Due to the recent exposure of the Linux bash vulnerability and the attempt to update bash, I thought of configuring centos Yum source.
Command to test the bash vulnerability:
env x=‘() { :;}; echo "Your bash version is vulnerable"‘ bash -c "echo This is a test" Your bash version is vulnerableThis is a test
Thanks To Netease's image file!
1. delete the original Yum rpm-AQ | grep Yum | xargs rpm-e -- nodeps 2. visit the Linux Yum source provided by Netease http://mirrors.163.com/centos/6/ OS /x86_64/packages/find the appropriate Yum installation package wget http://mirrors.163.com/centos/6/ OS /x86_64/Packages/yum-3.2.29-40.el6.centos.noarch.rpm wget http://mirrors.163.com/centos/6/ OS /x86_64/Packages/yum-metadata-parser-1.1.2-16.el6.x86_64.rpm wget http://mirrors.163.com/centos/6/ OS /x86_64/Packages/yum-plugin-fastestmirror-1.1.30-14.el6.noarch.rpmwget http://mirrors.163.com/centos/6/ OS /x86_64/Packages/python-iniparse-0.3.1-2.1.el6.noarch.rpm 3. install Yum rpm-IVH python-iniparse-0.3.1-2.1.el6.noarch.rpm rpm-IVH yum-metadata-parser-1.1.2-16.el6.x86_64.rpm rpm-IVH yum-3.2.29-40.el6.centos.noarch.rpm yum-plugin-fastestmirror-1.1.30-14.el6.noarch.rpm 4. update the repo file mV/etc/yum. repos. d/rhel-debuginfo.repo/etc/yum. repos. d/rhel-debuginfo.repo.repo.bakvi/etc/yum. repos. d/rhel-debuginfo.repo [base] Name = centos-$ releasever-basebaseurl = updated updates [updates] Name = centos-$ releasever-updatesbaseurl = http://mirrors.163.com/centos/6/updates/x86_64/$basearch/gpgcheck=1gpgkey=http://mirrors.163.com/centos/rpm-gpg-key-centos-6#packages used/produced in the build but not released [addons] Name = centos-$ releasever-addonsbaseurl = container packages that may be useful [extras] Name = centos-$ releasever-packages = container packages that extend functionality of existing packages [centosplus] name = centos-$ releasever-plusbaseurl = http://mirrors.163.com/centos/6/centosplus/x86_64/gpgcheck=1enabled=05、yum clean all6, yum update Bash -- Test
Pay attention to the path. Pay attention to the values of the basearch and $ releasever variables.
[[email protected]alhost yum.repos.d]# env x=‘() { :;}; echo "Your bash version is vulnerable"‘ bash -c "echo This is a test"This is a test[[email protected] yum.repos.d]#
The yum source is configured and the bash command is updated.
Refer to blog:
Http://blog.chinaunix.net/uid-20940095-id-3275311.html
Http://www.cnblogs.com/linuxer/archive/2011/11/10/2272521.html
Configure centos Yum source in RedHat 6