Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

bash-shellshock (2) Versions 1.0.1

Audits & remediates the Shellshock vulnerability

Berkshelf/Librarian
Policyfile
Knife
cookbook 'bash-shellshock', '~> 1.0.1'
cookbook 'bash-shellshock', '~> 1.0.1', :supermarket
knife cookbook site install bash-shellshock
knife cookbook site download bash-shellshock
README
Dependencies
Changelog
Quality 100%

bash-shellshock Cookbook

Build Status Cookbook Version

This cookbook is designed to test and optionally remediate the bash "shellshock" bug, more formally known as cve-2014-7169.

Once Chef-client has executed this recipe on one or more hosts, a list of all nodes that are vulnerable to the "Shellshock" exploit can be retrieved from the Chef server via knife search:

knife search node 'bash:shellshock_vulnerable'

Limitations

This cookbook relies on the OS-native packaging system to provide patched versions of the bash package.

Requirements

Platforms

  • Tested on CentOS 6.5
  • Tested on Ubuntu 12.04
  • Should work on a wide variety of other systems

Chef

  • Chef 11+

Cookbooks

Attributes

  • No user-configurable attributes

Recipes

bash-shellshock::default

  • Audits and remediates Bash-CVE-2014-7169 ("Shellshock")

bash-shellshock::audit

  • Installs an OHAI plugin that will automatically audit nodes for the Shellshock vulnerability. This plugin creates two new values in OHAI:

node['languages']['bash']['version'], a string. Returned from bash --version. node['languages']['bash']['shellshock_vulnerable'], a boolean. True if node is vulnerable.

bash-shellshock::remediate

  • If the node is marked vulnerable by the audit recipe, this recipe will attempt to upgrade bash via the native packaging system. Includes the audit recipe.
  • Audits and remediates Bash-CVE-2014-7169 ("Shellshock")

License & Authors

Author: Cookbook Engineering Team (cookbooks@chef.io)

Copyright: 20014-2015, Chef Software, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

ohai ~> 2.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

bash-shellshock Cookbook CHANGELOG

This file is used to list changes made in each version of the bash-shellshock cookbook.

1.0.1 (10-20-2015)

  • Fixed bad search string example in the readme
  • Added much scarier warning logging if the node is vulnerable
  • Added travis and cookbook version badges to the readme
  • Added a .foodcritic file to exclude rules
  • Updated chefignore and .gitignore files
  • Updated platforms in Test Kitchen
  • Added standard Rubocop file
  • Added Travis CI testing
  • Removed yum from Berksfile and removed version constraint on Apt
  • Added contributing and testing docs
  • Added Gemfile with testing deps
  • Added maintainers.md and maintainers.toml
  • Added rakefile for simplified testing
  • Added source_url and issues_url metadata
  • Updated Chefspec to the latest format

1.0.0 (10-29-2014)

  • Initial release

Collaborator Number Metric
            

1.0.1 passed this metric

Contributing File Metric
            

1.0.1 passed this metric

Foodcritic Metric
            

1.0.1 passed this metric

License Metric
            

1.0.1 passed this metric

No Binaries Metric
            

1.0.1 passed this metric

Publish Metric
            

1.0.1 passed this metric

Supported Platforms Metric
            

1.0.1 passed this metric

Testing File Metric
            

1.0.1 passed this metric

Version Tag Metric
            

1.0.1 passed this metric