Merge branch 'master' into logrotate-fix-90-jours
Some checks failed
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing

This commit is contained in:
jeltz 2021-03-11 14:30:48 +01:00
commit 077858724a
2 changed files with 20 additions and 3 deletions

View file

@ -2,6 +2,6 @@ FROM python:3.9-alpine
LABEL description="Aurore's docker image for ansible-lint" LABEL description="Aurore's docker image for ansible-lint"
RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo
RUN pip install "yamllint>=1.26.0,<2.0" RUN pip install --no-cache-dir "yamllint>=1.26.0,<2.0"
RUN pip install "ansible-lint==5.0.0" RUN pip install --no-cache-dir "ansible-lint==5.0.0"
RUN pip install "ansible>=2.10,<2.11" RUN pip install --no-cache-dir "ansible>=2.10,<2.11"

17
sudo_upgrade.yml Executable file
View file

@ -0,0 +1,17 @@
#!/usr/bin/env ansible-playbook
---
# This is a special playbook to upgrade sudo everywhere after the
# CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
# Please always use with --limit myserver.adm.auro.re
# And list updates with --check
- hosts: all
tasks:
- name: Upgrade sudo
apt:
name: sudo
state: latest
update_cache: true
cache_valid_time: 3600 # one hour
register: apt_result
retries: 3
until: apt_result is succeeded