cve_2021_44228

Ansible role cve_2021_44228

THIS ROLE HAS BEEN ARCHIVED AS OF DEC 2023.

Check and report for cve_2021_44228 (log4shell) on your system.

GitHub	GitLab	Downloads	Version

Example Playbook

This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release.

---
- name: Converge
  hosts: all
  become: yes
  gather_facts: yes

  roles:
    - role: robertdebock.cve_2021_44228

The machine needs to be prepared. In CI this is done using molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  become: yes
  gather_facts: no

  roles:
    - role: robertdebock.bootstrap

  # The role is prepared to install extra software and also remove when
  # the role is done. This is not idempotent, so in this playbook, the
  # required software is already installed.
  vars_files:
    - ../../vars/main.yml

  post_tasks:
    - name: Install required software
      ansible.builtin.package:
        name: ["{{ cve_2021_44228_ps_package }}", unzip]

Also see a full explanation and example on how to use these roles.

Role Variables

The default values for the variables are set in defaults/main.yml:

---
# defaults file for cve_2021_44228

# You can disable certain checks using these variables.

# Check suspicous processes.
cve_2021_44228_check_processes: yes

# Check suspicous packages.
cve_2021_44228_check_packages: yes

# This check uses `find`, which may use the disk intensively.
# Check suspicous files.
cve_2021_44228_check_files: yes

# This check uses `find`, which may use the disk intensively.
# Check suspicous jars
cve_2021_44228_check_archives: yes

# Add your own paths if you want to. The more paths you add, the more
# the disk will be used, but not having enough paths poses a risk of
# not finding vulnerable files.
# Paths to find files and jars in.
cve_2021_44228_paths_to_check:
  - /var
  - /etc
  - /usr
  - /opt
  - /lib64

# The types of archives to scan.
cve_2021_44228_archive_patterns:
  - "*.jar"
  - "*.war"
  - "*.ear"
  - "*.aar"