Shell

Shell Scripting Zero-to-Hero

A five-tier mastery path — Foundation to Specialist — for shell scripting: Bash and POSIX sh, the canonical text-processing toolkit (awk, jq, yq, sed, grep, find, xargs, GNU parallel), defensive production patterns, security, performance, and the operational scripts that keep real systems alive.

Foundation → Intermediate → Advanced → Expert → Specialist ~120 hours 42 of 42 lessons ready LFCS · RHCSA-adjacent shell skills · widely-applicable to any DevOps / SRE / Platform role
Start the course

A complete, job-oriented path through shell scripting: the agentless, ubiquitous glue of Unix. Foundation gives you the mental model — process, environment, variables, quoting, expansion, conditionals, loops, functions, arrays. Intermediate moves into I/O redirection, pipelines, process management, signals, and structured-data tooling that turns shell into a production-grade language. Advanced is defensive engineering: strict mode, ShellCheck, argument parsing, structured logging, concurrency, network operations, testing, and packaging. Expert covers POSIX-strict portability, performance, security, secrets, idempotency, filesystem semantics, /proc, containers, cloud CLIs, and systemd. Specialist closes the loop with bootstrap scripting, monitoring agents, backup orchestration, DB admin, log analysis at scale, self-healing automation, migrations, compliance, forensics, and a capstone style guide.

What you’ll be able to do

  • Internalise how shells parse, expand, and execute — and write scripts that survive surprising inputs and edge cases
  • Master pipelines, file descriptors, process management, signals, and trap-based cleanup
  • Use the canonical text-processing toolkit (awk, jq, yq, sed, grep, find) at production depth
  • Apply strict-mode defensive engineering — set -Eeuo pipefail, IFS hardening, ShellCheck, structured logging, error frameworks, robust argument parsing, and bats-style testing
  • Write portable, performant, secure scripts: POSIX vs Bash, fork/exec discipline, injection-safe quoting, secrets handling, idempotency, and atomic operations
  • Operate at the system frontier — containers, cloud CLIs, systemd units, /proc, monitoring agents, backup orchestration, log analysis at scale, and self-healing automation

Prerequisites

  • Comfortable using a Unix shell (bash or zsh) interactively — cd, ls, basic redirection, environment variables
  • Access to a Linux or macOS machine (or WSL) where you can edit files and run scripts; no prior scripting experience required

Who it’s for

Engineers who want to stop being apprehensive about shell — DevOps and platform engineers, SREs, sysadmins, backend developers writing CI scripts, and anyone preparing for serious production-shell work or the LFCS / RHCSA-adjacent tooling skills employers actually expect.

Curriculum

Tier 1 · Foundation — How Shells Actually Work

Build the mental model first. What the shell is (process and parser); how variables, quoting, and expansion really work; how conditionals and exit codes propagate; the loop forms; functions with proper scope; and arrays. Get these six right and the next four tiers cost you a fraction of the effort.

  1. 1 Shell Anatomy, In Depth: Bash, Zsh, Dash, BusyBox & the Process / Environment Model You Have to Internalise Before Anything Else 25 min read
  2. 2 Variables, Quoting, Parameter Expansion & IFS — The One Lesson That Eliminates 80% of All Shell Bugs Forever 25 min read
  3. 3 Conditionals, Exit Codes & Status Propagation: test, [, [[, true/false, $? — How Shell Actually Decides What to Do 21 min read
  4. 4 Loops & Iteration: for, while, until, case, break/continue & Command Substitution Gotchas — How to Iterate in Shell Without Destroying Your Production Filesystem 20 min read
  5. 5 Functions, Local Scope, return vs exit & Argument Passing — How to Write Shell Scripts That Don't Stomp On Themselves 21 min read
  6. 6 Arrays: Indexed, Associative, Slicing, mapfile/readarray & the Cardinality Discipline That Replaces Word-Splitting Hacks Forever 21 min read

Tier 2 · Intermediate — I/O, Pipelines, Processes & Text Power Tools

Where shell stops being a calculator and becomes a glue language. The complete I/O model (file descriptors, here-docs, here-strings, process substitution, tee), pipelines (PIPESTATUS, set -o pipefail, SIGPIPE), process management (subshells, jobs, wait), signal handling (trap, EXIT/ERR cleanup), pattern matching at scale (globbing, POSIX BRE/ERE, find/grep/sed), and the canonical text-processing toolkit (awk, jq, yq, csvkit).

  1. 7 I/O Redirection in Depth: File Descriptors, Here-Docs, Here-Strings, tee & Process Substitution — How Shell Actually Talks to Files 19 min read
  2. 8 Pipes & Pipelines, In Depth: PIPESTATUS, set -o pipefail, SIGPIPE & Multi-Stage Pipeline Discipline 16 min read
  3. 9 Process Management: Subshells, Command Groups, Jobs, fg/bg, wait, nohup & disown — Building Concurrent Shell Without the Foot-Cannons 16 min read
  4. 10 Signal Handling: trap, EXIT/ERR/INT/TERM, Idempotent Cleanup & Lock-File Discipline — Writing Scripts That Don't Leave a Mess Behind 18 min read
  5. 11 Globbing, Regex & the find / grep / sed Toolkit That Actually Scales — From `*.txt` to Production-Grade File and Text Manipulation 18 min read
  6. 12 Text Processing: awk Deep Dive, jq, yq, csvkit & the Locale / UTF-8 Pitfalls — Where Shell Stops Being Primitive 22 min read

Tier 3 · Advanced — Defensive Engineering & Production Discipline

How to turn quick scripts into systems your team trusts in production: strict-mode hardening, argument parsing patterns, structured logging, concurrency primitives, network operations, large-scale file handling, time/date arithmetic, scheduled jobs, automated testing, and distro-portable packaging.

  1. 13 Defensive Scripting: set -Eeuo pipefail, IFS Hardening, ShellCheck & Error Propagation — Turning Quick Hacks Into Production Code 23 min read
  2. 14 Argument Parsing: getopts, getopt, Manual Parsing & the Long-Options Pattern — Building CLIs That Feel Like git 18 min read
  3. 15 Logging Frameworks: syslog/journald, Structured Logs, Log Levels & Rotation — Making Your Scripts Observable 16 min read
  4. 16 Concurrency: Backgrounding, GNU parallel, xargs -P, FIFOs & Lock Files (flock) — Using All Your Cores Without Races 19 min read
  5. 17 Network Operations: curl/wget Mastery, /dev/tcp Sockets, Retry-with-Backoff & Idempotent HTTP — When Your Script Talks to Other Machines 16 min read
  6. 18 File Operations at Scale: rsync, find -print0, Atomic Writes & Parallel-Safe Patterns — When `cp -r` Stops Being Enough 16 min read
  7. 19 Date & Time Arithmetic: ISO 8601, Time Zones, GNU vs BSD `date` & Cron-Safe Math — Stop Letting Timestamps Eat Your Scripts 24 min read
  8. 20 Scheduling: cron, systemd Timers & anacron — Choosing the Right Tool, Idempotency, Lockfiles & Drift-Free Recurring Jobs 23 min read
  9. 21 Testing Shell Scripts: bats-core, shunit2, Mocking Commands, Fixtures & CI Integration — Stop Shipping Untested Bash 22 min read
  10. 22 Packaging Shell Scripts: Shebangs, PATH Discipline, Portability, `make install`, deb/rpm & Homebrew — Ship Scripts Like Real Software 23 min read

Tier 4 · Expert — Portability, Performance, Security & System Integration

The skills that separate scripts that survive five years from scripts that break next quarter: POSIX-strict portability, profiling and performance ceilings, security hardening against injection and IFS attacks, secrets handling, idempotency patterns, filesystem semantics, /proc and /sys exploration, container-runtime integration, cloud-CLI mastery, and writing systemd units that wrap shell scripts properly.

  1. 23 POSIX-Strict Portability vs Bash-isms: When to Choose, How to Detect, Where Each Breaks — A Decision Framework for Cross-Shell Code 23 min read
  2. 24 Shell Performance: Profiling, Reducing fork/exec & Knowing When to Leave Shell — A Quantitative Guide to the Bash Performance Ceiling 17 min read
  3. 25 Shell Security: Command Injection, Quoting Hardening, IFS Attacks, set -f & Input Validation — Treating Shell as an Attack Surface 22 min read
  4. 26 Shell Secrets Handling: Env-Vars vs Files, Vault Integration, Ephemeral Credentials, ps/journal Leaks & no_log Discipline 20 min read
  5. 27 Shell Idempotency Patterns: State Files, Reconciliation Loops, Dry-Run Flags & Idempotent Primitives 24 min read
  6. 28 Shell Filesystem Semantics: Hard Links, Symlinks, Mount Namespaces, fsync Discipline & Atomic-Rename Guarantees 23 min read
  7. 29 Shell /proc, /sys & sysctl: Kernel Introspection, Runtime Tuning, Persistent Configs & Per-Process Forensics From the Command Line 18 min read
  8. 30 Shell Container Interactions: docker, podman, kubectl, jq-Driven Inspection, exec/log Pipelines, TTY Discipline & Safe Automation 18 min read
  9. 31 Shell Cloud CLIs Mastery: AWS, Azure, GCP — Auth Chains, Pagination, Parallel Calls, Output Discipline & Rate Limits 16 min read
  10. 32 Writing systemd Units That Wrap Shell Scripts Properly: Type Selection, Restart Policy, Hardening, Watchdogs, Timers & sd_notify 16 min read

Tier 5 · Specialist — Mission-Critical Patterns & Capstone

Shell scripting at the operational frontier: scripts that run before any package manager exists, monitoring agents and watchdogs, backup orchestration with integrity proofs, database-admin scripting, log analysis at terabyte scale, self-healing detect-decide-act loops, migration ETL, compliance scanning with signed evidence, forensics and incident-response triage, and a capstone style guide that defines the lifecycle of every production shell script you'll ever write.

  1. 33 Shell Bootstrap & cloud-init: Scripts That Run Before Any Package Manager, Network, or User Exists — POSIX-Strict Provisioning From First Boot 16 min read
  2. 34 Shell Monitoring Agents: Writing Prometheus Exporters, Health Probes, Watchdogs & Liveness/Readiness Endpoints From Bash 15 min read
  3. 35 Shell Backup & Restore: Integrity Manifests, GFS Retention, Immutable Object-Lock Storage & Drill-Tested Recovery 19 min read
  4. 36 Shell Database Admin: pg_dump Pipelines, MySQL Backup Orchestration, WAL Archiving & Online Schema Migration Wrappers 17 min read
  5. 37 Shell Log Analysis at Scale: Streaming awk, GNU Parallel, Distributed grep/sort/uniq Pipelines for Terabyte-Sized Logs 16 min read
  6. 38 Shell Self-Healing Scripts: Detect-Decide-Act Loops, Blast-Radius Limits, Circuit Breakers & The Discipline That Stops Auto-Remediation From Becoming The Outage 19 min read
  7. 39 Shell Migration & ETL Scripts: Watermarks, Checkpoint Files, Idempotent Re-Runs, Staging Tables & The Discipline Of A Back-Out Plan 18 min read
  8. 40 Shell Compliance Scanning: CIS/STIG-as-Shell, Evidence Bundles, Signed Reports & The Discipline That Makes Auditors Sign Off Without A Round Of Questions 17 min read
  9. 41 Shell Forensics & Incident Response: Order-Of-Volatility Capture, Triage Scripts, Read-Only Examination & The Evidence Chain That Holds Up Under Scrutiny 20 min read
  10. 42 Shell Style Guide Capstone: The Production Review Checklist, Lifecycle Policy, Metrics Every Script Should Emit & The Sunset Criteria For Retiring Scripts Cleanly 18 min read
All courses