Skip to content

Instantly share code, notes, and snippets.

@lanefu
Created September 25, 2014 19:57
Show Gist options
  • Save lanefu/00d59dc5e363f3b088d4 to your computer and use it in GitHub Desktop.
Save lanefu/00d59dc5e363f3b088d4 to your computer and use it in GitHub Desktop.
Simple Ansible playbook to update bash and test for Shellshock vulnerability on yum-based boxes
---
- hosts: [ 'all', '{{cli_target}}' ]
tasks:
- name: clean yum
command: yum clean all
tags: cleanyum
- name: update bash
yum: name=bash state=latest
tags: updatebash
- name: test vulnerability
shell: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
register: vuln
failed_when: vuln.stdout.find('vulnerable') != -1
changed_when: false
tags: testvuln
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment