2021-05-11 02:29:21 +02:00
<!DOCTYPE HTML>
< html lang = "en" class = "sidebar-visible no-js light" >
< head >
<!-- Book generated using mdBook -->
< meta charset = "UTF-8" >
< title > Invocation - Zsh Manual< / title >
<!-- Custom HTML head -->
< meta content = "text/html; charset=utf-8" http-equiv = "Content-Type" >
< meta name = "description" content = "" >
< meta name = "viewport" content = "width=device-width, initial-scale=1" >
< meta name = "theme-color" content = "#ffffff" / >
< link rel = "icon" href = "favicon.svg" >
< link rel = "shortcut icon" href = "favicon.png" >
< link rel = "stylesheet" href = "css/variables.css" >
< link rel = "stylesheet" href = "css/general.css" >
< link rel = "stylesheet" href = "css/chrome.css" >
< link rel = "stylesheet" href = "css/print.css" media = "print" >
<!-- Fonts -->
< link rel = "stylesheet" href = "FontAwesome/css/font-awesome.css" >
< link rel = "stylesheet" href = "fonts/fonts.css" >
<!-- Highlight.js Stylesheets -->
< link rel = "stylesheet" href = "highlight.css" >
< link rel = "stylesheet" href = "tomorrow-night.css" >
< link rel = "stylesheet" href = "ayu-highlight.css" >
<!-- Custom theme stylesheets -->
< / head >
< body >
<!-- Provide site root to javascript -->
< script type = "text/javascript" >
var path_to_root = "";
var default_theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? "navy" : "light";
< / script >
<!-- Work around some values being stored in localStorage wrapped in quotes -->
< script type = "text/javascript" >
try {
var theme = localStorage.getItem('mdbook-theme');
var sidebar = localStorage.getItem('mdbook-sidebar');
if (theme.startsWith('"') & & theme.endsWith('"')) {
localStorage.setItem('mdbook-theme', theme.slice(1, theme.length - 1));
}
if (sidebar.startsWith('"') & & sidebar.endsWith('"')) {
localStorage.setItem('mdbook-sidebar', sidebar.slice(1, sidebar.length - 1));
}
} catch (e) { }
< / script >
<!-- Set the theme before any content is loaded, prevents flash -->
< script type = "text/javascript" >
var theme;
try { theme = localStorage.getItem('mdbook-theme'); } catch(e) { }
if (theme === null || theme === undefined) { theme = default_theme; }
var html = document.querySelector('html');
html.classList.remove('no-js')
html.classList.remove('light')
html.classList.add(theme);
html.classList.add('js');
< / script >
<!-- Hide / unhide sidebar before it is displayed -->
< script type = "text/javascript" >
var html = document.querySelector('html');
var sidebar = 'hidden';
if (document.body.clientWidth >= 1080) {
try { sidebar = localStorage.getItem('mdbook-sidebar'); } catch(e) { }
sidebar = sidebar || 'visible';
}
html.classList.remove('sidebar-visible');
html.classList.add("sidebar-" + sidebar);
< / script >
< nav id = "sidebar" class = "sidebar" aria-label = "Table of contents" >
< div class = "sidebar-scrollbox" >
< ol class = "chapter" > < li class = "chapter-item expanded " > < a href = "The-Z-Shell-Manual.html" > < strong aria-hidden = "true" > 1.< / strong > The Z Shell Manual< / a > < / li > < li class = "chapter-item expanded " > < a href = "Introduction.html" > < strong aria-hidden = "true" > 2.< / strong > Introduction< / a > < / li > < li class = "chapter-item expanded " > < a href = "Roadmap.html" > < strong aria-hidden = "true" > 3.< / strong > Roadmap< / a > < / li > < li class = "chapter-item expanded " > < a href = "Invocation.html" class = "active" > < strong aria-hidden = "true" > 4.< / strong > Invocation< / a > < / li > < li class = "chapter-item expanded " > < a href = "Files.html" > < strong aria-hidden = "true" > 5.< / strong > Files< / a > < / li > < li class = "chapter-item expanded " > < a href = "Shell-Grammar.html" > < strong aria-hidden = "true" > 6.< / strong > Shell Grammar< / a > < / li > < li class = "chapter-item expanded " > < a href = "Redirection.html" > < strong aria-hidden = "true" > 7.< / strong > Redirection< / a > < / li > < li class = "chapter-item expanded " > < a href = "Command-Execution.html" > < strong aria-hidden = "true" > 8.< / strong > Command Execution< / a > < / li > < li class = "chapter-item expanded " > < a href = "Functions.html" > < strong aria-hidden = "true" > 9.< / strong > Functions< / a > < / li > < li class = "chapter-item expanded " > < a href = "Jobs-_0026-Signals.html" > < strong aria-hidden = "true" > 10.< / strong > Jobs & Signals< / a > < / li > < li class = "chapter-item expanded " > < a href = "Arithmetic-Evaluation.html" > < strong aria-hidden = "true" > 11.< / strong > Arithmetic Evaluation< / a > < / li > < li class = "chapter-item expanded " > < a href = "Conditional-Expressions.html" > < strong aria-hidden = "true" > 12.< / strong > Conditional Expressions< / a > < / li > < li class = "chapter-item expanded " > < a href = "Prompt-Expansion.html" > < strong aria-hidden = "true" > 13.< / strong > Prompt Expansion< / a > < / li > < li class = "chapter-item expanded " > < a href = "Expansion.html" > < strong aria-hidden = "true" > 14.< / strong > Expansion< / a > < / li > < li class = "chapter-item expanded " > < a href = "Parameters.html" > < strong aria-hidden = "true" > 15.< / strong > Parameters< / a > < / li > < li class = "chapter-item expanded " > < a href = "Options.html" > < strong aria-hidden = "true" > 16.< / strong > Options< / a > < / li > < li class = "chapter-item expanded " > < a href = "Shell-Builtin-Commands.html" > < strong aria-hidden = "true" > 17.< / strong > Shell Builtin Commands< / a > < / li > < li class = "chapter-item expanded " > < a href = "Zsh-Line-Editor.html" > < strong aria-hidden = "true" > 18.< / strong > Zsh Line Editor< / a > < / li > < li class = "chapter-item expanded " > < a href = "Completion-Widgets.html" > < strong aria-hidden = "true" > 19.< / strong > Completion Widgets< / a > < / li > < li class = "chapter-item expanded " > < a href = "Completion-System.html" > < strong aria-hidden = "true" > 20.< / strong > Completion System< / a > < / li > < li class = "chapter-item expanded " > < a href = "Completion-Using-compctl.html" > < strong aria-hidden = "true" > 21.< / strong > Completion Using compctl< / a > < / li > < li class = "chapter-item expanded " > < a href = "Zsh-Modules.html" > < strong aria-hidden = "true" > 22.< / strong > Zsh Modules< / a > < / li > < li class = "chapter-item expanded " > < a href = "Calendar-Function-System.html" > < strong aria-hidden = "true" > 23.< / strong > Calendar Function System< / a > < / li > < li class = "chapter-item expanded " > < a href = "TCP-Function-System.html" > < strong aria-hidden = "true" > 24.< / strong > TCP Function System< / a > < / li > < li class = "chapter-item expanded " > < a href = "Zftp-Function-System.html" > < strong aria-hidden = "true" > 25.< / strong > Zftp Function System< / a > < / li > < li class = "chapter-item expanded " > < a href = "User-Contributions.html" > < strong aria-hidden = "true" > 26.< / strong > User Contributions< / a > < / li > < / ol >
< / div >
< div id = "sidebar-resize-handle" class = "sidebar-resize-handle" > < / div >
< / nav >
< div id = "page-wrapper" class = "page-wrapper" >
< div class = "page" >
< div id = "menu-bar-hover-placeholder" > < / div >
< div id = "menu-bar" class = "menu-bar sticky bordered" >
< div class = "left-buttons" >
< button id = "sidebar-toggle" class = "icon-button" type = "button" title = "Toggle Table of Contents" aria-label = "Toggle Table of Contents" aria-controls = "sidebar" >
< i class = "fa fa-bars" > < / i >
< / button >
< button id = "theme-toggle" class = "icon-button" type = "button" title = "Change theme" aria-label = "Change theme" aria-haspopup = "true" aria-expanded = "false" aria-controls = "theme-list" >
< i class = "fa fa-paint-brush" > < / i >
< / button >
< ul id = "theme-list" class = "theme-popup" aria-label = "Themes" role = "menu" >
< li role = "none" > < button role = "menuitem" class = "theme" id = "light" > Light (default)< / button > < / li >
< li role = "none" > < button role = "menuitem" class = "theme" id = "rust" > Rust< / button > < / li >
< li role = "none" > < button role = "menuitem" class = "theme" id = "coal" > Coal< / button > < / li >
< li role = "none" > < button role = "menuitem" class = "theme" id = "navy" > Navy< / button > < / li >
< li role = "none" > < button role = "menuitem" class = "theme" id = "ayu" > Ayu< / button > < / li >
< / ul >
< button id = "search-toggle" class = "icon-button" type = "button" title = "Search. (Shortkey: s)" aria-label = "Toggle Searchbar" aria-expanded = "false" aria-keyshortcuts = "S" aria-controls = "searchbar" >
< i class = "fa fa-search" > < / i >
< / button >
< / div >
< h1 class = "menu-title" > Zsh Manual< / h1 >
< div class = "right-buttons" >
< a href = "print.html" title = "Print this book" aria-label = "Print this book" >
< i id = "print-button" class = "fa fa-print" > < / i >
< / a >
2021-05-17 17:00:52 +02:00
2021-05-11 02:29:21 +02:00
< / div >
< / div >
< div id = "search-wrapper" class = "hidden" >
< form id = "searchbar-outer" class = "searchbar-outer" >
2021-05-17 17:00:52 +02:00
< input type = "search" id = "searchbar" name = "searchbar" placeholder = "Search this book ..." aria-controls = "searchresults-outer" aria-describedby = "searchresults-header" >
2021-05-11 02:29:21 +02:00
< / form >
< div id = "searchresults-outer" class = "searchresults-outer hidden" >
< div id = "searchresults-header" class = "searchresults-header" > < / div >
< ul id = "searchresults" >
< / ul >
< / div >
< / div >
<!-- Apply ARIA attributes after the sidebar and the sidebar toggle button are added to the DOM -->
< script type = "text/javascript" >
document.getElementById('sidebar-toggle').setAttribute('aria-expanded', sidebar === 'visible');
document.getElementById('sidebar').setAttribute('aria-hidden', sidebar !== 'visible');
Array.from(document.querySelectorAll('#sidebar a')).forEach(function(link) {
link.setAttribute('tabIndex', sidebar === 'visible' ? 0 : -1);
});
< / script >
< div id = "content" class = "content" >
< main >
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE - RUN doctoc TO UPDATE -->
< p > < strong > Table of Contents< / strong > < em > generated with < a href = "https://github.com/thlorenz/doctoc" > DocToc< / a > < / em > < / p >
< ul >
< li > < a href = "#4-invocation" > 4 Invocation< / a >
< ul >
< li > < a href = "#41-invocation" > 4.1 Invocation< / a > < / li >
< li > < a href = "#42-compatibility" > 4.2 Compatibility< / a > < / li >
< li > < a href = "#43-restricted-shell" > 4.3 Restricted Shell< / a > < / li >
< / ul >
< / li >
< / ul >
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
< p > < span id = "Invocation" > < / span > < span id = "Invocation-1" > < / span > < / p >
< h1 id = "4-invocation" > < a class = "header" href = "#4-invocation" > 4 Invocation< / a > < / h1 >
< p > < span id = "index-invocation" > < / span > < / p >
< hr / >
< p > < span id = "Invocation-2" > < / span > < / p >
< h2 id = "41-invocation" > < a class = "header" href = "#41-invocation" > 4.1 Invocation< / a > < / h2 >
< p > < span id = "index-shell-options" > < / span >
< span id = "index-options_002c-shell" > < / span >
< span id = "index-shell-flags" > < / span >
< span id = "index-flags_002c-shell" > < / span > < / p >
< p > The following flags are interpreted by the shell when invoked to
determine where the shell will read commands from:< / p >
< ul >
< li >
< p > < code > -c< / code > < br / >
Take the first argument as a command to execute, rather than reading
commands from a script or standard input. If any further arguments
are given, the first one is assigned to < code > $0< / code > , rather than being used
as a positional parameter.< / p >
< / li >
< li >
< p > < code > -i< / code > < br / >
Force shell to be interactive. It is still possible to specify a
script to execute.< / p >
< / li >
< li >
< p > < code > -s< / code > < br / >
Force shell to read commands from the standard input. If the < code > -s< / code >
flag is not present and an argument is given, the first argument is
taken to be the pathname of a script to execute.< / p >
< / li >
< / ul >
< p > If there are any remaining arguments after option processing, and
neither of the options < code > -c< / code > or < code > -s< / code > was supplied, the first argument is
taken as the file name of a script containing shell commands to be
executed. If the option < code > PATH_SCRIPT< / code > is set, and the file name does not
contain a directory path (i.e. there is no ‘ < code > /< / code > ’ in the name), first the
current directory and then the command path given by the variable < code > PATH< / code >
are searched for the script. If the option is not set or the file name
contains a ‘ < code > /< / code > ’ it is used directly.< / p >
< p > After the first one or two arguments have been appropriated as described
above, the remaining arguments are assigned to the positional
parameters.< / p >
< p > For further options, which are common to invocation and the < code > set< / code >
builtin, see < a href = "Options.html#Options" > Options< / a > .< / p >
< p > The long option ‘ < code > -``-emulate< / code > ’ followed (in a separate word) by an
emulation mode may be passed to the shell. The emulation modes are those
described for the < code > emulate< / code > builtin, see < a href = "Shell-Builtin-Commands.html#Shell-Builtin-Commands" > Shell Builtin
Commands< / a > . The
‘ < code > -``-emulate< / code > ’ option must precede any other options (which might
otherwise be overridden), but following options are honoured, so may be
used to modify the requested emulation mode. Note that certain extra
steps are taken to ensure a smooth emulation when this option is used
compared with the < code > emulate< / code > command within the shell: for example,
variables that conflict with POSIX usage such as < code > path< / code > are not defined
within the shell.< / p >
< p > Options may be specified by name using the < code > -o< / code > option. < code > -o< / code > acts like a
single-letter option, but takes a following string as the option name.
For example,< / p >
< div class = "example" >
< pre > < code class = "language-example" > zsh -x -o shwordsplit scr
< / code > < / pre >
< / div >
< p > runs the script < code > scr< / code > , setting the < code > XTRACE< / code > option by the corresponding
letter ‘ < code > -x< / code > ’ and the < code > SH_WORD_SPLIT< / code > option by name. Options may be
turned < em > off< / em > by name by using < code > +o< / code > instead of < code > -o< / code > . < code > -o< / code > can be stacked
up with preceding single-letter options, so for example ‘ < code > -xo shwordsplit< / code > ’ or ‘ < code > -xoshwordsplit< / code > ’ is equivalent to ‘ < code > -x -o shwordsplit< / code > ’ .< / p >
< p > < span id = "index-long-option" > < / span > < / p >
< p > Options may also be specified by name in GNU long option style,
‘ < code > -``-``option-name< / code > ’ . When this is done, ‘ < code > -< / code > ’ characters in the
option name are permitted: they are translated into ‘ < code > _< / code > ’ , and thus
ignored. So, for example, ‘ < code > zsh -``-sh-word-split< / code > ’ invokes zsh with the
< code > SH_WORD_SPLIT< / code > option turned on. Like other option syntaxes, options
can be turned off by replacing the initial ‘ < code > -< / code > ’ with a ‘ < code > +< / code > ’ ; thus
‘ < code > +-sh-word-split< / code > ’ is equivalent to ‘ < code > -``-no-sh-word-split< / code > ’ . Unlike
other option syntaxes, GNU-style long options cannot be stacked with any
other options, so for example ‘ < code > -x-shwordsplit< / code > ’ is an error, rather
than being treated like ‘ < code > -x -``-shwordsplit< / code > ’ .< / p >
< p > < span id = "index-_002d_002dversion" > < / span >
< span id = "index-_002d_002dhelp" > < / span > < / p >
< p > The special GNU-style option ‘ < code > -``-version< / code > ’ is handled; it sends to
standard output the shell’ s version information, then exits
successfully. ‘ < code > -``-help< / code > ’ is also handled; it sends to standard output
a list of options that can be used when invoking the shell, then exits
successfully.< / p >
< p > Option processing may be finished, allowing following arguments that
start with ‘ < code > -< / code > ’ or ‘ < code > +< / code > ’ to be treated as normal arguments, in two
ways. Firstly, a lone ‘ < code > -< / code > ’ (or ‘ < code > +< / code > ’ ) as an argument by itself ends
option processing. Secondly, a special option ‘ < code > -``-< / code > ’ (or ‘ < code > +-< / code > ’ ),
which may be specified on its own (which is the standard POSIX usage) or
may be stacked with preceding options (so ‘ < code > -x-< / code > ’ is equivalent to ‘ < code > -x -``-< / code > ’ ). Options are not permitted to be stacked after ‘ < code > -``-< / code > ’ (so
‘ < code > -x-f< / code > ’ is an error), but note the GNU-style option form discussed
above, where ‘ < code > -``-shwordsplit< / code > ’ is permitted and does not end option
processing.< / p >
< p > Except when the sh/ksh emulation single-letter options are in effect,
the option ‘ < code > -b< / code > ’ (or ‘ < code > +b< / code > ’ ) ends option processing. ‘ < code > -b< / code > ’ is like
‘ < code > -``-< / code > ’ , except that further single-letter options can be stacked
after the ‘ < code > -b< / code > ’ and will take effect as normal.< / p >
< hr / >
< p > < span id = "Compatibility" > < / span > < span id = "Compatibility-1" > < / span > < / p >
< h2 id = "42-compatibility" > < a class = "header" href = "#42-compatibility" > 4.2 Compatibility< / a > < / h2 >
< p > < span id = "index-compatibility" > < / span >
< span id = "index-sh-compatibility" > < / span >
< span id = "index-ksh-compatibility" > < / span > < / p >
< p > Zsh tries to emulate sh or ksh when it is invoked as < code > sh< / code > or < code > ksh< / code >
respectively; more precisely, it looks at the first letter of the name
by which it was invoked, excluding any initial ‘ < code > r< / code > ’ (assumed to stand
for ‘ restricted’ ), and if that is ‘ < code > b< / code > ’ , ‘ < code > s< / code > ’ or ‘ < code > k< / code > ’ it will emulate
sh or ksh. Furthermore, if invoked as < code > su< / code > (which happens on certain
systems when the shell is executed by the < code > su< / code > command), the shell will
try to find an alternative name from the < code > SHELL< / code > environment variable
and perform emulation based on that.< / p >
< p > In sh and ksh compatibility modes the following parameters are not
special and not initialized by the shell: < code > ARGC< / code > , < code > argv< / code > , < code > cdpath< / code > ,
< code > fignore< / code > , < code > fpath< / code > , < code > HISTCHARS< / code > , < code > mailpath< / code > , < code > MANPATH< / code > , < code > manpath< / code > ,
< code > path< / code > , < code > prompt< / code > , < code > PROMPT< / code > , < code > PROMPT2< / code > , < code > PROMPT3< / code > , < code > PROMPT4< / code > , < code > psvar< / code > ,
< code > status< / code > , < code > watch< / code > .< / p >
< p > < span id = "index-ENV_002c-use-of" > < / span > < / p >
< p > The usual zsh startup/shutdown scripts are not executed. Login shells
source < code > /etc/profile< / code > followed by < code > $HOME/.profile< / code > . If the < code > ENV< / code >
environment variable is set on invocation, < code > $ENV< / code > is sourced after the
profile scripts. The value of < code > ENV< / code > is subjected to parameter expansion,
command substitution, and arithmetic expansion before being interpreted
as a pathname. Note that the < code > PRIVILEGED< / code > option also affects the
execution of startup files.< / p >
< p > The following options are set if the shell is invoked as < code > sh< / code > or < code > ksh< / code > :
< code > NO_BAD_PATTERN< / code > , < code > NO_BANG_HIST< / code > , < code > NO_BG_NICE< / code > , < code > NO_EQUALS< / code > ,
< code > NO_FUNCTION_ARGZERO< / code > , < code > GLOB_SUBST< / code > , < code > NO_GLOBAL_EXPORT< / code > , < code > NO_HUP< / code > ,
< code > INTERACTIVE_COMMENTS< / code > , < code > KSH_ARRAYS< / code > , < code > NO_MULTIOS< / code > , < code > NO_NOMATCH< / code > ,
< code > NO_NOTIFY< / code > , < code > POSIX_BUILTINS< / code > , < code > NO_PROMPT_PERCENT< / code > , < code > RM_STAR_SILENT< / code > ,
< code > SH_FILE_EXPANSION< / code > , < code > SH_GLOB< / code > , < code > SH_OPTION_LETTERS< / code > , < code > SH_WORD_SPLIT< / code > .
Additionally the < code > BSD_ECHO< / code > and < code > IGNORE_BRACES< / code > options are set if zsh
is invoked as < code > sh< / code > . Also, the < code > KSH_OPTION_PRINT< / code > , < code > LOCAL_OPTIONS< / code > ,
< code > PROMPT_BANG< / code > , < code > PROMPT_SUBST< / code > and < code > SINGLE_LINE_ZLE< / code > options are set if
zsh is invoked as < code > ksh< / code > .< / p >
< hr / >
< p > < span id = "Restricted-Shell" > < / span >
< span id = "Restricted-Shell-1" > < / span > < / p >
< h2 id = "43-restricted-shell" > < a class = "header" href = "#43-restricted-shell" > 4.3 Restricted Shell< / a > < / h2 >
< p > < span id = "index-restricted-shell" > < / span >
< span id = "index-RESTRICTED" > < / span > < / p >
< p > When the basename of the command used to invoke zsh starts with the
letter ‘ < code > r< / code > ’ or the ‘ < code > -r< / code > ’ command line option is supplied at
invocation, the shell becomes restricted. Emulation mode is determined
after stripping the letter ‘ < code > r< / code > ’ from the invocation name. The following
are disabled in restricted mode:< / p >
< ul >
< li > changing directories with the < code > cd< / code > builtin< / li >
< li > changing or unsetting the < code > EGID< / code > , < code > EUID< / code > , < code > GID< / code > , < code > HISTFILE< / code > ,
< code > HISTSIZE< / code > , < code > IFS< / code > , < code > LD_AOUT_LIBRARY_PATH< / code > , < code > LD_AOUT_PRELOAD< / code > ,
< code > LD_LIBRARY_PATH< / code > , < code > LD_PRELOAD< / code > , < code > MODULE_PATH< / code > , < code > module_path< / code > ,
< code > PATH< / code > , < code > path< / code > , < code > SHELL< / code > , < code > UID< / code > and < code > USERNAME< / code > parameters< / li >
< li > specifying command names containing < code > /< / code > < / li >
< li > specifying command pathnames using < code > hash< / code > < / li >
< li > redirecting output to files< / li >
< li > using the < code > exec< / code > builtin command to replace the shell with another
command< / li >
< li > using < code > jobs -Z< / code > to overwrite the shell process’ argument and
environment space< / li >
< li > using the < code > ARGV0< / code > parameter to override < code > argv[0]< / code > for external
commands< / li >
< li > turning off restricted mode with < code > set +r< / code > or < code > unsetopt RESTRICTED< / code > < / li >
< / ul >
< p > These restrictions are enforced after processing the startup files. The
startup files should set up < code > PATH< / code > to point to a directory of commands
which can be safely invoked in the restricted environment. They may also
add further restrictions by disabling selected builtins.< / p >
< p > Restricted mode can also be activated any time by setting the
< code > RESTRICTED< / code > option. This immediately enables all the restrictions
described above even if the shell still has not processed all startup
files.< / p >
< p > A shell < em > Restricted Mode< / em > is an outdated way to restrict what users may
do: modern systems have better, safer and more reliable ways to confine
user actions, such as < em > chroot jails< / em > , < em > containers< / em > and < em > zones< / em > .< / p >
< p > A restricted shell is very difficult to implement safely. The feature
may be removed in a future version of zsh.< / p >
< p > It is important to realise that the restrictions only apply to the
shell, not to the commands it runs (except for some shell builtins).
While a restricted shell can only run the restricted list of commands
accessible via the predefined ‘ < code > PATH< / code > ’ variable, it does not prevent
those commands from running any other command.< / p >
< p > As an example, if ‘ < code > env< / code > ’ is among the list of < em > allowed< / em > commands, then
it allows the user to run any command as ‘ < code > env< / code > ’ is not a shell< / p >
< p > So when implementing a restricted shell framework it is important to be
fully aware of what actions each of the < em > allowed< / em > commands or features
(which may be regarded as < em > modules< / em > ) can perform.< / p >
< p > Many commands can have their behaviour affected by environment
variables. Except for the few listed above, zsh does not restrict the
setting of environment variables.< / p >
< p > If a ‘ < code > perl< / code > ’ , ‘ < code > python< / code > ’ , ‘ < code > bash< / code > ’ , or other general purpose
interpreted script it treated as a restricted command, the user can work
around the restriction by setting specially crafted ‘ < code > PERL5LIB< / code > ’ ,
‘ < code > PYTHONPATH< / code > ’ , ‘ < code > BASHENV< / code > ’ (etc.) environment variables. On GNU
systems, any command can be made to run arbitrary code when performing
character set conversion (including zsh itself) by setting a
‘ < code > GCONV_PATH< / code > ’ environment variable. Those are only a few examples.< / p >
< p > Bear in mind that, contrary to some other shells, ‘ < code > readonly< / code > ’ is not a
security feature in zsh as it can be undone and so cannot be used to
mitigate the above.< / p >
< p > A restricted shell only works if the allowed commands are few and
carefully written so as not to grant more access to users than intended.
It is also important to restrict what zsh module the user may load as
some of them, such as ‘ < code > zsh/system< / code > ’ , ‘ < code > zsh/mapfile< / code > ’ and ‘ < code > zsh/files< / code > ’ ,
allow bypassing most of the restrictions.< / p >
< hr / >
< p > This document was generated on < em > February 15, 2020< / em > using
< a href = "http://www.nongnu.org/texi2html/" > < em > texi2html 5.0< / em > < / a > .< br / >
Zsh version 5.8, released on February 14, 2020.< / p >
< / main >
< nav class = "nav-wrapper" aria-label = "Page navigation" >
<!-- Mobile navigation buttons -->
< a rel = "prev" href = "Roadmap.html" class = "mobile-nav-chapters previous" title = "Previous chapter" aria-label = "Previous chapter" aria-keyshortcuts = "Left" >
< i class = "fa fa-angle-left" > < / i >
< / a >
< a rel = "next" href = "Files.html" class = "mobile-nav-chapters next" title = "Next chapter" aria-label = "Next chapter" aria-keyshortcuts = "Right" >
< i class = "fa fa-angle-right" > < / i >
< / a >
< div style = "clear: both" > < / div >
< / nav >
< / div >
< / div >
< nav class = "nav-wide-wrapper" aria-label = "Page navigation" >
< a rel = "prev" href = "Roadmap.html" class = "nav-chapters previous" title = "Previous chapter" aria-label = "Previous chapter" aria-keyshortcuts = "Left" >
< i class = "fa fa-angle-left" > < / i >
< / a >
< a rel = "next" href = "Files.html" class = "nav-chapters next" title = "Next chapter" aria-label = "Next chapter" aria-keyshortcuts = "Right" >
< i class = "fa fa-angle-right" > < / i >
< / a >
< / nav >
< / div >
<!-- Livereload script (if served using the cli tool) -->
< script type = "text/javascript" >
var socket = new WebSocket("ws://localhost:3000/__livereload");
socket.onmessage = function (event) {
if (event.data === "reload") {
socket.close();
location.reload();
}
};
window.onbeforeunload = function() {
socket.close();
}
< / script >
< script type = "text/javascript" >
window.playground_copyable = true;
< / script >
< script src = "elasticlunr.min.js" type = "text/javascript" charset = "utf-8" > < / script >
< script src = "mark.min.js" type = "text/javascript" charset = "utf-8" > < / script >
< script src = "searcher.js" type = "text/javascript" charset = "utf-8" > < / script >
< script src = "clipboard.min.js" type = "text/javascript" charset = "utf-8" > < / script >
< script src = "highlight.js" type = "text/javascript" charset = "utf-8" > < / script >
< script src = "book.js" type = "text/javascript" charset = "utf-8" > < / script >
<!-- Custom JS scripts -->
< / body >
< / html >