sh(1)


sh, jsh, rsh -- shell, the standard, job control, and restricted command interpreter

Synopsis

/usr/bin/sh [-acefhiknprstuvx] [args]
/u95/bin/sh [-abcefhikmnoprstuvxCD] [file] [-o option] ... [-] [args]
/usr/bin/jsh [-acefhiknprstuvx] [args]
/usr/lib/rsh [-acefhiknprstuvx] [args]
/sbin/sh [-acefhiknprstuvx] [args]

Description

The sh command interpreter is a command programming language that executes commands read from a terminal or a file.

The version of sh residing in /usr/bin/sh( ) is the Bourne shell and is described in this manual page. The version residing in /u95/bin/sh( ) is a version of the Korn Shell that complies with X/Open Interface Definitions, Version 4 Issue 2. /u95/bin/sh is considered the standard shell when you want an X/Open-compliant execution environment; see the ksh(1) manual page for a description of ./u95/bin/sh( ). (Also see profile(4) for a description of how a shell is selected for execution when you log in to the system.)

jsh is an interface to the shell which provides all the functionality of sh and enables job control (see ``Job control'', below). /usr/lib/rsh is a restricted version of the standard command interpreter sh; it is used to restrict logins to execution environments whose capabilities are more controlled than those of the standard shell. See ``Invocation'' for the meaning of arguments to the shell.

The shell /sbin/sh is the only shell that is trusted for administrative use when the Enhanced Security Utilities are installed and running on your system.

sh, jsh, and rsh process supplementary code set characters in command arguments, as values of variables and field separators, in prompt strings, comments, and pipes, and in scripts according to the locale specified in the LC_CTYPE environment variable (see LANG on environ(5)). Pattern searches are performed on characters, not bytes, as described in Filename Generation below.

Definitions

A blank is a tab or a space. A name is a sequence of letters, digits, or underscores, beginning with a letter or an underscore. A parameter is a name, a digit, or any of the following characters: *, @, #, ?, -, $, and !.

Commands

A ``simple-command'' is a sequence of non-blank words separated by blanks. The first word specifies the name of the command to be executed. Except as specified below, the remaining words are passed as arguments to the invoked command. The command name is passed as argument 0 (see exec(2)). The value of a simple-command is its exit status if it terminates normally, or (octal) 200+status if it terminates abnormally; see signal(5) for a list of status values.

A ``pipeline'' is a sequence of one or more commands separated by |. The standard output of each command but the last is connected by a pipe(2) to the standard input of the next command. Each command is run as a separate process; the shell waits for the last command to terminate. The exit status of a pipeline is the exit status of the last command in the pipeline.

A ``list'' is a sequence of one or more pipelines separated by ;, &, &&, or ||, and sometimes terminated by ; or &. Of these four symbols, ; and & have equal precedence, which is lower than that of && and ||. The symbols && and || also have equal precedence. A semicolon (;) causes sequential execution of the preceding pipeline (that is, the shell waits for the pipeline to finish before executing any commands following the semicolon); an ampersand (&) causes asynchronous execution of the preceding pipeline (that is, the shell does not wait for that pipeline to finish). The symbol && (||) causes the list following it to be executed only if the preceding pipeline returns a zero (non-zero) exit status. An arbitrary number of newlines may appear in a list, instead of semicolons, to delimit commands.

A ``command'' is either a simple-command or one of the following. Unless otherwise stated, the value returned by a command is that of the last simple-command executed in the command.

for name [ in word ... ] do list done
Each time a for command is executed, name is set to the next word taken from the in word list. If in word ... is omitted, then the for command executes the do list once for each positional parameter that is set (see ``Parameter substitution'', below). Execution ends when there are no more words in the list.

case word in [pattern [ | pattern] ... ) list ;;] ... esac
A case command executes the list associated with the first pattern that matches word. The form of the patterns is the same as that used for file-name generation (see ``Filename generation'') except that a slash, a leading dot, or a dot immediately following a slash need not be matched explicitly.

if list then list [ elif list then list] ... [ else list] fi
The list following if is executed and, if it returns a zero exit status, the list following the first then is executed. Otherwise, the list following elif is executed and, if its value is zero, the list following the next then is executed. Failing that, the else list is executed. If no else list or then list is executed, then the if command returns a zero exit status.

while list do list done
A while command repeatedly executes the while list and, if the exit status of the last command in the list is zero, executes the do list; otherwise the loop terminates. If no commands in the do list are executed, then the while command returns a zero exit status; until may be used in place of while to negate the loop termination test.

(list)
Execute list in a sub-shell.

{ list;}
list is executed in the current (that is, parent) shell. The { must be followed by a space.

name () { list;}
Define a function which is referenced by name. The body of the function is the list of commands between { and }. The list may appear on the same line as the {. If it does, the { and list must be separated by a space. The } may not be on the same line as list; it must be on a newline. Execution of functions is described below (see ``Execution''). The { and } are unnecessary if the body of the function is a simple-command as defined above, under Commands.

The following words are only recognized as the first word of a command and when not quoted:

   if then else elif fi case esac for while until do done { } 

Comments

A word beginning with a # causes that word and all the following characters up to a newline to be ignored.


NOTE: The exception to this is when #! shell is used as the first line of a shell script. See ``Execution''.

Command substitution

The shell interprets commands from the string between two backquotes (``) and the standard output from these commands may be used as all or part of a word. Trailing newlines from the standard output are removed.

No interpretation is done on the string before the string is read, except to remove backslashes (\) used to escape other characters. Backslashes may be used to escape a backquote (`) or another backslash (\) and are removed before the command string is read. Escaping backquotes allows nested command substitution. If the command substitution lies within a pair of double quotes (" . . . ` . . . ` . . . "), a backslash used to escape a double quote (\") will be removed; otherwise, it will be left intact.

If a backslash is used to escape a newline character (\newline), both the backslash and the newline are removed (see ``Quoting''). In addition, backslashes used to escape dollar signs (\$) are removed. Since no parameter substitution is done on the command string before it is read, inserting a backslash to escape a dollar sign has no effect. Backslashes that precede characters other than \, `, ", newline, and $ are left intact when the command string is read.

Parameter substitution

The character $ is used to introduce substitutable parameters. There are two types of parameters, positional and keyword. If a parameter is a digit, it is a positional parameter. Positional parameters may be assigned values by set. Keyword parameters (also known as variables) may be assigned values by writing:
   name=value [name=value] ... 

Pattern-matching is not performed on value. There cannot be a function and a variable with the same name.

${parameter}
The value, if any, of the parameter is substituted. The braces are required only when parameter is followed by a letter, digit, or underscore that is not to be interpreted as part of its name. If parameter is * or @, all the positional parameters, starting with $1, are substituted (separated by spaces). Parameter $0 is set from argument zero when the shell is invoked.

${parameter:-word}
If parameter is set and is non-null, substitute its value; otherwise substitute word.

${parameter:=word}
If parameter is not set or is null set it to word; the value of the parameter is substituted. Positional parameters may not be assigned in this way.

${parameter:?word}
If parameter is set and is non-null, substitute its value; otherwise, print parameter: word and exit from the shell. If word is omitted, the message parameter null or not set is printed.

${parameter:+word}
If parameter is set and is non-null, substitute word; otherwise substitute nothing.

In the above, word is not evaluated unless it is to be used as the substituted string, so that, in the following example, pwd is executed only if (d) is not set or is null:

   echo ${d:-`pwd`} 

If the colon (:) is omitted from the above expressions, the shell only checks whether parameter is set or not.

The following parameters are automatically set by the shell.

*
Expands to the positional parameters, beginning with 1.

@
Expands to the positional parameters, beginning with 1, except when expanded within double quotes, in which case each positional parameter expands as a separate field.

#
The number of positional parameters in decimal.

-
Flags supplied to the shell on invocation or by the set command.

?
The decimal value returned by the last synchronously executed command.

$
The process number of this shell. $ reports the process ID of the parent shell in all shell constructs, including pipelines, and in parenthesized sub-shells.

!
The process number of the last background command invoked.

The following parameters are used by the shell. The parameters in this section are also referred to as environment variables.

HOME
The default argument (home directory) for the cd command, set to the user's login directory by login(1) from the password file (see passwd(4)).

PATH
The search path for commands (see ``Execution'', below). The user may not change PATH if executing under /usr/lib/rsh.

CDPATH
The search path for the cd command.

MAIL
If this parameter is set to the name of a mail file and the MAILPATH parameter is not set, the shell informs the user of the arrival of mail in the specified file.

MAILCHECK
This parameter specifies how often (in seconds) the shell will check for the arrival of mail in the files specified by the MAILPATH or MAIL parameters. The default value is 600 seconds (10 minutes). If set to 0, the shell will check before each prompt.

MAILPATH
A colon (:) separated list of filenames. If this parameter is set, the shell informs the user of the arrival of mail in any of the specified files. Each filename can be followed by % and a message that will be printed when the modification time changes. The default message is you have mail.

PS1
Primary prompt string, by default $ .

PS2
Secondary prompt string, by default > .

IFS
Internal field separators, by default space, tab, and newline (see ``Blank interpretation'').

LANG
If this parameter is set, the shell will use it to determine the current locale; see environ(5), setlocale(3C).

SHACCT
If this parameter is set to the name of a file writable by the user, the shell will write an accounting record in the file for each shell procedure executed.

SHELL
When the shell is invoked, it scans the environment (see ``Environment'', below) for this name. If it is found and rsh is the filename part of its value, the shell becomes a restricted shell.

TIMEOUT
A non-zero value for TIMEOUT causes the shell to exit after $TIMEOUT seconds of inactivity. The default value is site dependent. The original whitespace characters (space, tab, and newline) are always considered internal field separators.

The shell gives default values to PATH, PS1, PS2, MAILCHECK, and IFS. HOME and MAIL are set by login(1).

Blank interpretation

After parameter and command substitution, the results of substitution are scanned for internal field separator characters (those found in IFS) and split into distinct arguments where such characters are found. Explicit null arguments ("" or '') are retained. Implicit null arguments (those resulting from parameters that have no values) are removed.

Input/Output

A command's input and output may be redirected using a special notation interpreted by the shell. The following may appear anywhere in a simple-command or may precede or follow a command and are not passed on as arguments to the invoked command. Note that parameter and command substitution occurs before word or digit is used.

<word
Use file word as standard input (file descriptor 0).

>word
Use file word as standard output (file descriptor 1). If the file does not exist, it is created; otherwise, it is truncated to zero length.

>>word
Use file word as standard output. If the file exists, output is appended to it (by first seeking to the end-of-file); otherwise, the file is created.

<<[-]word
After parameter and command substitution is done on word, the shell input is read up to the first line that literally matches the resulting word, or to an end-of-file. If, however, - is appended to <<:

  1. leading tabs are stripped from word before the shell input is read (but after parameter and command substitution is done on word),

  2. leading tabs are stripped from the shell input as it is read and before each line is compared with word, and

  3. shell input is read up to the first line that literally matches the resulting word, or to an end-of-file.

If any character of word is quoted (see ``Quoting''), no additional processing is done to the shell input. If no characters of word are quoted:

  1. parameter and command substitution occurs,

  2. (escaped) \newlines are removed, and

  3. \ must be used to quote the characters \, $, and `.

    The resulting document becomes the standard input.

<&digit
Use the file associated with file descriptor digit as standard input. Similarly for the standard output using >&digit.

<&-
The standard input is closed. Similarly for the standard output using >&-.

If any of the above is preceded by a digit, the file descriptor which will be associated with the file is that specified by the digit (instead of the default 0 or 1). For example:

   ... 2>&1 

associates file descriptor 2 with the file currently associated with file descriptor 1.

The order in which redirections are specified is significant. The shell evaluates redirections left-to-right. For example:

   ... 1>xxx 2>&1 

first associates file descriptor 1 with file xxx. It associates file descriptor 2 with the file associated with file descriptor 1 (that is, xxx). If the order of redirections were reversed, file descriptor 2 would be associated with the terminal (assuming file descriptor 1 had been) and file descriptor 1 would be associated with file xxx.

Using the terminology introduced on the first page, under Commands, if a command is composed of several simple-commands, redirection will be evaluated for the entire command before it is evaluated for each simple-command. That is, the shell evaluates redirection for the entire list, then each pipeline within the list, then each command within each pipeline, then each list within each command.

If a command is followed by & the default standard input for the command is the empty file /dev/null. Otherwise, the environment for the execution of a command contains the file descriptors of the invoking shell as modified by input/output specifications.

Redirection of output is not allowed in the restricted shell.

Filename generation

Before a command is executed, each command word is scanned for the characters *, ?, and [. If one of these characters appears the word is regarded as a pattern. The word is replaced with alphabetically sorted filenames that match the pattern. If no filename is found that matches the pattern, the word is left unchanged. The character (.) at the start of a filename or immediately following a /, as well as the character / itself, must be matched explicitly.

*
Matches any string, including supplementary code set characters and the null string.

?
Matches any single character, including supplementary code set characters.

[...]
Matches any one character in the string enclosed by square brackets, or any one character with a code value within the range designated using a minus (-) sign, including supplementary code set characters. When the characters in the range are from different code sets, one of the characters specifying the range is matched. If the first character following the opening [ is a !, any character not enclosed is matched, including supplementary code set characters.


NOTE: All quoted characters (see below) must be matched explicitly in a filename.

Quoting

The following characters have a special meaning to the shell and cause termination of a word unless quoted:
   ;  &  (  )  |  ^  <  >  newline  space  tab 

A character may be ``quoted'' (that is, made to stand for itself) by preceding it with a backslash (\) or inserting it between a pair of quote marks ('' or ""). During processing, the shell may quote certain characters to prevent them from taking on a special meaning. Backslashes used to quote a single character are removed from the word before the command is executed. The pair \newline is removed from a word before command and parameter substitution.

All characters enclosed between a pair of single quote marks (''), except a single quote, are quoted by the shell. Backslash has no special meaning inside a pair of single quotes. A single quote may be quoted inside a pair of double quote marks (for example, "'"), but a single quote can not be quoted inside a pair of single quotes.

Inside a pair of double quote marks (""), parameter and command substitution occurs and the shell quotes the results to avoid blank interpretation and filename generation. If $* is within a pair of double quotes, the positional parameters are substituted and quoted, separated by quoted spaces ("$1 $2 ..."); however, if $@ is within a pair of double quotes, the positional parameters are substituted and quoted, separated by unquoted spaces ("$1" "$2" ... ). \ quotes the characters \, `, ", and $. The pair \newline is removed before parameter and command substitution. If a backslash precedes characters other than \, `, ", $, and newline, then the backslash itself is quoted by the shell.

Prompting

When used interactively, the shell prompts with the value of PS1 before reading a command. If at any time a newline is typed and further input is needed to complete a command, the secondary prompt (that is, the value of PS2) is issued.

Defaults

The file /etc/default/sh (which does not exist by default) can contain a value for the parameter TIMEOUT; this integer value specifies the number of seconds that can elapse without user activity before a shell will exit. If this value is 0, undefined, or the file /etc/default/sh does not exist (the default), the shell will wait for user input until explicitly terminated.

Environment

The environment (see environ(5)) is a list of name-value pairs that is passed to an executed program in the same way as a normal argument list. The shell interacts with the environment in several ways. On invocation, the shell scans the environment and creates a parameter for each name found, giving it the corresponding value. If the user modifies the value of any of these parameters or creates new parameters, none of these affects the environment unless the export command is used to bind the shell's parameter to the environment (see also set -a). A parameter may be removed from the environment with the unset command. The environment seen by any executed command is thus composed of any unmodified name-value pairs originally inherited by the shell, minus any pairs removed by unset, plus any modifications or additions, all of which must be noted in export commands.

The environment for any simple-command may be augmented by prefixing it with one or more assignments to parameters. Thus:

   TERM=450 cmd 
and
   (export TERM; TERM=450; cmd) 

are equivalent as far as the execution of cmd is concerned if cmd is not a ``special command'' (see ``Special commands''). If cmd is a special command, then

   TERM=450 cmd 
will modify the TERM variable in the current shell.

If the -k flag is set, all keyword arguments are placed in the environment, even if they occur after the command name. The following first prints a=b c and c:

   echo a=b c 
   set -k 
   echo a=b c 

Signals

When a command is run in the background (cmd &) under sh, it can receive interrupt (SIGINT) and quit (SIGQUIT) signals but ignores them by default. (A background process can override this default behavior via trap or signal. For details, see the description of trap, below, or signal(2).) When a command is run in the background under jsh, however, it does not receive interrupt or quit signals. Otherwise signals have the values inherited by the shell from its parent, with the exception of three signals: 11 (SIGSEV), 14 (SIGALARM), and 18 (SIGCHILD).

Execution

Each time a command is executed, the command substitution, parameter substitution, blank interpretation, input/output redirection, and filename generation listed above are carried out. If the command name matches the name of a defined function, the function is executed in the shell process (note how this differs from the execution of shell procedures). If the command name does not match the name of a defined function, but matches one of the special commands listed below in Special Commands, it is executed in the shell process. The positional parameters $1, $2, .... are set to the arguments of the function. If the command name matches neither a special command nor the name of a defined function, a new process is created and an attempt is made to execute the command via exec(2).

The shell parameter PATH defines the search path for the directory containing the command. Alternative directory names are separated by a colon (:). The default path is /usr/bin:. The current directory is specified by a null path name, which can appear immediately after the equal sign, between two colon delimiters anywhere in the path list, or at the end of the path list. If the command name contains a / the search path is not used; such commands will not be executed by the restricted shell. Otherwise, each directory in the path is searched for an executable file. If the file has execute permission but is not an a.out file, it is assumed to be a file containing shell commands. A sub-shell is spawned to read it. A parenthesized command is also executed in a sub-shell.

For shell script files, in order for the ``set user ID on execution'' and/or the ``set group ID on execution'' mode to be effective, the first line of the file must be

   #! /sbin/sh 

The location in the search path where a command was found is remembered by the shell (to help avoid unnecessary execs later). If the command was found in a relative directory, its location must be re-determined whenever the current directory changes. The shell forgets all remembered locations whenever the PATH variable is changed or the hash -r command is executed (see below).

Special commands

Input/output redirection is now permitted for these commands. File descriptor 1 is the default output location. When job control is enabled, additional special commands are added to the shell's environment (see ``Job control'').

:
No effect; the command does nothing. A zero exit code is returned.

. file
Read and execute commands from file and return. The search path specified by PATH is used to find the directory containing file.

break [n]
Exit from the enclosing for or while loop, if any. If n is specified, break n levels.

continue [n]
Resume the next iteration of the enclosing for or while loop. If n is specified, resume at the n-th enclosing loop.

cd [arg]
Change the current directory to arg. The shell parameter HOME is the default arg. The shell parameter CDPATH defines the search path for the directory containing arg. Alternative directory names are separated by a colon (:). The default path is <null> (specifying the current directory).


NOTE: The current directory is specified by a null path name, which can appear immediately after the equal sign or between the colon delimiters anywhere else in the path list.

If arg begins with a / the search path is not used. Otherwise, each directory in the path is searched for arg. The cd command may not be executed by /usr/lib/rsh.

echo [arg ... ]
Echo arguments. See echo(1) for usage and description.

eval [arg ... ]
The arguments are read as input to the shell and the resulting command(s) executed.

exec [arg ... ]
The command specified by the arguments is executed in place of this shell without creating a new process. Input/output arguments may appear and, if no other arguments are given, cause the shell input/output to be modified.

exit [n]
Causes a shell to exit with the exit status specified by n. If n is omitted the exit status is that of the last command executed (an end-of-file will also cause the shell to exit.)

export [name ... ]
The given names are marked for automatic export to the ``environment'' of subsequently executed commands. If no arguments are given, variable names that have been marked for export during the current shell's execution are listed. (Variable names exported from a parent shell are listed only if they have been exported again during the current shell's execution.) Function names are not exported.

getopts
Use in shell scripts to support command syntax standards (see intro(1)); it parses positional parameters and checks for legal options. See getopts(1) for usage and description.

hash [ -r] [name ... ]
For each name, the location in the search path of the command specified by name is determined and remembered by the shell. The -r option causes the shell to forget all remembered locations. If no arguments are given, ``hits'' and ``cost'' information about remembered commands is presented. Hits is the number of times a command has been invoked by the shell process. Cost is a measure of the work required to locate a command in the search path. If a command is found in a relative directory in the search path, after changing to that directory, the stored location of that command is recalculated. Commands for which this will be done are indicated by an asterisk (*) adjacent to the hits information. Cost will be incremented when the recalculation is done.

mldmode

mldmode -r [string]

mldmode -v [string]
This command is available only if the Enhanced Security Utilities are installed. With no arguments, the current multilevel directory (MLD) mode is reported. If -r alone is specified, the MLD mode of the interactive shell is changed to real mode. If -v alone is specified, the MLD mode of the interactive shell is changed to virtual mode. If the -r or -v option is followed by a string specifying a command, that command alone is executed in the specified MLD mode. The default mode upon login is virtual mode.

newgrp [arg ]
Equivalent to exec newgrp arg. See newgrp(1M) for usage and description.

priv [ +|-priv_name . . . ] set_name [ . . . ]
For each set_name, priv sets or displays the privileges contained in that privilege set. set_name may be either ``max'' for the maximum privilege set or ``work'' for the working set. priv_name is the name of a privilege. If priv_names are supplied, priv scans the list and turns off thoses privileges that are preceded by a minus sign and turns on those that are preceded by a plus sign in each of the sets listed. If no priv_names are supplied, the priv command prints the current list of privileges for each of the requested sets.

The values for priv_name are:

allprivs
Represents all possible privileges.

audit
Required to manipulate the security audit mechanisms.

auditwr
Required to write miscellaneous audit records to the audit trail.

compat
Overrides specific restrictions that are imposed solely for the confinement of covert channels.

core
Required to dump a core image of a process that is either privileged, setuid, or setgid. This privilege is not required to dump the core image of a process that does not meet the above conditions.

dacread
Overrides Discretionary Access Control (DAC) restrictions but only for operations that do not alter objects (that is, read and execute permissions). See ``Access permissions'' below.

dacwrite
Overrides Discretionary Access Control restrictions but only for operations that alter objects (that is, write permission). See ``Access permissions'' below.

dev
Required to set or get device security attributes to change the device level when it is in private state, and to access a device when it is in private state. This privilege is also used for special ioctl for window management and to download trusted software to a terminal driver.

driver
Provides compatibility with device drivers developed by third party vendors. It is used when a sensitive operation needs to be limited to a privileged process.

filesys
Required for privileged operations on a file system that have relatively low sensitivity, including the creation of links to directories, setting the effective root directory, and making special files.

fsysrange
Override file system range restrictions.

loadmod
Required to perform selective operations associated with loadable modules.

macread
Overrides Mandatory Access Control (MAC) restrictions but only for certain operations that do not alter objects. See ``Access permissions'' below.

macwrite
Overrides Mandatory Access Control restrictions that involve the alteration of objects or other MAC-related attributes. See ``Access permissions'' below.

macupgrade
Allows processes to upgrade (change the existing level to a new dominating level) files.

mount
Mount or unmount a file system or set and get the ceiling level of a file system.

multidir
Required for creation of multilevel directories.

owner
Required to change the attributes of a file (that is, information kept in the file's inode) that is not owned by the effective uid of the calling process. See ``Access permissions'' below.

plock
Required to lock a process in memory.

setflevel
Required to change the security level of objects (for block or character special files that are in the public state only), subject to some restrictions.

setplevel
Required to change the security level of a process (including the process's own level), subject to some restrictions.

setspriv
Administrative privilege required to set the inheritable and fixed privileges on files. This privilege overrides access and ownership restrictions.

setuid
Required in order to set the real and effective user and group ID of a process.

setupriv
Privilege required for an otherwise unprivileged process to set the inheritable and fixed privileges on a file. This privilege does not override access or ownership restrictions.

sysops
Required to perform several general system operations that have only minor security implications.

tshar
Required to raise the priority of a time sharing process or to set the user priority limit to a value greater than 0.

rtime
Required by processes that do real-time operations.

Access Permissions:

  • Access permissions are associated with the priv_name entries.

  • Access checking is performed whenever a subject (such as a process) tries to access an object (such as a file or directory). Permission to access an object is granted or denied on the basis of mode bits.

  • The mode bits are known as Discretionary Access Control (DAC). Mandatory Access Control (MAC) privileges are defined; however, they may not be supported on the system you are using.

  • The standard file access permission bit checks are performed to determine if the process requesting access to the object has permission to access it in the manner (read, write, and/or execute/search) requested. Each access mode requested is checked separately using the following algorithm:

  • If the effective user ID of the process is equal to the user ID of the owner of the file, and the requested access mode bit is set in the ``owner'' bits of the mode, access is granted; otherwise access checking continues.

  • If the effective group ID (or any of the supplementary group ID of the process) matches the owning group of the file and the requested access mode bit is set in the ``group'' bits of the mode, access is granted; otherwise, access checking continues.

  • If the above checks fail, and the requested access mode bit is set in the ``other'' bits of the mode, access is granted; otherwise, access is denied (EACCES is returned).

  • These checks are performed on every component of the pathname, including the object itself. If any of the checks fail, the privileges of the calling process are examined to determine if the calling process has the appropriate privilege for the mode requested (dacread for read and execute/search access, dacwrite for write access).

Example: This example adds owner and audit privileges and deletes dacread privilege from the working set:

   priv +owner +audit -dacread work 

pwd
Print the current working directory. See pwd(1) for usage and description.

read [-r] name ...
One line is read from the standard input and, using the internal field separator, IFS, to delimit word boundaries, the first word is assigned to the first name, the second word to the second name, etc., with leftover words assigned to the last name. If -r is not specified, lines can be continued using \newline and characters other than newline can be quoted by preceding them with a backslash. These backslashes are removed before words are assigned to names, and no interpretation is done on the character that follows the backslash. If -r is specified, backslashes are treated as normal characters, so are not removed from the input, nor do they affect the next character. The return code is 0, unless an end-of-file is encountered.

readonly [name ... ]
The given names are marked readonly and the values of the these names may not be changed by subsequent assignment. If no arguments are given, a list of all readonly names is printed.

return [n]
Causes a function to exit with the return value specified by n. If n is omitted, the return status is that of the last command executed.

set [ --aefhkntuvx [arg ... ] ]

-a
Mark variables which are modified or created for export.

-e
Exit immediately if a command exits with a non-zero exit status.

-f
Disable filename generation.

-h
Locate and remember function commands as functions are defined (function commands are normally located when the function is executed).

-k
All keyword arguments are placed in the environment for a command, not just those that precede the command name.

-n
Read commands but do not execute them.

-t
Exit after reading and executing one command.

-u
Treat unset variables as an error when substituting.

-v
Print shell input lines as they are read.

-x
Print commands and their arguments as they are executed.

--
Do not change any of the flags; useful in setting $1 to -.

Using
+ rather than - causes these flags to be turned off. These flags can also be used upon invocation of the shell. The current set of flags may be found in $-. The remaining arguments are positional parameters and are assigned, in order, to $1, $2, .... If no arguments are given the values of all names are printed.

shift [n]
The positional parameters from $n+1 ... are renamed $1 ... . If n is not given, it is assumed to be 1.

test
Evaluate conditional expressions. See test(1) for usage and description.

times
Print the accumulated user and system times for processes run from the shell.

trap [arg] [n] ...
The command arg is to be read and executed when the shell receives, n, numeric or symbolic signal(s).


NOTE: arg is scanned once when the trap is set and once when the trap is taken.

Trap commands are executed in order of signal number or corresponding symbolic names. Any attempt to set a trap on a signal that was ignored on entry to the current shell is ineffective. An error results when an attempt is made to trap on any of the following three signals:

  1. signal 11 (SIGSEV--segmentation fault);

  2. signal 14 (SIGALRM--alarm clock);

  3. signal 18 (SIGCHILD--child status changed).
If arg is absent all trap(s) n are reset to their original values. If arg is the null string this signal is ignored by the shell and by the commands it invokes. If n is 0 the command arg is executed on exit from the shell. The trap command with no arguments prints a list of commands associated with each signal number.

type [name ... ]
For each name, indicate how it would be interpreted if used as a command name.

ulimit [ -[HS][a | cdfnstv] ]

ulimit [ -[HS][c | d | f | n | s | t | v] ] limit
ulimit prints or sets hard or soft resource limits. These limits are described in getrlimit(2).

If limit is not present, ulimit prints the specified limits. Any number of limits may be printed at one time. The -a option prints all limits.

If limit is present, ulimit sets the specified limit to limit. The string ``unlimited'' requests the largest valid limit. Limits may be set for only one resource at a time. Any user may set a soft limit to any value below the hard limit. Any user may lower a hard limit. Only a privileged user may raise a hard limit.

The -H option specifies a hard limit. The -S option specifies a soft limit. If neither option is specified, ulimit will set both limits and print the soft limit.

The following options specify the resource whose limits are to be printed or set. If no option is specified, the file size limit is printed or set.

-c
maximum core file size (in 512-byte blocks)

-d
maximum size of data segment or heap (in kbytes)

-f
maximum file size (in 512-byte blocks)

-n
maximum file descriptor plus 1

-s
maximum size of stack segment (in kbytes)

-t
maximum CPU time (in seconds)

-v
maximum size of virtual memory (in kbytes)

umask [ -S ] [mask]
The user file-creation mask is set by mask. If mask is omitted, the current value of the mask is printed. If -S is specified, the mask is printed in symbolic form, otherwise it is printed in octal form. See umask(1) for further details.

unset [name ... ]
For each name, remove the corresponding variable or function value. The variables PATH, PS1, PS2, MAILCHECK, and IFS cannot be unset.

wait [pid ... ]
Wait for your background processes whose process IDs are the values of pid and return the termination status of the final pid. If pid is omitted, all your shell's currently active background processes are waited for and the return code will be zero. See wait(1) for further details.

Invocation

If the shell is invoked through exec(2) and the first character of argument zero is -, commands are initially read from /etc/profile and from $HOME/.profile, if such files exist. Thereafter, commands are read as described below, which is also the case when the shell is invoked as /usr/bin/sh. The flags below are interpreted by the shell on invocation only. Note that unless the -c or -s flag is specified, the first argument is assumed to be the name of a file containing commands, and the remaining arguments are passed as positional parameters to that command file:

-c string
If the -c flag is present commands are read from string.

-i
If the -i flag is present or if the shell input and output are attached to a terminal, this shell is ``interactive''. In this case SIGTERM is ignored (so that kill 0 does not kill an interactive shell) and SIGINT is caught and ignored (so that wait is interruptible). In all cases, SIGQUIT is ignored by the shell.

-p
If the -p flag is present, the shell will not set the effective user and group IDs to the real user and group IDs. If the -p flag is not present, the shell will set the effective user ID to the real user ID if the effective user ID is <100, and the shell will set the effective group ID to the real group ID if the effective group ID is <100 and not equal to 1.

-r
If the -r flag is present the shell is a restricted shell.

-s
If the -s flag is present or if no arguments remain, commands are read from the standard input. Any remaining arguments specify the positional parameters. Shell output (except for special commands) is written to file descriptor 2.
The remaining flags and arguments are described under the set command above.

Job control (jsh)

When the shell is invoked as jsh, job control is enabled in addition to all of the functionality described previously for sh. Typically job control is enabled for the interactive shell only. Non-interactive shells typically do not benefit from the added functionality of job control.

With job control enabled every command or pipeline the user enters at the terminal is called a ``job''. All jobs exist in one of the following states: foreground, background or stopped. These terms are defined as follows:

  1. a job in the foreground has read and write access to the controlling terminal;

  2. a job in the background is denied read access and has conditional write access to the controlling terminal (see stty(1));

  3. a stopped job is a job that has been placed in a suspended state, usually as a result of a SIGTSTP signal (see signal(5)).
Jobs in the foreground can be stopped by interrupt (SIGINT) or quit (SIGQUIT) signals from the keyboard; background jobs cannot be stopped by these signals.

Every job that the shell starts is assigned a positive integer, called a ``job number'' that is tracked by the shell and is used as an identifier for a specific job. Additionally, the shell keeps track of the ``current'' and ``previous'' jobs. The current job is the most recent job to be started or restarted. The previous job is the first non-current job.

The acceptable syntax for a Job Identifier is of the form:

%jobid

where jobid may be specified in any of the following formats:

% or +
for the current job

-
for the previous job

?<string>
specify the job for which the command line uniquely contains string.

n
for job number n, where n is a job number

pref
where pref is a unique prefix of the command name (for example, if the command ls -l foo were running in the background, it could be referred to as %ls); pref cannot contain blanks unless it is quoted.

When job control is enabled, the following commands are added to the user's environment to manipulate jobs:

bg [%jobid ...]
Resumes the execution of a stopped job in the background. If %jobid is omitted the current job is assumed.

fg [%jobid ...]
Resumes the execution of a stopped job in the foreground, also moves an executing background job into the foreground. If %jobid is omitted the current job is assumed.

jobs [-p|-l] [%jobid . . .]

jobs -x command [arguments]
Reports all jobs that are stopped or executing in the background. If %jobid is omitted, all jobs that are stopped or running in the background will be reported. The following options will modify/enhance the output of jobs:

-l
Report the process group ID and working directory of the jobs.

-p
Report only the process group ID of the jobs.

-x
Replace any jobid found in command or arguments with the corresponding process group ID, and then execute command passing it arguments.

kill [-s signal] %jobid ...

kill -l [status]

kill [-signal] %jobid ...
Builtin version of kill to provide the functionality of the kill(1) command for processes identified with a jobid. See kill(1) for the other functionality.

stop %jobid ...
Stops the execution of a background job(s).

suspend
Stops the execution of the current shell (but not if it is the login shell).

wait [%jobid ...]
wait builtin accepts a job identifier. If %jobid is omitted wait behaves as described above under Special Commands.

Restricted shell (/usr/lib/rsh) only

/usr/lib/rsh is used to set up login names and execution environments whose capabilities are more controlled than those of the standard shell. The actions of /usr/lib/rsh are identical to those of sh, except that the following are disallowed:

The restrictions above are enforced after .profile is interpreted.

A restricted shell can be invoked in one of the following ways:

  1. rsh is the filename part of the last entry in the /etc/passwd file (see passwd(4));

  2. the environment variable SHELL exists and rsh is the filename part of its value;

  3. the shell is invoked and rsh is the filename part of argument 0;

  4. the shell is invoked with the -r option.
When a command to be executed is found to be a shell procedure, /usr/lib/rsh invokes sh to execute it. Thus, it is possible to provide to the end-user shell procedures that have access to the full power of the standard shell, while imposing a limited menu of commands; this scheme assumes that the end-user does not have write and execute permissions in the same directory.

The net effect of these rules is that the writer of the .profile (see profile(4)) has complete control over user actions by performing guaranteed setup actions and leaving the user in an appropriate directory (probably not the login directory).

The system administrator often sets up a directory of commands (for example, /usr/rbin) that can be safely invoked by a restricted shell. Some systems also provide a restricted editor, red.

Files

/etc/profile

$HOME/.profile

/tmp/sh*

/dev/null

/usr/lib/locale/locale/LC_MESSAGES/uxcore.abi
language-specific message file (see LANG on environ(5)).

Exit codes

Errors detected by the shell, such as syntax errors, cause the shell to return a non-zero exit status. If the shell is being used non-interactively execution of the shell file is abandoned. Otherwise, the shell returns the exit status of the last command executed (see also the exit command above).

jsh only

If the shell is invoked as jsh and an attempt is made to exit the shell while there are stopped jobs, the shell issues one warning:
   there are stopped jobs 

This is the only message. If another exit attempt is made, and there are still stopped jobs they will be sent a SIGHUP signal from the kernel and the shell is exited.

References

cd(1), dup(2), echo(1), environ(5), exec(2), fork(2), getopts(1), getrlimit(2), intro(1), intro(2), ksh88(1), ksh(1), login(1), newgrp(1M), pipe(2), profile(4), pwd(1), setlocale(3C), signal(5), stty(1), test(1), ulimit(2), umask(1), wait(1)

Notices

Words used for filenames in input/output redirection are not interpreted for filename generation (see ``Filename generation'', above). For example,
   cat file1 >a* 
will create a file named a*.

Because commands in pipelines are run as separate processes, variables set in a pipeline have no effect on the parent shell.

If you get the error message

   UX:sh:ERROR:cannot fork, too many processes 
try using the wait(1) command to clean up your background processes. If this doesn't help, the system process table is probably full or you have too many active foreground processes. (There is a limit to the number of process ids associated with your login, and to the number the system can keep track of.)

Only the last process in a pipeline can be waited for.

If a command is executed, and a command with the same name is installed in a directory in the search path before the directory where the original command was found, the shell will continue to exec the original command. Use the hash command to correct this situation. Prior to Release 4, the rsh command invoked the restricted shell. This restricted shell command is /usr/lib/rsh and it can be executed by using the full pathname. Beginning with Release 4, the rsh command is the remote shell (see rsh(1tcp)).

POSIX.2 states that assignments are performed from the beginning of the command text to the end. Therefore, the order of evaluation for variable assignments is changed to use left to right expansion rules.


30 January 1998
© 1998 The Santa Cruz Operation, Inc. All rights reserved.