Perform shell script analysis using shellcheck, a shell script static analysis tool.
Installation
Install shellcheck.
$ sudo apt install shellcheck
Display a summary of the command-line usage.
$ shellcheck
No files specified. Usage: shellcheck [OPTIONS...] FILES... -a --check-sourced Include warnings from sourced files -C[WHEN] --color[=WHEN] Use color (auto, always, never) -e CODE1,CODE2.. --exclude=CODE1,CODE2.. Exclude types of warnings -f FORMAT --format=FORMAT Output format (checkstyle, gcc, json, tty) -s SHELLNAME --shell=SHELLNAME Specify dialect (sh, bash, dash, ksh) -V --version Print version information -x --external-sources Allow 'source' outside of FILES
Sample output
This shell script was created in 2005 and is obsolete now, but will serve as a good example.
#!/bin/sh
#
# Warning! Do not use!
# I wrote this script in 2005 so it is oboslete.
# I have spent a lot of great time using FreeBSD ;)
#
# Plik: neo
#
# Info:
# Skrypt startowy (rc) połączenia dla użytkowników Neostrady.
#
# Parametry:
# start - połącz się
# restart - restart połączenia (cron)
# beonline - stara się zapewnić nieprzerwane połączenie (cron)
# stop - zatrzymaj połączenie
#
# Zmienne:
# modem_driver - określa położenie firmware'u
# ppp_flags - parametry polecenia ppp
# modem_run_flags - parametry polecenia modem_run
# ...
#
# Konfiguracja:
# echo 'neo_enable="yes"' >> /etc/rc.conf
# echo 'modem_driver="/etc/ppp/st330"' >> /etc/rc.conf
#
# Konfiguracja cron'a:
# */5 * * * * root /etc/rc.d/neo beonline
#
# Komentarz:
# Paremetry "start" oraz "stop" służą do rozpoczęcia i zakończenia połaczenia.
# Parametr restart przeznaczony jest do okresowego restartowania połaczenia
# używając cron'a (tylko z założenia), natomiast "beonline" służy
# do restartowania połączenia w przypadku jego utraty (ping), aktualizacji (ppp -ddial)
# i również przeznaczony jest dla cron'a.
#
# Konfiguracja wymaga skopiowania skrytpu do katalogu /etc/rc.d/
# i zdefiniowania w pliku /etc/rc.conf zmiennych neo_enable oraz modem_driver.
#
# Dla skryptów startowych wymagających wcześniejszego połączenia z siecią
# należy zmodyfikować regułę REQUIRE dodając parametr neo.
#
# milosz.galazka@gmail.com
#
#
# PROVIDE: neo
# REQUIRE: netif mountcrit local
# KEYWORD: nojail
#
. /etc/rc.subr
modem_driver=${modem_driver:-"/etc/ppp/st330"}
name="neo"
rcvar=`set_rcvar`
extra_commands="beonline"
start_cmd="neo_start"
stop_cmd="neo_stop"
restart_cmd="neo_start"
beonline_cmd="neo_beonline"
#Polecenia
sh_command=${sh_command:-"/bin/sh"}
kill_command=${kill_command:-"/bin/kill"}
basename_command=${basename:-"/usr/bin/basename"}
xauth_command=${xauth_command:-"/usr/X11R6/bin/xauth"}
hostname_command=${hostname_command:-"/bin/hostname"}
domainname_command=${domainname_command:-"/bin/domainname"}
grep_command=${grep_command:-"/usr/bin/grep"}
ifconfig_command=${ifconfig_command:-"/sbin/ifconfig"}
awk_command=${awk_command:-"/usr/bin/awk"}
expr_command=${expr_command:-"/bin/expr"}
route_command=${route_command:-"/sbin/route"}
chown_command=${chown_command:-"/usr/sbin/chown"}
rm_command=${rm_command:-"/bin/rm"}
modem_run_command=${modem_run_command:-"/usr/sbin/modem_run"}
modem_run_flags=${modem_run_flags:-"-f"}
ppp_command=${ppp_command:-"/usr/sbin/ppp"}
ppp_flags=${ppp_flags:-"-quiet -ddial adsl"}
ppp_iface=${ppp_iface:-"tun0"}
ping_command=${ping_command:-"/sbin/ping"}
ping_flags=${ping_flags:-"-c1"}
ping_host=${ping_host:-"www.wp.pl"}
# Funkcja odpowiedzialna za restart firewall'a
# Wymaga dostrojenia do własnych potrzeb
neo_firewall(){
$sh_command /etc/rc.firewall
}
# Funkcja odpowiedzialna za wczytanie firmware'u
neo_driver_load(){
local modem_run_check
modem_run_check=`check_process $modem_run_command`
echo -n "Neo driver: "
if [ -z "$modem_run_check" ]; then
echo "loading"
$modem_run_command $modem_run_flags $modem_driver >/dev/null
else
echo "already loaded"
fi
}
# Funkcja sprawdzająca, czy mamy połączenie
# sprawdzając proces ppp
neo_connection_check(){
local ppp_check
ppp_check=`check_process $ppp_command`
if [ -n "$ppp_check" ]; then
echo "wait"
fi
}
# Funkcja wywołująca ppp
neo_connection_start(){
$ppp_command $ppp_flags 2>/dev/null
}
# Funkcja zatrzymująca ppp
neo_connection_stop(){
local ppp_pid
ppp_pid=`check_process $ppp_command`
if [ -n "$ppp_pid" ]; then
$kill_command $sig_stop $ppp_pid 2>/dev/null
wait_for_pids $ppp_pid > /dev/null
fi
}
# Funkcja pobierająca adres ip
# Zwraca pusty string w przypadku niepowodzenia
neo_ip_get(){
local ip="";
local ppp_loop=1
while [ -z "$ip" ] && [ "$ppp_loop" -le 12 ]; do
sleep 4
ip=`$ifconfig_command $ppp_iface | $grep_command netmask | $awk_command '/inet/ {print $2}'`
ppp_loop=`$expr_command $ppp_loop \+ 1`
done
if [ "$ppp_loop" -eq "13" ]; then
echo ""
exit 1
fi
echo $ip
}
# Funkcja odpowiedzialna za czynności po wykonaniu połączenia
# Wymaga dostrojenia do własnych potrzeb
neo_postconfigure(){
# Pobierz adres IP
local ip=""
local hostname=""
local name_stat=""
ip=`neo_ip_get`
while [ -z "$ip" ]; do
echo "Error"
sleep 10
exit 1
done
echo "IP: " $ip
# Firewall
echo "Firewall: configuring"
neo_firewall 2> /dev/null
# Pobranie nowej nazwy hosta oraz wywołanie poleceń
# hostname, domainname
hostname=""
while [ -z "$hostname" ]; do
hostname=`$route_command get $ip | $awk_command '/route/ {print $3}'`
if [ -n $hostname ]; then
name_stat=`echo $hostname | $grep_command "tpnet.pl"`
if [ -z "$name_stat" ]; then
hostname=${hostname}.neoplus.adsl.tpnet.pl
fi
else
sleep 2
fi
done
echo "Hostname: " $hostname
$hostname_command $hostname
$domainname_command $hostname
# Restart określonych usług po zmianie adresu IP
#if [ -n "$ppp_restarted" ]; then
#fi
# X'y + xauth
# Aktualizacja .Xauthority
local xauth_file=/home/milosz/.Xauthority
local mcookie=`dd if=/dev/urandom bs=16 count=1 2>/dev/null | hexdump -e \\"%08x\\"`
$rm_command $xauth_file
$xauth_command -f $xauth_file add $hostname:0 MIT-MAGIC_COOKIE-1 $mcookie 2>/dev/null
$xauth_command -f $xauth_file add $hostname/unix:0 MIT-MAGIC-COOKIE-1 $mcookie 2>/dev/null
$chown_command milosz:milosz $xauth_file
}
# Funkcja oficjalnie rozpoczynająca połączenie
neo_start()
{
local ppp_loop=1
local ppp_check=""
local ip=""
if [ -f "$modem_driver" ]; then
neo_driver_load
ppp_check=`neo_connection_check`
echo -n "Connection: "
if [ -n "$ppp_check" ]; then
echo "restarting"
neo_connection_stop
ppp_restarted=1
while [ "$ppp_check" = "wait" ]; do
if [ "$ppp_loop" -eq "13" ]; then
echo "Error: IP address not assigned"
sleep 10
exit 1
fi
sleep 3
ppp_check=`neo_connection_check`
ppp_loop=`$expr_command $ppp_loop \+ 1`
done
else
echo "starting"
fi
neo_connection_start
ip=`neo_ip_get`
echo $ip > /var/run/neo_ip
neo_postconfigure
fi
}
# Funkcja oficjalnie zatrzymująca połączenie
neo_stop(){
echo "Connection: stopped"
neo_connection_stop 2>/dev/null
}Static analysis.
$ shellcheck freebsd_neo.sh
In freebsd_neo.sh line 52:
. /etc/rc.subr
^-- SC1091: Not following: /etc/rc.subr was not specified as input (see shellcheck -x).
In freebsd_neo.sh line 57:
rcvar=`set_rcvar`
^-- SC2034: rcvar appears unused. Verify use (or export if used externally).
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 58:
extra_commands="beonline"
^-- SC2034: extra_commands appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 59:
start_cmd="neo_start"
^-- SC2034: start_cmd appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 60:
stop_cmd="neo_stop"
^-- SC2034: stop_cmd appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 61:
restart_cmd="neo_start"
^-- SC2034: restart_cmd appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 62:
beonline_cmd="neo_beonline"
^-- SC2034: beonline_cmd appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 68:
basename_command=${basename:-"/usr/bin/basename"}
^-- SC2034: basename_command appears unused. Verify use (or export if used externally).
In freebsd_neo.sh line 99:
local modem_run_check
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 101:
modem_run_check=`check_process $modem_run_command`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 102:
echo -n "Neo driver: "
^-- SC2039: In POSIX sh, echo flags are undefined.
In freebsd_neo.sh line 105:
$modem_run_command $modem_run_flags $modem_driver >/dev/null
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 114:
local ppp_check
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 116:
ppp_check=`check_process $ppp_command`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 124:
$ppp_command $ppp_flags 2>/dev/null
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 129:
local ppp_pid
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 131:
ppp_pid=`check_process $ppp_command`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 133:
$kill_command $sig_stop $ppp_pid 2>/dev/null
^-- SC2154: sig_stop is referenced but not assigned.
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 134:
wait_for_pids $ppp_pid > /dev/null
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 141:
local ip="";
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 142:
local ppp_loop=1
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 145:
ip=`$ifconfig_command $ppp_iface | $grep_command netmask | $awk_command '/inet/ {print $2}'`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2016: Expressions don't expand in single quotes, use double quotes for that.
In freebsd_neo.sh line 146:
ppp_loop=`$expr_command $ppp_loop \+ 1`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 153:
echo $ip
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 161:
local ip=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 162:
local hostname=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 163:
local name_stat=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 165:
ip=`neo_ip_get`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 173:
echo "IP: " $ip
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 183:
hostname=`$route_command get $ip | $awk_command '/route/ {print $3}'`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2016: Expressions don't expand in single quotes, use double quotes for that.
In freebsd_neo.sh line 185:
if [ -n $hostname ]; then
^-- SC2070: -n doesn't work with unquoted arguments. Quote or use [[ ]].
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 186:
name_stat=`echo $hostname | $grep_command "tpnet.pl"`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 195:
echo "Hostname: " $hostname
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 197:
$hostname_command $hostname
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 198:
$domainname_command $hostname
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 206:
local xauth_file=/home/milosz/.Xauthority
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 208:
local mcookie=`dd if=/dev/urandom bs=16 count=1 2>/dev/null | hexdump -e \\"%08x\\"`
^-- SC2039: In POSIX sh, 'local' is undefined.
^-- SC2155: Declare and assign separately to avoid masking return values.
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 210:
$xauth_command -f $xauth_file add $hostname:0 MIT-MAGIC_COOKIE-1 $mcookie 2>/dev/null
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 211:
$xauth_command -f $xauth_file add $hostname/unix:0 MIT-MAGIC-COOKIE-1 $mcookie 2>/dev/null
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 219:
local ppp_loop=1
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 220:
local ppp_check=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 221:
local ip=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 225:
ppp_check=`neo_connection_check`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 227:
echo -n "Connection: "
^-- SC2039: In POSIX sh, echo flags are undefined.
In freebsd_neo.sh line 240:
ppp_check=`neo_connection_check`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 241:
ppp_loop=`$expr_command $ppp_loop \+ 1`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 247:
ip=`neo_ip_get`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 248:
echo $ip > /var/run/neo_ip
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 261:
local ping_check
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 262:
ping_check=`$ping_command $ping_flags ${ping_host} 2>/dev/null | $grep_command "1 packets"` 2>/dev/null
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 263:
echo $ping_check
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 268:
local ping_check=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 269:
local ip=""
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 270:
local neo_ip
^-- SC2039: In POSIX sh, 'local' is undefined.
In freebsd_neo.sh line 271:
ping_check=`neo_ping_check` > /dev/null
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 276:
ip=`neo_ip_get`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 277:
if [ -f /var/run/neo_ip ] && [ -n `cat /var/run/neo_ip` ]; then
^-- SC2070: -n doesn't work with unquoted arguments. Quote or use [[ ]].
^-- SC2046: Quote this to prevent word splitting.
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 278:
neo_ip=`cat /var/run/neo_ip`
^-- SC2006: Use $(..) instead of legacy `..`.
In freebsd_neo.sh line 280:
echo $ip > /var/run/neo_ip
^-- SC2086: Double quote to prevent globbing and word splitting.
In freebsd_neo.sh line 281:
ppp_restarted=1
^-- SC2034: ppp_restarted appears unused. Verify use (or export if used externally).
Short examples
Other interesting messages.
if [ -n $hostname ]; then
^-- SC2070: -n doesn't work with unquoted arguments. Quote or use [[ ]].
^-- SC2086: Double quote to prevent globbing and word splitting.
cat /proc/${1}/environ | tr '\0' '\n' | tr -s '\n'
^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
^-- SC2086: Double quote to prevent globbing and word splitting.
dir=`echo $dir | tr -d '/'`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
trap "unlink $certificate_file" EXIT
^-- SC2064: Use single quotes, otherwise this expands now rather than when signalled.
if [ "$local_version" == "$most_recent_version" ]; then
^-- SC2039: In POSIX sh, == in place of = is undefined.
declare -i postition;
^-- SC2034: postition appears unused. Verify use (or export if used externally).
for file in `ls ${maildir}/`; do
^-- SC2045: Iterating over ls output is fragile. Use globs.
^-- SC2006: Use $(..) instead of legacy `..`.
In convert_mbox_to_maildir.sh line 22:
mkdir -p ${newdir}/${file}/{cur,new}
^-- SC2086: Double quote to prevent globbing and word splitting.
^-- SC2039: In POSIX sh, brace expansion is undefined.
for group in $*; do
^-- SC2048: Use "$@" (with quotes) to prevent whitespace problems.
temp_image="$(tempfile).png"
^-- SC2186: tempfile is deprecated. Use mktemp instead.
written_data=$(expr $written_data / 1024) # terabytes
^-- SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]].
^-- SC2086: Double quote to prevent globbing and word splitting.
trap "unlink $certificate_file" EXIT
^-- SC2064: Use single quotes, otherwise this expands now rather than when signalled.
if [ "$?" -eq "0" ]; then
^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
curl_command=`which curl`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2230: which is non-standard. Use builtin 'command -v' instead.
declare -i postition;
^-- SC2034: postition appears unused. Verify use (or export if used externally).
rm -rf ${newdir}/
^-- SC2115: Use "${var:?}" to ensure this never expands to / .
for file in `ls ${maildir}/`; do
^-- SC2045: Iterating over ls output is fragile. Use globs.
^-- SC2006: Use $(..) instead of legacy `..`.
#!/usr/bin/python ^-- SC1071: ShellCheck only supports sh/bash/dash/ksh scripts. Sorry!
if [ -n $hostname ]; then
^-- SC2070: -n doesn't work with unquoted arguments. Quote or use [[ ]].
^-- SC2086: Double quote to prevent globbing and word splitting.
first_letter=`echo ${output_image} | cut -c1`
^-- SC2006: Use $(..) instead of legacy `..`.
^-- SC2086: Double quote to prevent globbing and word splitting.
As you can see, it is worth incorporating shell script static analysis tools into the flow.