You may have noticed that most shell and perl script starts with the following line:
#!/bin/bash
OR
#!/usr/bin/perl
It is called a shebang. It consists of a number sign and an exclamation point character (#!), followed by the full path to the interpreter such as /bin/bash. All scripts under UNIX and Linux execute using the interpreter specified on a first line.
However there is a small problem. BASH or Perl is not always in the same location (read as PATH) such as /bin/bash or /usr/bin/perl. If you want to make sure that script is portable across different UNIX like operating system you need to use /usr/bin/env command.
env command allows to run a program in a modified environment.
Find line
#!/bin/bash
Replace with
#!/usr/bin/env bash
For example here is a small script:
#!/usr/bin/env bash
x=5
y=10
echo "$x and $y"OR
#!/usr/bin/env perl
use warnings;
print "Hello " x 5;
print "\\n";Now you don’t have to search for a program via the PATH environment variable. This makes the script more portable. Also note that it is not foolproof method. Always make sure you have /usr/bin/env exists or use a softlink/symbolic link to point it to correct path. And yes your work (script) looks more professional with this hack :)
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 11 comments… read them below or add one }
I am confused.
Why is /usr/bin/env more portable than /bin/bash.
Besides on most linux distros bash is found in /bin, but env is not guaranteed to be found under /usr/bin.
e.g. in my case (FC5) env is under /bin.
My point is , which ever way you need to know the absolute path to either env, or bash, so why bother ?
If you move from Linux distro to BSD you will see bash is located at /usr/local/bin/bash OR to Solaris you will see bash at /opt or some other location. Instead of adjusting all the location admin can create a /usr/bin/env softlink and problem solved. Just imagine you have 100s of shell and perl scripts…
This is not just about Linux. It is about running a script under different UNIX like oses.
Thanks for “shebang” and its explanation. Its really helpful.
The only problem I have with env, that on some systems lacking ‘use warnings’, I can’t pass ‘-w’ on command line. Or is it possible somehow?
You can pass /bin/path/to/mybinary -w
I do not feel very comfortable with the security aspects of this hack.
It may be more portable but it reduces control.
Bash and other shells are hardened so that they can be used for admin jobs withstanding tampering efforts by non root users.
Using the described “env” solution may introduce vulnerabilities which are difficult to oversee or analyze.
Instead of linking env and using it to deal with compatibity I rather add compatibility links to my systems which link bash or perl to a uniform location e.g. ln -s /usr/local/bin/bash /bin/bash
Terrible advice. Do not do this. Portability should stem from your installion routines, not some security and design problem causing hack.
@Terrible
You could be correct, but I’d like to hear your opinion of why exactly is it more harmful?
Well, it runs the command, perl for example, like you would run perl by hand – so I assume it searches via PATH – I can see that individual user may then create executable ‘perl’ of his own under his home directory and change PATH so that env will call that… However that already means that user in question is doing this on purpose, in which case he could just call the harmful program himself – no need to even include the script, perl nor env on that and if done that way it would not affect other users which would still get to run the script as intended.
However security and holes in it can be complex issues and I’m not a professional at all… If indeed using env is more of a possible security issue than creating shebang pointing right to correct interpreter in install routine I would love to learn why exactly is it safer, about possible security issues in using env, etc.
I would think that when installed system wide both ways would be as safe – and one trying to do harm could install the whole software locally under his home directory anyway but could not alter what is ran when other users call the script in question – not understanding makes me even more curious, but most importantly I want to ensure security…
Even the official python tutorial website is using:
#! /usr/bin/env python
http://docs.python.org/tutorial/interpreter.html
Here’s an idea, instead of wasting cpu and peoples time, suggest a link to /bin/bash always. This stupid idea of using env command is a waste of the unix operating system.
Symbolic links were created to solve problems exactly like this. Some idiot came up with the great idea to make it more complicated by suggesting a link to bin env… I swear this is absolutely retarded.
Quit being lazy and put a proper link in /bin. What is the point in spawning processes you don’t need? More professional? According to who? The idiots who never wrote a single program of assembler code in their life? The idiots who couldn’t write a bash script to remove duplicate words from a list without resorting to external commands?
Oh yeah, you must mean those idiots…. The one’s who couldn’t code their way out of wet paper sack.
And another thing, if its really that important to be portable, and you can’t create a link in /bin then your scripts need to be auto-generated on-site with the proper header line.
Quit wasting resources and practice efficiency. Wastefulness is a bad habit that not only adds up, but is certain to be a perpetual mistake.