Since the recently discovered bash vulnerabilty is forcing many IT specialist to run massive update to their systems, here you can find a simple ansible script to immediately update all your servers at once, would they be APT or YUM based.
---- hosts: "{{deploy_host}}" remote_user: ansible_user sudo: yes vars: pkg_list_deb: - bash pkg_list_rpm: - bash tasks: - name : Check Family debug: msg="Familiy {{ ansible_os_family }} "
- name : install packages - Debian way apt: pkg={{item}} state=latest install_recommends=no with_items: pkg_list_deb when: ansible_os_family == "Debian"
- name : install packages - RedHat way yum: name={{item}} state=latest with_items: pkg_list_rpm when: ansible_os_family == "RedHat" |
Just run it against an inventory file with all your server and have a coffee 😉
Around the Code 