Amazon Linux 2023がGAされました

Amazon Linux 2023がGAされました

ついにAmazon Linux 2023が来ました
Clock Icon2023.03.16

この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。

ようやく来ました

こんにちは、のんピ(@non____97)です。

ついにAmazon Linux 2023がGAされました。

RC(Release Candidate)版が公開されてから早かったですね。

AWS公式ブログも公開されていますね。

また、AWS公式ドキュメントの内容も充実しています。

早速試してみたので紹介します。

Amazon Linux 2023とは

概要

Amazon Linux 2023を実際に触ってみる前にAmazon Linux 2023とは何なのかを整理します。

Amazon Linux 2023とはAWSがクラウドに最適化した第3世代のLinuxディストリビューションです。(Amazon Linuxが第1世代、Amazon Linux 2が第2世代)

前世代のAmazon Linuxと同じく利用にあたって追加のライセンス費用は不要です。

元々はAmazon Linux 2022でリリース予定でしたが、リリースが2023年にずれ込んだことからAmazon Linux 2023に名称が変わっています。

その影響でAmazon Linux 2のサポート期限が2025年6月末まで延長されています。

また、x86_64とarm64のどちらのCPUアーキテクチャもサポートしています。

ライフサイクル

今回リリースされたAmazon Linux 2023以降、Amazon Linuxは2年ごとにメジャーリリースされ、四半期ごとのマイナーリリースが行われます。各メジャーバージョンは最大5年間のサポートが提供されます。

Amazon Linux 2023のEOLは2028/3/15です。Amazon LinuxとAmazon Linux 2のEOLと併せてダイアグラムにすると以下のようになります。

ALTimelines_external

抜粋 : Amazon Linux 2023, a Cloud-Optimized Linux Distribution with Long-Term Support | AWS News Blog

Amazon Linux 2023以降のAmazon Linuxのメジャーリリースのメンテナンス期間は以下の通りです。

Year Amazon Linux 2023 Amazon Linux 2025 Amazon Linux 2027 Amazon Linux 2029
2023 Standard support
2024 Standard support
2025 Maintenance Standard support
2026 Maintenance Standard support
2027 Maintenance Maintenance Standard support
2028 EOL Maintenance Standard support
2029 EOL Maintenance Maintenance Standard support
2030 EOL EOL Maintenance Standard support
2031 EOL EOL Maintenance Maintenance

抜粋 : Release cadence - Amazon Linux 2023

メジャーリリースとマイナーリリースの内容は以下AWS公式ドキュメントに記載されています。メジャーリリース時には互換性があるか十分に検証した上でアップデートしましょう。

  • Major version release— Includes new features and improvements in security and performance across the stack. The improvements might include major changes to the kernel, toolchain, Glib C, OpenSSL, and any other system libraries and utilities. Major releases of Amazon Linux are based in part on the current version of the upstream Fedora Linux distribution. AWS might add or replace specific packages from other non-Fedora upstreams.
  • Minor version release— A quarterly update that includes security updates, bug fixes, and new features and packages. Each minor version is a cumulative list of updates that includes security and bug fixes in addition to new features and packages. These releases might include latest language runtimes, such as PHP. They might also include other popular software packages such as Ansible and Docker.

(以下機械翻訳)

  • メジャーバージョンリリース-スタック全体のセキュリティとパフォーマンスにおける新機能と改善を含む。この改善には、カーネル、ツールチェーン、Glib C、OpenSSL、およびその他のシステムライブラリやユーティリティに対する大きな変更が含まれる場合があります。Amazon Linuxのメジャーリリースは、アップストリームのFedora Linuxディストリビューションの現在のバージョンに一部基づいています。AWSは、Fedora以外のアップストリームから特定のパッケージを追加または置き換えることがあります。
  • マイナーバージョンリリース - セキュリティアップデート、バグフィックス、新機能やパッケージを含む四半期ごとのアップデート。各マイナーバージョンは、新しい機能やパッケージに加えて、セキュリティやバグの修正を含む更新の累積リストです。これらのリリースには、PHPなどの最新の言語ランタイムが含まれる場合があります。また、AnsibleやDockerなどの一般的なソフトウェアパッケージも含まれる場合があります。

Release cadence - Amazon Linux 2023

また、マイナーリリース名は以下のように付与されます。

  • 2023.0.20230301
  • 2023.1.20230601
  • 2023.2.20230901

それぞれ対応するAMIの名前は以下のようになります。

  • al2023-ami-2023.0.20230301.0-kernel-6.1-x86_64
  • al2023-ami-2023.1.20230601.0-kernel-6.1-x86_64
  • al2023-ami-2023.2.20230901.0-kernel-6.1-x86_64

各リリースの詳細はリリースノートをご覧ください。

GAされた2023-03-15はいくつか既知の問題があります。特に気になったのは以下の2点です。

  1. Systems Manager Patch ManagerがAmazon Linux 2023をサポートしていない
  2. CodeDeployエージェントがAmazon Linux 2023上で動作しない

こちらの対応が必ず必要な場合は、現時点でのAmazon Linux 2023の使用は見合わせましょう。

パッケージの更新

Amazon Linux 2023ではリポジトリが特定のバージョンにロックされています。

以前のAmazon Linuxではcloud-initのデフォルト設定だと起動時にセキュリティアップデートがインストールされました。

Amazon Linux は、起動時にクリティカルまたは重要なセキュリティ更新をダウンロードおよびインストールするよう設定されています。起動後にユースケースに必要な更新を行うことをお勧めします。例えば、起動時にすべての更新(セキュリティ更新だけでなく)を適用したり、各更新を評価してシステムに適用可能なもののみを適用することができます。これは、cloud-init 設定 repo_upgrade を使用して制御されます。次の cloud-init 設定のスニペットは、インスタンス初期化に渡すユーザーデータテキストで設定を変更する方法を示しています。

(中略)

repo_upgrade のデフォルトの設定は security です。つまり、ユーザーデータに異なる値を指定しない場合、デフォルトでは、Amazon Linux はその時点でインストールされているパッケージの起動時に、セキュリティ更新を実行します。Amazon Linux は、インストール済みのパッケージに更新がある場合も、/etc/motd ファイルを使用して、ログイン時に利用可能な更新の数を一覧表示して通知します。これらの更新をインストールするには、インスタンスで sudo yum upgrade を実行する必要があります。

Amazon Linux - Amazon Elastic Compute Cloud

Amazon Linux 2023ではそのような挙動はしません。これにより、同じAMIから作成されたEC2インスタンスのパッケージは同一のものとなり、ワークロードの内でパッケージバージョンを揃えることが容易になります。

アップデートをする場合はリポジトリのバージョンを指定して行います。

# 利用可能なリポジトリバージョンの確認
$ sudo dnf check-release-update

# リポジトリバージョンを指定してアップデート
$ sudo dnf --releasever=<version> update

SSM RunCommandでシンプルにyum updateで定期アップデートをしている場合は気をつけたいですね。

releaseverに指定する文字列はlatest、もしくは2023.0.20230210などの日付がスタンプされたバージョンです。

未指定である場合はsystem-releaseのバージョンとなります。優先度の降順は以下の通りです。

  1. コマンドラインのフラグ--releasever=versionの値 (使用されている場合)
  2. オーバーライド変数ファイル/etc/dnf/vars/releaseverで指定されている値 (設定されている場合)
  3. system-releaseのバージョン

例えばコマンドラインで--releasever=versionを指定した場合、オーバーライド変数ファイルやsystem-releaseのバージョンよりも優先して使用されます。

現在のsystem-releaseのバージョンは以下コマンドで確認できます。

$ rpm -q system-release --qf "%{VERSION}\n"
2023.0.20230315

オーバーライド変数ファイル/etc/dnf/vars/releaseverlatestを設定することで常に最新のリポジトリバージョンを参照することも可能です。

$ echo latest | sudo tee /etc/dnf/vars/releasever
latest

AWS公式ドキュメントを確認すると、注意点として以下のような記載がありました。

If you don't override the releasever variable, it's locked to latest by default.

Deterministic upgrades through versioned repositories usage - Amazon Linux 2023

オーバーライドしない場合はlatestで固定されるようです。もし、そうであればsystem-releaseのバージョンを参照する意味合いがよく分からなくなります。これはマイナーリリースが公開されたタイミングで別途検証しようと思います。

詳細については以下AWS公式ドキュメントをご覧ください。

また、パッケージマネージャーがyumからdnfに変更されています。yumdnfの違いが気になる方はDNFの以下ドキュメントをご覧ください。

Amazon Linux 2との主な変更点

SELinux

その他Amazon Linux 2との主な変更点を紹介します。

まず、大きな変更点がSELinuxがデフォルトで有効になっている点です。

ただし、PermissiveモードなのでSELinuxのポリシーは強制されません。

SELinuxの詳細はSELinux NotebookやRedhat公式ドキュメントをご覧ください。

OpenSSL

OpenSSL 1.0.2ではなく、OpenSSL 3がデフォルトでインストールされています。

OpenSSL 3.0になったことでNode.js 18などAmazon Linux 2で使えなかったバージョンの言語を使用することができるようになりました。

一方で、OpenSSLのマイグレーションガイドでも言及されていますが、OpenSSL 1.0.2からOpenSSL 3.0にアップデートはかなり難易度が高いようです。OpenSSL 1.1.1の更新内容と併せてご覧ください。

glibc、gcc及びbinutils

glibcやgcc、binutilsのバージョンも更新されています。

パッケージ名 Amazon Linux 2 Amazon Linux 2023
glibc 2.26 2.34
gcc 7.3 11.3
binutils 2.29 2.39

特にglibcとgccの更新が大きいですね。こちらの兼ね合いでインストールできなかったパッケージにも対応できるようになりました。

gp3

ルートボリュームのEBSボリュームのデフォルトがgp2からgp3となりました。

毎回gp2からgp3に変更していた煩わしさから解放されます。

IMDSv2

デフォルトでIMDSv2のみ使用するようになっています。

インスタンスメタデータにアクセスする際、IMDSv2に対応していない処理をしている場合は修正しておきましょう。

IMDSv2の詳細は以下をご覧ください。

カーネルライブパッチ

OSを再起動することなくカーネルのパッチを適用できるようになりました。

カーネルライブパッチはセキュリティアップデートとバグフィックスの2種類があります。

  • Security updates – Include updates for Linux common vulnerabilities and exposures (CVE). These updates are typically rated as important or critical using the Amazon Linux Security Advisory ratings. They generally map to a Common Vulnerability Scoring System (CVSS) score of 7 and higher. In some cases, AWS might provide updates before a CVE is assigned. In these cases, the patches might appear as bug fixes.
  • Bug fixes – Include fixes for critical bugs and stability issues that aren't associated with CVEs.

(以下機械翻訳)

  • セキュリティアップデート - Linuxの一般的な脆弱性と暴露(CVE)に対するアップデートが含まれています。これらのアップデートは、通常、Amazon Linux Security Advisoryのレーティングを使用して重要または重要であると評価されます。一般的に、CVSS(Common Vulnerability Scoring System)スコアは7以上とされています。場合によっては、AWSはCVEが割り当てられる前にアップデートを提供することがあります。このような場合、パッチはバグフィックスとして表示されることがあります。
  • バグフィックス - CVEに関連しない重要なバグや安定性の問題の修正を含む。

Kernel Live Patching on Amazon Linux 2023 - Amazon Linux 2023

あくまでパッチなので、機能追加が行われるバージョンにアップデートすることはできないので注意しましょう。

カーネルライブパッチは、リリース後最大3か月間提供するようです。

カーネルライブパッチの有効化、適用方法などの各種操作は以下AWS公式ドキュメントをご覧ください。

SSH サーバー

Amazon Linux 2023ではssh-rsaホストキーアルゴリズム(HostKeyAlgorithms)が無効されています。SSH接続をする場合、クライアントはssh-ed25519ecdsa-sha2-nistp256rsa-sha2-256などをサポートする必要があります。

なお、使用できなくなったのはssh-rsaであって、マネジメントコンソールから生成したRSAのキーペアを使ってSSH接続できなくなるという訳ではありません。以下のようにRSAのキーペアは2048-bit SSH-2 RSAであるため、変わらず接続することが可能です。

Amazon EC2 は、Linux インスタンス向けの、ED25519 および 2048-bit SSH-2 RSA キーをサポートしています。

Amazon EC2 のキーペアと Linux インスタンス - Amazon Elastic Compute Cloud

2023/3/19時点のTera Termの最新バージョンである4.106はrsa-sha2-256rsa-sha2-512をサポートしていません。

5.0からはrsa-sha2-256rsa-sha2-512をサポートしているようです。現在はベータ版なのでGAされるのを待ちましょう。

TTSSH - 変更 - SSH2 の rsa-sha2-256, rsa-sha2-512 ホスト鍵方式をサポートした。 - SSH2 の rsa-sha2-256, rsa-sha2-512 公開鍵認証をサポートした。

Release Tera Term 5 RC 5.0 beta1 - Tera Term - OSDN

また、デフォルトでは以下のキー交換アルゴリズム(KexAlgorithms)をサポートしています。

  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512

ssh-rsaしかサポートしていないクライアントの場合は、EC2インスタンス側crypto-policiesでssh-rsaを受け入れるように設定変更します。

# デフォルトの crypto-policies の確認
$ update-crypto-policies --show
DEFAULT

# crypto-policies による各種情報の確認
$ cat /etc/crypto-policies/back-ends/opensshserver.config
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
MACs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
PubkeyAcceptedAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
CASignatureAlgorithms ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512

# crypto-policies を LEGACY に変更
$ sudo update-crypto-policies --set LEGACY
Setting system policy to LEGACY
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

# crypto-policies が LEGACY に変更されたことを確認
$ update-crypto-policies --show
LEGACY

# crypto-policies による各種情報の確認
$ cat /etc/crypto-policies/back-ends/opensshserver.config
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc
MACs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
PubkeyAcceptedAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
CASignatureAlgorithms ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss

crypto-policiesの各値は/usr/share/crypto-policies/policies/配下の.polから確認することが可能です。

# crypto-policies の .pol ファイルの一覧
$ rpm -ql crypto-policies | grep pol$
/etc/crypto-policies/state/CURRENT.pol
/usr/share/crypto-policies/policies/DEFAULT.pol
/usr/share/crypto-policies/policies/EMPTY.pol
/usr/share/crypto-policies/policies/FEDORA38.pol
/usr/share/crypto-policies/policies/FIPS.pol
/usr/share/crypto-policies/policies/FUTURE.pol
/usr/share/crypto-policies/policies/GOST-ONLY.pol
/usr/share/crypto-policies/policies/LEGACY.pol
/usr/share/crypto-policies/policies/NEXT.pol
/usr/share/crypto-policies/policies/TEST-FEDORA39.pol

# DEFAULT 設定時の値の確認
$ cat /usr/share/crypto-policies/policies/DEFAULT.pol
# A reasonable default for today's standards. It should provide
# 112-bit security with the exception of SHA1 signatures in DNSSec
# SHA1 is also enabled in HMAC where collision attacks do not matter.

# MACs: all HMAC with SHA1 or better + all modern MACs (Poly1305 etc)
# Curves: all prime >= 255 bits (including Bernstein curves)
# Signature algorithms: with SHA-256 hash or better (no DSA)
# TLS Ciphers: >= 128-bit key, >= 128-bit block (AES, ChaCha20, including AES-CBC)
# non-TLS Ciphers: as TLS Ciphers with added Camellia
# key exchange: ECDHE, RSA, DHE (no DHE-DSS)
# DH params size: >= 2048
# RSA params size: >= 2048
# TLS protocols: TLS >= 1.2, DTLS >= 1.2

mac = AEAD HMAC-SHA2-256 HMAC-SHA1 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512

group = X25519 X448 SECP256R1 SECP384R1 SECP521R1 \
    FFDHE-2048 FFDHE-3072 FFDHE-4096 FFDHE-6144 FFDHE-8192

hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512 SHA2-224 SHA3-224 \
       SHAKE-256

hash@DNSSec = SHA1+  # SHA1 is still prevalent in DNSSec

sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA2-256-FIDO \
       ECDSA-SHA3-384 ECDSA-SHA2-384 \
       ECDSA-SHA3-512 ECDSA-SHA2-512 \
       EDDSA-ED25519 EDDSA-ED25519-FIDO EDDSA-ED448 \
       RSA-PSS-SHA3-256 RSA-PSS-SHA2-256 \
       RSA-PSS-SHA3-384 RSA-PSS-SHA2-384 \
       RSA-PSS-SHA3-512 RSA-PSS-SHA2-512 \
       RSA-PSS-RSAE-SHA3-256 RSA-PSS-RSAE-SHA2-256 \
       RSA-PSS-RSAE-SHA3-384 RSA-PSS-RSAE-SHA2-384 \
       RSA-PSS-RSAE-SHA3-512 RSA-PSS-RSAE-SHA2-512 \
       RSA-SHA3-256 RSA-SHA2-256 \
       RSA-SHA3-384 RSA-SHA2-384 \
       RSA-SHA3-512 RSA-SHA2-512 \
       ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 \
       ECDSA-SHA3-224 RSA-PSS-SHA3-224 RSA-SHA3-224
sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+  # SHA1 is still prevalent in DNSSec

cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 CAMELLIA-256-GCM \
    AES-256-CTR AES-256-CBC CAMELLIA-256-CBC AES-128-GCM AES-128-CCM \
    CAMELLIA-128-GCM AES-128-CTR AES-128-CBC CAMELLIA-128-CBC

cipher@TLS = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 AES-256-CBC \
    AES-128-GCM AES-128-CCM AES-128-CBC


# CBC ciphers in SSH are considered vulnerable to plaintext recovery attacks
# and disabled in client OpenSSH 7.6 (2017) and server OpenSSH 6.7 (2014).
cipher@SSH = -*-CBC

# 'RSA' is intentionally before DHE ciphersuites, as the DHE ciphersuites have
# interoperability issues in TLS.
key_exchange = ECDHE RSA DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK ECDHE-GSS DHE-GSS

protocol@TLS = TLS1.3 TLS1.2 DTLS1.2
protocol@IKE = IKEv2

# Parameter sizes
min_dh_size = 2048
min_dsa_size = 2048
min_rsa_size = 2048

# GnuTLS only for now
sha1_in_certs = 0

arbitrary_dh_groups = 1
ssh_certs = 1
ssh_etm = 1

EPEL

Amazon Linux 2023ではExtra Packages for Enterprise Linux (EPEL)をサポートしていません。

Extra Packages for Enterprise Linux (EPEL) is a project in the Fedora community with the objective of creating a large array of packages for enterprise-level Linux operating systems. The project has primarily produced RHEL and CentOS packages. Amazon Linux 2 features a high level of compatibility with CentOS 7. As a result, many EPEL7 packages work on Amazon Linux 2. However, AL2023 doesn't support EPEL or EPEL-like repositories.

Comparing Amazon Linux 2 and Amazon Linux 2023 - Amazon Linux 2023

EPELを追加しようとしても以下のように怒られます。

$ sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
Last metadata expiration check: 0:19:04 ago on Sat Mar 18 22:57:42 2023.
epel-release-latest-9.noarch.rpm                                                          275 kB/s |  18 kB     00:00
Error:
 Problem: conflicting requests
  - nothing provides redhat-release >= 9 needed by epel-release-9-4.el9.noarch
(try to add '--skip-broken' to skip uninstallable packages)

ここで「Amazon Linux 2でNginxをインストールする場合はEPELを使用していたけど、Amazon Linux 2023では別リポジトリを追加しなければならないの?」と気になる方もいるかもしれません。

大丈夫です。NginxはAmazon Linux 2023では標準リポジトリ(amazonlinux.repo)に存在しています。

各種パッケージ

Amazon Linux 2023で追加されたパッケージ、削除されたパッケージ、更新されたパッケージはかなり多くあります。

個人的に気になったものは以下の通りです。

  • 追加されたパッケージ
    • grpc
    • nkf
    • nodejs
    • php8.1
    • ruby3.2
    • ssmtp
    • stress
    • w3m
  • 削除されたパッケージ
    • amazon-linux-extras
    • ansible
    • awslogs
    • dhcp
    • ec2-net-utils
    • ftp
    • gnome-desktop3
    • mysql-connector-odbc
    • NetworkManager
    • nfs4-acl-tools
    • ntp
    • pacemaker
    • php
    • python
    • python38
    • ruby
    • squid
    • yum
  • 更新されたパッケージ
    • awscli : 1.18.147-1.amzn2.0.2 -> 2.9.19-1.amzn2023.0.1
    • bind : 9.11.4-26.P2.amzn2.5.2 -> 9.16.27-1.amzn2023.0.2
    • ec2-utils : 1.2-47.amzn2 -> 2.0.1-1.amzn2023.0.2
    • gcc : 7.3.1-15.amzn2 -> 11.3.1-4.amzn2023.0.2
    • glibc : 2.26-62.amzn2 -> 2.34-52.amzn2023.0.2
    • openssh : 7.4p1-22.amzn2.0.1 -> 8.7p1-8.amzn2023.0.4
    • openssl : 1.0.2k-24.amzn2.0.6 -> 3.0.8-1.amzn2023.0.1
    • postgresql : 14.3-2.amzn2.0.1 -> 15.0-1.amzn2023.0.2
    • python3 : 3.7.16-1.amzn2.0.1 -> 3.9.16-1.amzn2023.0.3

Amazon Linux 2から移行する場合は使用していたパッケージが存在しているかチェックしましょう。

また、各リリース毎のパッケージのバージョンは以下AWS公式ドキュメントにまとまっています。

各パッケージのサポート期間とサポート状況は以下AWS公式ドキュメントをご覧ください。

他Linuxディストリビューションとの関係性

Amazon Linux 2023はFedoraベースのLinuxディストリビューションです。ただし、Fedora以外にもアップストリームがあります。例えばカーネルのソースはFedoraのものをカスタマイズするのではなく、kernel.orgから選択しているようです。

The Generally Available (GA) version of AL2023 isn't directly comparable to any specific Fedora release. The AL2023 GA version includes components from Fedora 34, 35, and 36. Some of the components are the same as the components in Fedora and some are modified. Other components more closely resemble the components in CentOS 9 Streams or were developed independently. The Amazon Linux kernel is sourced from the long-term support options that are on kernel.org, chosen independently from Fedora.

(以下機械翻訳)

AL2023の一般に利用可能な(GA)バージョンは、特定のFedoraリリースと直接比較することはできません。AL2023 GAバージョンは、Fedora 34、35、36のコンポーネントを含んでいます。いくつかのコンポーネントはFedoraのコンポーネントと同じであり、いくつかは修正されています。その他のコンポーネントは、CentOS 9 Streamsのコンポーネントにより近いか、独自に開発されたものです。Amazon Linuxカーネルは、kernel.orgにある長期サポートオプションから、Fedoraとは別に選択されたものをソースとしています。

Relationship to Fedora - Amazon Linux 2023

AMIの確認

それでは実際に触ってみます。

まず、マネジメントコンソールからAMIを確認します。

クイックスタートにAmazon Linux 2023がありますね。

AMIの選択

表示されたAMIの詳細を確認してみます。

$ aws ec2 describe-images \
    --image-ids ami-02f3f602d23f1659d
{
    "Images": [
        {
            "Architecture": "x86_64",
            "CreationDate": "2023-03-13T23:52:35.000Z",
            "ImageId": "ami-02f3f602d23f1659d",
            "ImageLocation": "amazon/al2023-ami-2023.0.20230315.0-kernel-6.1-x86_64",
            "ImageType": "machine",
            "Public": true,
            "OwnerId": "137112412989",
            "PlatformDetails": "Linux/UNIX",
            "UsageOperation": "RunInstances",
            "State": "available",
            "BlockDeviceMappings": [
                {
                    "DeviceName": "/dev/xvda",
                    "Ebs": {
                        "DeleteOnTermination": true,
                        "Iops": 3000,
                        "SnapshotId": "snap-07288b20d4d442c83",
                        "VolumeSize": 8,
                        "VolumeType": "gp3",
                        "Throughput": 125,
                        "Encrypted": false
                    }
                }
            ],
            "Description": "Amazon Linux 2023 AMI 2023.0.20230315.0 x86_64 HVM kernel-6.1",
            "EnaSupport": true,
            "Hypervisor": "xen",
            "ImageOwnerAlias": "amazon",
            "Name": "al2023-ami-2023.0.20230315.0-kernel-6.1-x86_64",
            "RootDeviceName": "/dev/xvda",
            "RootDeviceType": "ebs",
            "SriovNetSupport": "simple",
            "VirtualizationType": "hvm",
            "BootMode": "uefi-preferred",
            "DeprecationTime": "2025-03-13T23:52:35.000Z",
            "ImdsSupport": "v2.0"
        }
    ]
}

デフォルトボリュームがgp3であることが分かります。また、IMDSもv2のようですね。

パラメーターストアからも確認してみます。

al2023で検索すると以下のように8つのパラメーターが表示されました。

パラメーターストアの確認

  • /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-arm64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-arm64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-6.1-arm64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-6.1-x86_64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-default-arm64
  • /aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-default-x86_64

arm64とx86-64とどちらのアーキテクチャーのAMIがありますね。

minimalとdefaultの違いはOSの実行に必要な最も基本的なツールとユーティリティのみがインストールされているかどうかになります。基本的にはdefaultを選択することになると思われます。

You can choose to use a standard or minimal Amazon Machine Image (AMI) of Amazon Linux 2023 (AL2023).

The standard AL2023 AMI is the default Amazon Machine Image (AMI) that you create. This version comes installed with all of the most commonly used applications and tools. We recommend the standard AMI if you want to get started quickly and aren't interested in customizing the AMI.

The minimal AL2023 AMI is the basic, streamlined version that contains only the most basic tools and utilities necessary to run the OS. We recommend the minimal AMI if you want to have the smallest possible OS footprint possible. The minimal AMI offers slightly reduced disk space utilization and better long-term cost efficiency. The minimal AMI is suitable if you want a smaller OS and don't mind manually installing tools and applications.

For instructions on how to create an Amazon EC2 instance of the standard or minimal AMI type, see Get started with Amazon Linux 2023.

Comparing Amazon Linux 2023 standard (default) and minimal AMIs - Amazon Linux 2023

なお、defaultのパラメーターのAMIとサフィックスが何もついていないパラメーターのAMIは同じものでした。

起動したEC2インスタンスの確認

それではEC2インスタンスを起動させます。

起動させたEC2インスタンスは以下の通りです。

$ aws ec2 describe-images --image-ids ami-02f3f602d23f1659d
 aws ec2 describe-instances --instance-ids i-08aac655640fd7a9c
{
    "Reservations": [
        {
            "Groups": [],
            "Instances": [
                {
                    "AmiLaunchIndex": 0,
                    "ImageId": "ami-02f3f602d23f1659d",
                    "InstanceId": "i-08aac655640fd7a9c",
                    "InstanceType": "t3.micro",
                    "KeyName": "<キーペア名>",
                    "LaunchTime": "2023-03-15T22:00:40+00:00",
                    "Monitoring": {
                        "State": "disabled"
                    },
                    "Placement": {
                        "AvailabilityZone": "us-east-1b",
                        "GroupName": "",
                        "Tenancy": "default"
                    },
                    "PrivateDnsName": "ip-172-31-7-233.ec2.internal",
                    "PrivateIpAddress": "172.31.7.233",
                    "ProductCodes": [],
                    "PublicDnsName": "ec2-44-192-37-26.compute-1.amazonaws.com",
                    "PublicIpAddress": "44.192.37.26",
                    "State": {
                        "Code": 16,
                        "Name": "running"
                    },
                    "StateTransitionReason": "",
                    "SubnetId": "subnet-0355def964cb72d89",
                    "VpcId": "vpc-0e0796981cea634c1",
                    "Architecture": "x86_64",
                    "BlockDeviceMappings": [
                                    "GroupName": "launch-wizard-1",
                                    "GroupId": "sg-07ea9d6dc0aa48b2d"
                                }
                            ],
                            "Ipv6Addresses": [],
                            "MacAddress": "02:04:4d:6f:d5:6b",
                            "NetworkInterfaceId": "eni-01bf04ad7fd8fa1f7",
                            "OwnerId": "<AWSアカウントID>",
                            "PrivateDnsName": "ip-172-31-7-233.ec2.internal",
                            "PrivateIpAddress": "172.31.7.233",
                            "PrivateIpAddresses": [
                                {
                                    "Association": {
                                        "IpOwnerId": "amazon",
                                        "PublicDnsName": "ec2-44-192-37-26.compute-1.amazonaws.com",
                                        "PublicIp": "44.192.37.26"
                                    },
                                    "Primary": true,
                                    "PrivateDnsName": "ip-172-31-7-233.ec2.internal",
                                    "PrivateIpAddress": "172.31.7.233"
                                }
                            ],
                            "SourceDestCheck": true,
                            "Status": "in-use",
                            "SubnetId": "subnet-0355def964cb72d89",
                            "VpcId": "vpc-0e0796981cea634c1",
                            "InterfaceType": "interface"
                        }
                    ],
                    "RootDeviceName": "/dev/xvda",
                    "RootDeviceType": "ebs",
                    "SecurityGroups": [
                        {
                            "GroupName": "launch-wizard-1",
                            "GroupId": "sg-07ea9d6dc0aa48b2d"
                        }
                    ],
                    "SourceDestCheck": true,
                    "SpotInstanceRequestId": "sir-34cyhnxh",
                    "Tags": [
                        {
                            "Key": "Name",
                            "Value": "al2023"
                        }
                    ],
                    "VirtualizationType": "hvm",
                    "CpuOptions": {
                        "CoreCount": 1,
                        "ThreadsPerCore": 2
                    },
                    "CapacityReservationSpecification": {
                        "CapacityReservationPreference": "open"
                    },
                    "HibernationOptions": {
                        "Configured": false
                    },
                    "MetadataOptions": {
                        "State": "applied",
                        "HttpTokens": "required",
                        "HttpPutResponseHopLimit": 2,
                        "HttpEndpoint": "enabled",
                        "HttpProtocolIpv6": "disabled",
                        "InstanceMetadataTags": "disabled"
                    },
                    "EnclaveOptions": {
                        "Enabled": false
                    },
                    "BootMode": "uefi-preferred",
                    "PlatformDetails": "Linux/UNIX",
                    "UsageOperation": "RunInstances",
                    "UsageOperationUpdateTime": "2023-03-15T22:00:40+00:00",
                    "PrivateDnsNameOptions": {
                        "HostnameType": "ip-name",
                        "EnableResourceNameDnsARecord": true,
                        "EnableResourceNameDnsAAAARecord": false
                    },
                    "MaintenanceOptions": {
                        "AutoRecovery": "default"
                    },
                    "CurrentInstanceBootMode": "uefi"
                }
            ],
            "OwnerId": "<AWSアカウントID>",
            "ReservationId": "r-03d46fb2a23c97dcb"
        }
    ]
}

OSの情報確認

シェル

SSMセッションマネージャーでEC2インスタンスに接続して、OSの各種情報を確認します。

# 現在のユーザー確認
$ whoami
ssm-user

# 現在のディレクトリ確認
$ pwd
/usr/bin
# ログインシェルを確認

$ echo $SHELL
/bin/bash

# 使用できるシェルの一覧を確認
$ cat /etc/shells
/bin/sh
/bin/bash
/usr/bin/sh
/usr/bin/bash
/bin/csh
/bin/tcsh
/usr/bin/csh
/usr/bin/tcsh

OSとカーネルのバージョン確認

# OSのバージョン確認
$ cat /etc/os-release
NAME="Amazon Linux"
VERSION="2023"
ID="amzn"
ID_LIKE="fedora"
VERSION_ID="2023"
PLATFORM_ID="platform:al2023"
PRETTY_NAME="Amazon Linux 2023"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
HOME_URL="https://aws.amazon.com/linux/"
BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
SUPPORT_END="2028-03-01"

# カーネルのバージョン確認
$ uname  -r
6.1.15-28.43.amzn2023.x86_64

# カーネルの詳細確認
$ rpm -qi kernel
Name        : kernel
Version     : 6.1.15
Release     : 28.43.amzn2023
Architecture: x86_64
Install Date: Mon Mar 13 23:37:19 2023
Group       : System Environment/Kernel
Size        : 176192488
License     : GPLv2 and Redistributable, no modification permitted
Signature   : RSA/SHA512, Thu Jan  1 00:00:00 1970, Key ID e951904ad832c631
Source RPM  : kernel-6.1.15-28.43.amzn2023.src.rpm
Build Date  : Thu Mar  9 17:16:01 2023
Build Host  : ip-10-0-52-220.us-west-2.compute.internal
Packager    : Amazon Linux
Vendor      : Amazon Linux
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

SELinux

# SELinuxのモード
$ getenforce
Permissive

# SELinuxのステータスと使用されているSELinuxポリシー
$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33

# 監査ログファイルの確認
$ sudo ls -l /var/log/audit/audit.log
-rw-------. 1 root root 219596 Mar 18 08:45 /var/log/audit/audit.log

# 監査ログの確認
$ sudo head /var/log/audit/audit.log
type=DAEMON_START msg=audit(1678917649.599:8216): op=start ver=3.0.6 format=enriched kernel=6.1.15-28.43.amzn2023.x86_64 auid=4294967295 pid=1142 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0res=successAUID="unset" UID="root"
type=SYSCALL msg=audit(1678917649.599:77): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed675b810 a2=3c a3=0 items=0 ppid=1138 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditd" exe="/usr/sbin/auditd" subj=system_u:system_r:auditd_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.599:77): proctitle="/sbin/auditd"
type=CONFIG_CHANGE msg=audit(1678917649.599:78): op=set audit_pid=1142 old=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1AUID="unset"
type=SYSCALL msg=audit(1678917649.599:78): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed67594c0 a2=3c a3=0 items=0 ppid=1138 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditd" exe="/usr/sbin/auditd" subj=system_u:system_r:auditd_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.599:78): proctitle="/sbin/auditd"
type=SERVICE_START msg=audit(1678917649.599:79): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset"
type=CONFIG_CHANGE msg=audit(1678917649.709:80): auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 op=add_rule key=(null) list=1 res=1AUID="unset"
type=SYSCALL msg=audit(1678917649.709:80): arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7ffdd27ed010 a2=420 a3=0 items=0 ppid=1145 pid=1172 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.709:80): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573

dnfリポジトリ

# リポジトリの一覧
$ dnf repolist --all
repo id                                repo name                                                                      status
amazonlinux                            Amazon Linux 2023 repository                                                   enabled
amazonlinux-debuginfo                  Amazon Linux 2023 repository - Debug                                           disabled
amazonlinux-source                     Amazon Linux 2023 repository - Source packages                                 disabled
kernel-livepatch                       Amazon Linux 2023 Kernel Livepatch repository                                  enabled
kernel-livepatch-source                Amazon Linux 2023 Kernel Livepatch repository - Source packages                disabled

# インストールされているパッケージのサポート期限の確認
$ sudo dnf supportinfo --show installed | sort
Last metadata expiration check: 0:26:41 ago on Wed Mar 15 22:01:04 2023.
acl                                        2.3.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
acpid                                      2.0.32-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
alternatives                               1.15-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
amazon-cloudwatch-agent                    1.247357.0b252275-1                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
amazon-ec2-net-utils                       2.3.0-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
amazon-linux-repo-s3                       2023.0.20230315-1.amzn2023           installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
amazon-rpm-config                          228-3.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
amazon-ssm-agent                           3.2.582.0-1                          installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
at                                         3.1.23-6.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
attr                                       2.5.1-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
audit                                      3.0.6-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
audit-libs                                 3.0.6-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
aws-cfn-bootstrap                          2.0-23.amzn2023                      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
awscli-2                                   2.9.19-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
basesystem                                 11-11.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bash                                       5.2.15-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bash-completion                            2.11-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bc                                         1.07.1-14.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bind-libs                                  9.16.27-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bind-license                               9.16.27-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bind-utils                                 9.16.27-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
binutils                                   2.39-6.amzn2023.0.5                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
boost-filesystem                           1.75.0-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
boost-system                               1.75.0-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
boost-thread                               1.75.0-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bzip2                                      1.0.8-6.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
bzip2-libs                                 1.0.8-6.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
c-ares                                     1.17.2-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ca-certificates                            2023.2.60-1.0.amzn2023.0.1           installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
checkpolicy                                3.4-3.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
chkconfig                                  1.15-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
chrony                                     4.3-1.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cloud-init                                 22.2.2-1.amzn2023.1.7                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cloud-utils-growpart                       0.31-8.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
coreutils                                  8.32-30.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
coreutils-common                           8.32-30.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cpio                                       2.13-13.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cracklib                                   2.9.6-27.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cracklib-dicts                             2.9.6-27.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
crontabs                                   1.11-24.20190603git.amzn2023.0.2     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
crypto-policies                            20220428-1.gitdfb10ea.amzn2023.0.2   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
crypto-policies-scripts                    20220428-1.gitdfb10ea.amzn2023.0.2   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cryptsetup                                 2.6.1-1.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cryptsetup-libs                            2.6.1-1.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
curl-minimal                               7.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cyrus-sasl-lib                             2.1.27-18.amzn2023.0.3               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
cyrus-sasl-plain                           2.1.27-18.amzn2023.0.3               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dbus                                       1.12.24-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dbus-broker                                32-1.amzn2023.0.2                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dbus-common                                1.12.24-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dbus-libs                                  1.12.24-1.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
device-mapper                              1.02.185-1.amzn2023.0.4              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
device-mapper-libs                         1.02.185-1.amzn2023.0.4              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
diffutils                                  3.8-1.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dnf                                        4.12.0-2.amzn2023.0.4                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dnf-data                                   4.12.0-2.amzn2023.0.4                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dnf-plugin-release-notification            1.2-1.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dnf-plugin-support-info                    1.0-2.amzn2023.0.5                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dnf-plugins-core                           4.1.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dosfstools                                 4.2-1.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dracut                                     055-6.amzn2023.0.6                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dracut-config-ec2                          3.0-4.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dracut-config-generic                      055-6.amzn2023.0.6                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dwz                                        0.14-6.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
dyninst                                    10.2.1-6.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
e2fsprogs                                  1.46.5-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
e2fsprogs-libs                             1.46.5-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ec2-hibinit-agent                          1.0.4-0.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ec2-instance-connect                       1.1-19.amzn2023                      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ec2-instance-connect-selinux               1.1-19.amzn2023                      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ec2-utils                                  2.0.1-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ed                                         1.14.2-10.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
efi-filesystem                             5-4.amzn2023.0.5                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
efi-srpm-macros                            5-4.amzn2023.0.5                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
elfutils-debuginfod-client                 0.188-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
elfutils-default-yama-scope                0.188-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
elfutils-libelf                            0.188-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
elfutils-libs                              0.188-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ethtool                                    5.15-1.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
expat                                      2.5.0-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
file                                       5.39-7.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
file-libs                                  5.39-7.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
filesystem                                 3.14-5.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
findutils                                  4.8.0-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
fonts-srpm-macros                          2.0.5-5.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
fstrm                                      0.6.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
fuse-libs                                  2.9.9-13.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gawk                                       5.1.0-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gdbm-libs                                  1.19-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gdisk                                      1.0.8-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gettext                                    0.21-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gettext-libs                               0.21-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ghc-srpm-macros                            1.5.0-4.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glib2                                      2.73.2-680.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glibc                                      2.34-52.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glibc-all-langpacks                        2.34-52.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glibc-common                               2.34-52.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glibc-gconv-extra                          2.34-52.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
glibc-locale-source                        2.34-52.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gmp                                        6.2.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gnupg2-minimal                             2.3.7-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gnutls                                     3.7.8-359.amzn2023.0.3               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
go-srpm-macros                             3.1.0-32.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gpgme                                      1.15.1-6.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gpm-libs                                   1.20.7-26.amzn2023.amzn2023.0.3      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grep                                       3.8-1.amzn2023.0.4                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
groff-base                                 1.22.4-7.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grub2-common                               2.06-61.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grub2-efi-x64-ec2                          2.06-61.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grub2-pc-modules                           2.06-61.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grub2-tools                                2.06-61.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grub2-tools-minimal                        2.06-61.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
grubby                                     8.40-51.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gssproxy                                   0.8.4-2.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
gzip                                       1.12-1.amzn2023.0.1                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hostname                                   3.23-4.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hunspell                                   1.7.0-9.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hunspell-en                                0.20140811.1-18.amzn2023.0.3         installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hunspell-en-GB                             0.20140811.1-18.amzn2023.0.3         installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hunspell-en-US                             0.20140811.1-18.amzn2023.0.3         installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hunspell-filesystem                        1.7.0-9.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
hwdata                                     0.353-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
info                                       6.7-10.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
inih                                       49-3.amzn2023.0.2                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
initscripts                                10.09-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
iproute                                    5.10.0-2.amzn2023.0.5                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
iputils                                    20210202-2.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
irqbalance                                 1.9.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
jansson                                    2.14-0.amzn2023                      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
jitterentropy                              3.4.1-4.amzn2023                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
json-c                                     0.14-8.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kbd                                        2.4.0-2.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kbd-misc                                   2.4.0-2.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kernel                                     6.1.15-28.43.amzn2023                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kernel-livepatch-repo-s3                   2023.0.20230315-1.amzn2023           installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kernel-srpm-macros                         1.0-14.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kernel-tools                               6.1.15-28.43.amzn2023                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
keyutils                                   1.6.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
keyutils-libs                              1.6.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kmod                                       29-2.amzn2023.0.5                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kmod-libs                                  29-2.amzn2023.0.5                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
kpatch-runtime                             0.9.7-8.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
krb5-libs                                  1.20.1-8.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
less                                       608-2.amzn2023.0.1                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libacl                                     2.3.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libaio                                     0.3.111-11.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libarchive                                 3.5.3-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libargon2                                  20171227-9.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libassuan                                  2.5.5-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libattr                                    2.5.1-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libbasicobjects                            0.1.1-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libblkid                                   2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcap                                     2.48-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcap-ng                                  0.8.2-4.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcbor                                    0.7.0-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcollection                              0.7.0-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcom_err                                 1.46.5-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcomps                                   0.1.18-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libconfig                                  1.7.2-7.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libcurl-minimal                            7.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libdb                                      5.3.28-49.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libdhash                                   0.5.0-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libdnf                                     0.67.0-1.amzn2023.0.5                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libeconf                                   0.4.0-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libedit                                    3.1-38.20210714cvs.amzn2023.0.2      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libev                                      4.33-3.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libevent                                   2.1.12-3.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libfdisk                                   2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libffi                                     3.1-28.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libfido2                                   1.10.0-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libgcc                                     11.3.1-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libgcrypt                                  1.10.1-7.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libgomp                                    11.3.1-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libgpg-error                               1.42-1.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libibverbs                                 37.0-1.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libidn2                                    2.3.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libini_config                              1.3.1-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libkcapi                                   1.4.0-105.amzn2023.0.1               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libkcapi-hmaccalc                          1.4.0-105.amzn2023.0.1               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libldb                                     2.6.1-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libmaxminddb                               1.5.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libmetalink                                0.1.3-14.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libmnl                                     1.0.4-13.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libmodulemd                                2.13.0-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libmount                                   2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libnfsidmap                                2.5.4-2.rc3.amzn2023.0.3             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libnghttp2                                 1.51.0-1.amzn2023                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libnl3                                     3.5.0-6.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpath_utils                              0.2.1-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpcap                                    1.10.1-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpipeline                                1.5.3-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpkgconf                                 1.8.0-4.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpsl                                     0.21.1-3.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libpwquality                               1.4.4-6.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libref_array                               0.1.5-47.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
librepo                                    1.14.2-1.amzn2023.0.4                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libreport-filesystem                       2.15.2-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libseccomp                                 2.5.3-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libselinux                                 3.4-5.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libselinux-utils                           3.4-5.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsemanage                                3.4-5.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsepol                                   3.4-3.amzn2023.0.3                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsigsegv                                 2.13-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsmartcols                               2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsolv                                    0.7.22-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libss                                      1.46.5-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsss_certmap                             2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsss_idmap                               2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libsss_nss_idmap                           2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libstdc++                                  11.3.1-4.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libstoragemgmt                             1.9.4-5.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
libtalloc                                  2.3.4-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libtasn1                                   4.19.0-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libtdb                                     1.4.7-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libtevent                                  0.13.0-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libtextstyle                               0.21-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libtirpc                                   1.3.3-0.amzn2023                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libunistring                               0.9.10-10.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libuser                                    0.63-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libutempter                                1.2.1-4.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libuuid                                    2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libuv                                      1.44.1-156.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libverto                                   0.3.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libverto-libev                             0.3.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libxcrypt                                  4.4.33-7.amzn2023                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libxml2                                    2.10.3-2.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libyaml                                    0.2.5-5.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
libzstd                                    1.5.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lm_sensors-libs                            3.6.0-8.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lmdb-libs                                  0.9.29-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
logrotate                                  3.20.1-2.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lsof                                       4.94.0-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lua-libs                                   5.4.4-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lua-srpm-macros                            1-4.amzn2023.0.2                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
lz4-libs                                   1.9.4-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
man-db                                     2.9.3-3.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
man-pages                                  5.10-2.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
microcode_ctl                              2.1-53.amzn2023                      installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
mpfr                                       4.1.0-7.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nano                                       5.8-3.amzn2023.0.3                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ncurses                                    6.2-4.20200222.amzn2023.0.3          installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ncurses-base                               6.2-4.20200222.amzn2023.0.3          installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ncurses-libs                               6.2-4.20200222.amzn2023.0.3          installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
net-tools                                  2.0-0.59.20160912git.amzn2023.0.3    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nettle                                     3.8-1.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
newt                                       0.52.21-9.amzn2023.0.3               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nfs-utils                                  2.5.4-2.rc3.amzn2023.0.3             installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
npth                                       1.6-6.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nspr                                       4.35.0-4.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nss                                        3.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nss-softokn                                3.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nss-softokn-freebl                         3.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nss-sysinit                                3.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
nss-util                                   3.88.1-1.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ntsysv                                     1.15-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
numactl-libs                               2.0.14-3.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
ocaml-srpm-macros                          6-6.amzn2023.0.2                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openblas-srpm-macros                       2-9.amzn2023.0.2                     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openldap                                   2.4.57-6.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssh                                    8.7p1-8.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssh-clients                            8.7p1-8.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssh-server                             8.7p1-8.amzn2023.0.4                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssl                                    3.0.8-1.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssl-libs                               3.0.8-1.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
openssl-pkcs11                             0.4.12-3.amzn2023.0.1                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
os-prober                                  1.77-7.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
p11-kit                                    0.24.1-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
p11-kit-trust                              0.24.1-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
package-notes-srpm-macros                  0.4-18.amzn2023.0.5                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pam                                        1.5.1-8.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
parted                                     3.4-2.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
passwd                                     0.80-10.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pciutils                                   3.7.0-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pciutils-libs                              3.7.0-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pcre2                                      10.40-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pcre2-syntax                               10.40-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Carp                                  1.50-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Class-Struct                          0.66-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-DynaLoader                            1.47-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Encode                                3.15-462.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Errno                                 1.30-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Exporter                              5.74-459.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Fcntl                                 1.13-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-File-Basename                         2.85-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-File-Path                             2.18-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-File-Temp                             0.231.100-2.amzn2023.0.2             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-File-stat                             1.09-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Getopt-Long                           2.52-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Getopt-Std                            1.12-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-HTTP-Tiny                             0.078-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-IO                                    1.43-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-IPC-Open3                             1.21-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-MIME-Base64                           3.16-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-POSIX                                 1.94-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-PathTools                             3.78-459.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Pod-Escapes                           1.07-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Pod-Perldoc                           3.28.01-459.amzn2023.0.2             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Pod-Simple                            3.42-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Pod-Usage                             2.01-2.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Scalar-List-Utils                     1.56-459.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-SelectSaver                           1.02-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Socket                                2.032-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Storable                              3.21-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Symbol                                1.08-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Term-ANSIColor                        5.01-459.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Term-Cap                              1.17-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Text-ParseWords                       3.30-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-Time-Local                            1.300-5.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-constant                              1.33-459.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-if                                    0.60.800-477.amzn2023.0.3            installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-interpreter                           5.32.1-477.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-libs                                  5.32.1-477.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-mro                                   1.23-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-overload                              1.31-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-overloading                           0.02-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-parent                                0.238-458.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-podlators                             4.14-458.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-srpm-macros                           1-39.amzn2023.0.2                    installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-subs                                  1.03-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
perl-vars                                  1.05-477.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pkgconf                                    1.8.0-4.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pkgconf-m4                                 1.8.0-4.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
pkgconf-pkg-config                         1.8.0-4.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
policycoreutils                            3.4-6.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
policycoreutils-python-utils               3.4-6.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
popt                                       1.18-6.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
procps-ng                                  3.3.17-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
protobuf-c                                 1.4.1-2.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
psacct                                     6.6.4-9.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
psmisc                                     23.4-1.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
publicsuffix-list-dafsa                    20221208-60.amzn2023                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python-chevron                             0.13.1-1.amzn2023.0.3                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python-srpm-macros                         3.9-41.amzn2023.0.5                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3                                    3.9.16-1.amzn2023.0.3                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-attrs                              20.3.0-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-audit                              3.0.6-1.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-awscrt                             0.16.7-1.amzn2023.0.1                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-babel                              2.9.1-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-cffi                               1.14.5-1.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-chardet                            4.0.0-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-colorama                           0.4.4-2.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-configobj                          5.0.6-23.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-cryptography                       36.0.1-1.amzn2023.0.3                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-daemon                             2.3.0-4.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-dateutil                           2.8.1-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-dbus                               1.2.18-1.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-distro                             1.5.0-5.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-dnf                                4.12.0-2.amzn2023.0.4                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-dnf-plugins-core                   4.1.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-docutils                           0.16-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-gpg                                1.15.1-6.amzn2023.0.3                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-hawkey                             0.67.0-1.amzn2023.0.5                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-idna                               2.10-3.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-jinja2                             2.11.3-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-jmespath                           0.10.0-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-jsonpatch                          1.21-14.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-jsonpointer                        2.0-2.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-jsonschema                         3.2.0-9.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-libcomps                           0.1.18-1.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-libdnf                             0.67.0-1.amzn2023.0.5                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-libs                               3.9.16-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-libselinux                         3.4-5.amzn2023.0.2                   installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-libsemanage                        3.4-5.amzn2023.0.2                   installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-libstoragemgmt                     1.9.4-5.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-lockfile                           0.12.2-5.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-markupsafe                         1.1.1-10.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-netifaces                          0.10.6-13.amzn2023.0.2               installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-oauthlib                           3.0.2-9.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pip-wheel                          21.3.1-2.amzn2023.0.5                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-ply                                3.11-11.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-policycoreutils                    3.4-6.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-prettytable                        0.7.2-25.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-prompt-toolkit                     3.0.24-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pycparser                          2.20-3.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pyrsistent                         0.17.3-6.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-pyserial                           3.4-10.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pysocks                            1.7.1-8.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pytz                               2022.7.1-1.amzn2023                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-pyyaml                             5.4.1-2.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-requests                           2.25.1-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-rpm                                4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-ruamel-yaml                        0.16.6-5.amzn2023.0.2                installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-ruamel-yaml-clib                   0.1.2-6.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-setools                            4.4.0-9.amzn2023.0.2                 installed          supported          2028-03-15         Python 3.9 (System Python) has security support until March 2028
python3-setuptools                         59.6.0-2.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-setuptools-wheel                   59.6.0-2.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-six                                1.15.0-5.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-urllib3                            1.25.10-5.amzn2023.0.2               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
python3-wcwidth                            0.2.5-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
quota                                      4.06-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
quota-nls                                  4.06-4.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
readline                                   8.1-2.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rng-tools                                  6.14-1.git.56626083.amzn2023.0.3     installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rootfiles                                  8.1-29.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpcbind                                    1.2.6-0.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm                                        4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm-build-libs                             4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm-libs                                   4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm-plugin-selinux                         4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm-plugin-systemd-inhibit                 4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rpm-sign-libs                              4.16.1.3-12.amzn2023.0.5             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rsync                                      3.2.6-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
rust-srpm-macros                           21-42.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
screen                                     4.8.0-5.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sed                                        4.8-7.amzn2023.0.2                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
selinux-policy                             36.16-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
selinux-policy-targeted                    36.16-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
setup                                      2.13.7-3.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
shadow-utils                               4.9-12.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
slang                                      2.3.2-9.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sqlite-libs                                3.40.0-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sssd-client                                2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sssd-common                                2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sssd-kcm                                   2.5.0-1.amzn2023.0.3                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
strace                                     5.16-2.amzn2023.0.3                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sudo                                       1.9.12-1.p2.amzn2023.0.3             installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sysctl-defaults                            1.0-3.amzn2023                       installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
sysstat                                    12.5.6-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
system-release                             2023.0.20230315-1.amzn2023           installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd                                    252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd-libs                               252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd-networkd                           252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd-pam                                252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd-resolved                           252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemd-udev                               252.4-1161.amzn2023.0.3              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
systemtap-runtime                          4.8-3.amzn2023.0.5                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
tar                                        1.34-1.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
tbb                                        2020.3-7.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
tcpdump                                    4.99.1-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
tcsh                                       6.24.07-1.amzn2023                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
time                                       1.9-16.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
traceroute                                 2.1.0-13.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
tzdata                                     2022g-1.amzn2023.0.1                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
unzip                                      6.0-57.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
update-motd                                2.0-1.amzn2023.0.3                   installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
userspace-rcu                              0.12.1-3.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
util-linux                                 2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
util-linux-core                            2.37.4-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
vim-common                                 9.0.1314-1.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
vim-data                                   9.0.1314-1.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
vim-enhanced                               9.0.1314-1.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
vim-filesystem                             9.0.1314-1.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
vim-minimal                                9.0.1314-1.amzn2023.0.2              installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
wget                                       1.21.3-1.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
which                                      2.21-26.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
words                                      3.0-37.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
xfsdump                                    3.1.11-2.amzn2023.0.2                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
xfsprogs                                   5.18.0-1.amzn2023.0.3                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
xxhash-libs                                0.8.0-3.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
xz                                         5.2.5-9.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
xz-libs                                    5.2.5-9.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
yum                                        4.12.0-2.amzn2023.0.4                installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
zip                                        3.0-28.amzn2023.0.2                  installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
zlib                                       1.2.11-33.amzn2023.0.4               installed          supported          2028-03-15         Amazon Linux 2023 end-of-life
zstd                                       1.5.2-1.amzn2023.0.2                 installed          supported          2028-03-15         Amazon Linux 2023 end-of-life

2023/3/15にリリースされたAmazon Linux 2023の全てのパッケージとバージョンは以下AWS公式ドキュメントにまとまっています。全てで2,177個のパッケージがあるようです。

サービス一覧

$ systemctl list-unit-files --type=service
UNIT FILE                              STATE           PRESET
acpid.service                          disabled        disabled
amazon-cloudwatch-agent.service        disabled        disabled
amazon-ssm-agent.service               enabled         enabled
arp-ethers.service                     disabled        disabled
atd.service                            enabled         enabled
auditd.service                         enabled         enabled
auth-rpcgss-module.service             static          -
autovt@.service                        alias           -
cfn-hup.service                        generated       -
chrony-wait.service                    disabled        disabled
chronyd.service                        enabled         enabled
cloud-config.service                   enabled         disabled
cloud-final.service                    enabled         disabled
cloud-init-hotplugd.service            static          -
cloud-init-local.service               enabled         disabled
cloud-init.service                     enabled         disabled
console-getty.service                  disabled        disabled
container-getty@.service               static          -
dbus-broker.service                    enabled         enabled
dbus-org.freedesktop.hostname1.service alias           -
dbus-org.freedesktop.locale1.service   alias           -
dbus-org.freedesktop.login1.service    alias           -
dbus-org.freedesktop.network1.service  alias           -
dbus-org.freedesktop.portable1.service alias           -
dbus-org.freedesktop.resolve1.service  alias           -
dbus-org.freedesktop.timedate1.service alias           -
dbus.service                           alias           -
debug-shell.service                    disabled        disabled
dnf-makecache.service                  static          -
dracut-cmdline.service                 static          -
dracut-initqueue.service               static          -
dracut-mount.service                   static          -
dracut-pre-mount.service               static          -
dracut-pre-pivot.service               static          -
dracut-pre-trigger.service             static          -
dracut-pre-udev.service                static          -
dracut-shutdown.service                static          -
emergency.service                      static          -
fstrim.service                         static          -
getty@.service                         enabled         enabled
grub-boot-indeterminate.service        static          -
grub2-systemd-integration.service      static          -
gssproxy.service                       disabled        disabled
hibinit-agent.service                  enabled         enabled
import-state.service                   enabled         enabled
initrd-cleanup.service                 static          -
initrd-parse-etc.service               static          -
initrd-switch-root.service             static          -
initrd-udevadm-cleanup-db.service      static          -
irqbalance.service                     enabled         enabled
kmod-static-nodes.service              static          -
kpatch.service                         disabled        disabled
ldconfig.service                       static          -
libstoragemgmt.service                 enabled         enabled
loadmodules.service                    disabled        disabled
logrotate.service                      static          -
man-db-cache-update.service            static          -
man-db-restart-cache-update.service    disabled        disabled
modprobe@.service                      static          -
nfs-blkmap.service                     disabled        disabled
nfs-convert.service                    enabled         disabled
nfs-idmapd.service                     static          -
nfs-mountd.service                     static          -
nfs-server.service                     disabled        disabled
nfs-utils.service                      static          -
nfsdcld.service                        static          -
nis-domainname.service                 disabled        disabled
pam_namespace.service                  static          -
policy-routes@.service                 static          -
psacct.service                         disabled        disabled
quotaon.service                        static          -
rc-local.service                       static          -
rdisc.service                          disabled        disabled
refresh-policy-routes@.service         static          -
rescue.service                         static          -
rngd.service                           enabled         enabled
rpc-gssd.service                       static          -
rpc-statd-notify.service               static          -
rpc-statd.service                      static          -
rpcbind.service                        disabled        disabled
rpmdb-rebuild.service                  enabled         enabled
selinux-autorelabel-mark.service       enabled         enabled
selinux-autorelabel.service            static          -
selinux-check-proper-disable.service   disabled        disabled
serial-getty@.service                  indirect        disabled
sshd-keygen@.service                   disabled        disabled
sshd.service                           enabled         enabled
sshd@.service                          static          -
sssd-autofs.service                    indirect        disabled
sssd-kcm.service                       indirect        disabled
sssd-nss.service                       indirect        disabled
sssd-pac.service                       indirect        disabled
sssd-pam.service                       indirect        disabled
sssd-ssh.service                       indirect        disabled
sssd-sudo.service                      indirect        disabled
sssd.service                           enabled         enabled
sysstat-collect.service                static          -
sysstat-summary.service                static          -
sysstat.service                        enabled         enabled
system-update-cleanup.service          static          -
systemd-ask-password-console.service   static          -
systemd-ask-password-wall.service      static          -
systemd-backlight@.service             static          -
systemd-binfmt.service                 static          -
systemd-boot-check-no-failures.service disabled        disabled
systemd-coredump@.service              static          -
systemd-exit.service                   static          -
systemd-firstboot.service              static          -
systemd-fsck-root.service              enabled-runtime disabled
systemd-fsck@.service                  static          -
systemd-halt.service                   static          -
systemd-hibernate-resume@.service      static          -
systemd-hibernate.service              static          -
systemd-homed-activate.service         disabled        disabled
systemd-homed.service                  disabled        enabled
systemd-hostnamed.service              static          -
systemd-hwdb-update.service            static          -
systemd-hybrid-sleep.service           static          -
systemd-initctl.service                static          -
systemd-journal-catalog-update.service static          -
systemd-journal-flush.service          static          -
systemd-journald.service               static          -
systemd-journald@.service              static          -
systemd-kexec.service                  static          -
systemd-localed.service                static          -
systemd-logind.service                 static          -
systemd-machine-id-commit.service      static          -
systemd-modules-load.service           static          -
systemd-network-generator.service      enabled         enabled
systemd-networkd-wait-online.service   enabled         disabled
systemd-networkd-wait-online@.service  disabled        disabled
systemd-networkd.service               enabled         enabled
systemd-oomd.service                   disabled        disabled
systemd-portabled.service              static          -
systemd-poweroff.service               static          -
systemd-pstore.service                 disabled        enabled
systemd-quotacheck.service             static          -
systemd-random-seed.service            static          -
systemd-reboot.service                 static          -
systemd-remount-fs.service             enabled-runtime disabled
systemd-repart.service                 static          -
systemd-resolved.service               enabled         enabled
systemd-rfkill.service                 static          -
systemd-suspend-then-hibernate.service static          -
systemd-suspend.service                static          -
systemd-sysctl.service                 static          -
systemd-sysext.service                 disabled        disabled
systemd-sysupdate-reboot.service       indirect        disabled
systemd-sysupdate.service              indirect        disabled
systemd-sysusers.service               static          -
systemd-time-wait-sync.service         disabled        disabled
systemd-timedated.service              static          -
systemd-timesyncd.service              disabled        disabled
systemd-tmpfiles-clean.service         static          -
systemd-tmpfiles-setup-dev.service     static          -
systemd-tmpfiles-setup.service         static          -
systemd-udev-settle.service            static          -
systemd-udev-trigger.service           static          -
systemd-udevd.service                  static          -
systemd-update-done.service            static          -
systemd-update-utmp-runlevel.service   static          -
systemd-update-utmp.service            static          -
systemd-user-sessions.service          static          -
systemd-userdbd.service                indirect        disabled
systemd-vconsole-setup.service         static          -
systemd-volatile-root.service          static          -
update-motd.service                    enabled         enabled
user-runtime-dir@.service              static          -
user@.service                          static          -

169 unit files listed.

プロセス一覧

$ sudo ps auxf
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root           2  0.0  0.0      0     0 ?        S    22:00   0:00 [kthreadd]
root           3  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [rcu_gp]
root           4  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [rcu_par_gp]
root           5  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [slub_flushwq]
root           6  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [netns]
root           8  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kworker/0:0H-events_highpri]
root          10  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [mm_percpu_wq]
root          11  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [rcu_tasks_kthread]
root          12  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [rcu_tasks_rude_kthread]
root          13  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [rcu_tasks_trace_kthread]
root          14  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [ksoftirqd/0]
root          15  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [rcu_preempt]
root          16  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [migration/0]
root          18  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [cpuhp/0]
root          19  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [cpuhp/1]
root          20  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [migration/1]
root          21  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [ksoftirqd/1]
root          23  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kworker/1:0H-events_highpri]
root          25  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [kworker/u4:1-events_unbound]
root          26  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [kdevtmpfs]
root          27  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [inet_frag_wq]
root          28  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [kauditd]
root          29  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [khungtaskd]
root          30  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [oom_reaper]
root          32  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [writeback]
root          33  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [kcompactd0]
root          34  0.0  0.0      0     0 ?        SN   22:00   0:00  \_ [khugepaged]
root          35  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kintegrityd]
root          36  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kblockd]
root          37  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [blkcg_punt_bio]
root          39  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [tpm_dev_wq]
root          40  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [md]
root          41  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [edac-poller]
root          42  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [watchdogd]
root          43  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kworker/1:1H-xfs-log/nvme0n1p1]
root          60  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [kswapd0]
root          63  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfsalloc]
root          64  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs_mru_cache]
root          66  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kthrotld]
root          69  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [kworker/1:2-mm_percpu_wq]
root          82  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [xenbus_probe]
root         113  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [nvme-wq]
root         115  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [nvme-reset-wq]
root         117  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [nvme-delete-wq]
root         124  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [mld]
root         143  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [ipv6_addrconf]
root         162  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kstrp]
root         174  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [zswap-shrink]
root         242  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kworker/u5:0]
root         243  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [kworker/0:1H-xfs-log/nvme0n1p1]
root         361  0.0  0.0      0     0 ?        I    22:00   0:00  \_ [kworker/0:3-cgroup_destroy]
root         706  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-buf/nvme0n1]
root         707  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-conv/nvme0n]
root         708  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-reclaim/nvm]
root         709  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-blockgc/nvm]
root         710  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-inodegc/nvm]
root         711  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-log/nvme0n1]
root         712  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xfs-cil/nvme0n1]
root         713  0.0  0.0      0     0 ?        S    22:00   0:00  \_ [xfsaild/nvme0n1p1]
root        1157  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [ena]
root        1179  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [cryptd]
root        1340  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [rpciod]
root        1341  0.0  0.0      0     0 ?        I<   22:00   0:00  \_ [xprtiod]
root        2034  0.0  0.0      0     0 ?        I    22:06   0:00  \_ [kworker/0:1-mm_percpu_wq]
root        2088  0.0  0.0      0     0 ?        I    22:06   0:00  \_ [kworker/1:0-events]
root        2203  0.0  0.0      0     0 ?        I    22:10   0:00  \_ [kworker/u4:0-events_unbound]
root        2265  0.0  0.0      0     0 ?        I    22:13   0:00  \_ [kworker/1:1-mm_percpu_wq]
root        2322  0.0  0.0      0     0 ?        I    22:13   0:00  \_ [kworker/0:0-events]
root        2329  0.0  0.0      0     0 ?        D    22:15   0:00  \_ [kworker/u4:2+events_unbound]
root        2454  0.0  0.0      0     0 ?        I    22:17   0:00  \_ [kworker/u4:3-events_unbound]
root           1  0.2  1.7 105312 16896 ?        Ss   22:00   0:02 /usr/lib/systemd/systemd --switched-root --system --deseria
root         756  0.0  1.5  42264 14964 ?        Ss   22:00   0:00 /usr/lib/systemd/systemd-journald
root        1127  0.0  1.1  30288 10460 ?        Ss   22:00   0:00 /usr/lib/systemd/systemd-udevd
systemd+    1140  0.0  1.5  21036 14512 ?        Ss   22:00   0:00 /usr/lib/systemd/systemd-resolved
root        1142  0.0  0.2  36024  2776 ?        S<sl 22:00   0:00 /sbin/auditd
root        1191  0.0  0.6  15260  6528 ?        Ss   22:00   0:00 /usr/bin/systemd-inhibit --what=handle-suspend-key:handle-h
root        1358  0.0  0.1   2668  1132 ?        S    22:00   0:00  \_ /usr/sbin/acpid -f
root        1194  0.0  0.3  81328  2940 ?        Ssl  22:00   0:00 /usr/sbin/irqbalance --foreground
libstor+    1195  0.0  0.2   2752  2040 ?        Ss   22:00   0:00 /usr/bin/lsmd -d
root        1196  3.7  0.7 164768  6868 ?        Ssl  22:00   0:37 /usr/sbin/rngd -f -x pkcs11 -x nist
root        1197  0.0  1.1 240020 10684 ?        Ss   22:00   0:00 /usr/sbin/sssd -i --logger=files
root        1263  0.0  1.3 243644 12684 ?        S    22:00   0:00  \_ /usr/libexec/sssd/sssd_be --domain implicit_files --uid
root        1283  0.0  4.1 267284 39504 ?        S    22:00   0:00  \_ /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=fil
dbus        1199  0.0  0.4   8372  3884 ?        Ss   22:00   0:00 /usr/bin/dbus-broker-launch --scope system --audit
dbus        1217  0.0  0.3   5264  2904 ?        S    22:00   0:00  \_ dbus-broker --log 4 --controller 9 --machine-id ec26934
systemd+    1200  0.0  1.0 235712  9592 ?        Ss   22:00   0:00 /usr/lib/systemd/systemd-networkd
chrony      1213  0.0  0.4  86864  4152 ?        S    22:00   0:00 /usr/sbin/chronyd -F 2
root        1242  0.0  0.3 281008  3532 ?        Ssl  22:00   0:00 /usr/sbin/gssproxy -D
root        1334  0.0  1.0  17600  9864 ?        Ss   22:00   0:00 /usr/lib/systemd/systemd-logind
root        1495  0.0  0.2  20544  2624 ?        Ss   22:00   0:00 /usr/sbin/atd -f
root        1496  0.0  0.1 221344  1068 tty1     Ss+  22:00   0:00 /sbin/agetty -o -p -- \u --noclear - linux
root        1497  0.0  0.1 221388  1064 ttyS0    Ss+  22:00   0:00 /sbin/agetty -o -p -- \u --keep-baud 115200,57600,38400,960
root        1503  0.0  0.7  29104  7096 ?        Ss   22:00   0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root        1840  0.0  1.6 1247744 15776 ?       Ssl  22:01   0:00 /usr/bin/amazon-ssm-agent
root        1880  0.0  2.8 1484360 26732 ?       Sl   22:01   0:00  \_ /usr/bin/ssm-agent-worker
root        2009  0.1  2.3 1326884 21740 ?       Sl   22:05   0:01      \_ /usr/bin/ssm-session-worker <IAMロール名>-03f3f
ssm-user    2029  0.0  0.4 232300  4200 pts/0    Ss   22:05   0:00          \_ sh
root        2392  1.0  0.8 260288  8448 pts/0    S+   22:17   0:00              \_ sudo ps auxf
root        2463  0.0  0.3 232680  2912 pts/0    R+   22:17   0:00                  \_ ps auxf
root        2395  4.0  0.6  15260  6528 ?        Ss   22:17   0:00 /usr/lib/systemd/systemd-userdbd
root        2410  0.0  0.8  24876  7684 ?        S    22:17   0:00  \_ systemd-userwork
root        2412  0.0  0.7  15612  6672 ?        S    22:17   0:00  \_ systemd-userwork
root        2413  0.0  0.7  15612  6684 ?        S    22:17   0:00  \_ systemd-userwork
root        2451  6.0  1.3  19836 12912 ?        Ss   22:17   0:00 /usr/lib/systemd/systemd --user
root        2456  0.0  0.7 115676  6800 ?        S    22:17   0:00  \_ (sd-pam)

使用しているポート一覧

$ sudo ss -antup
Netid      State          Recv-Q      Send-Q                           Local Address:Port              Peer Address:PortProcess
udp        UNCONN         0           0                            172.31.7.233%ens5:68                     0.0.0.0:* users:(("systemd-network",pid=1200,fd=17))
udp        UNCONN         0           0                                    127.0.0.1:323                    0.0.0.0:* users:(("chronyd",pid=1213,fd=5))
udp        UNCONN         0           0                [fe80::4:4dff:fe6f:d56b]%ens5:546                       [::]:* users:(("systemd-network",pid=1200,fd=19))
udp        UNCONN         0           0                                        [::1]:323                       [::]:* users:(("chronyd",pid=1213,fd=6))
tcp        LISTEN         0           128                                    0.0.0.0:22                     0.0.0.0:* users:(("sshd",pid=1503,fd=4))
tcp        ESTAB          0           0                                 172.31.7.233:44510           67.220.240.167:443 users:(("ssm-agent-worke",pid=1880,fd=10))
tcp        ESTAB          0           0                                 172.31.7.233:59786            209.54.182.89:443 users:(("ssm-session-wor",pid=2009,fd=16))
tcp        TIME-WAIT      0           0                                 172.31.7.233:33134            52.119.198.91:443
tcp        ESTAB          0           0                                 172.31.7.233:53100           209.54.181.213:443 users:(("ssm-agent-worke",pid=1880,fd=14))
tcp        LISTEN         0           128                                       [::]:22                        [::]:* users:(("sshd",pid=1503,fd=6))

ディスクサイズ一覧

$ df -h
Filesystem      Size  Used Avail Use% Mounted on
devtmpfs        4.0M     0  4.0M   0% /dev
tmpfs           460M     0  460M   0% /dev/shm
tmpfs           184M  384K  184M   1% /run
/dev/nvme0n1p1  8.0G  1.8G  6.3G  22% /
tmpfs           460M     0  460M   0% /tmp

マウントされているファイルシステム一覧

$ findmnt
TARGET                        SOURCE     FSTYPE     OPTIONS
/                             /dev/nvme0n1p1
│                                        xfs        rw,noatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,sunit=1024,swidth
├─/proc                       proc       proc       rw,nosuid,nodev,noexec,relatime
│ └─/proc/sys/fs/binfmt_misc  systemd-1  autofs     rw,relatime,fd=29,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=1
├─/sys                        sysfs      sysfs      rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/security      securityfs securityfs rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/cgroup            cgroup2    cgroup2    rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot
│ ├─/sys/fs/pstore            pstore     pstore     rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/firmware/efi/efivars efivarfs   efivarfs   rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/bpf               bpf        bpf        rw,nosuid,nodev,noexec,relatime,mode=700
│ ├─/sys/fs/selinux           selinuxfs  selinuxfs  rw,nosuid,noexec,relatime
│ ├─/sys/kernel/debug         debugfs    debugfs    rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/tracing       tracefs    tracefs    rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/config        configfs   configfs   rw,nosuid,nodev,noexec,relatime
│ └─/sys/fs/fuse/connections  fusectl    fusectl    rw,nosuid,nodev,noexec,relatime
├─/dev                        devtmpfs   devtmpfs   rw,nosuid,seclabel,size=4096k,nr_inodes=114352,mode=755
│ ├─/dev/shm                  tmpfs      tmpfs      rw,nosuid,nodev,seclabel
│ ├─/dev/pts                  devpts     devpts     rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000
│ ├─/dev/hugepages            hugetlbfs  hugetlbfs  rw,relatime,seclabel,pagesize=2M
│ └─/dev/mqueue               mqueue     mqueue     rw,nosuid,nodev,noexec,relatime,seclabel
├─/run                        tmpfs      tmpfs      rw,nosuid,nodev,seclabel,size=188280k,nr_inodes=819200,mode=755
│ ├─/run/credentials/systemd-sysctl.service
│ │                           ramfs      ramfs      ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
│ ├─/run/credentials/systemd-tmpfiles-setup-dev.service
│ │                           ramfs      ramfs      ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
│ └─/run/credentials/systemd-tmpfiles-setup.service
│                             ramfs      ramfs      ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
├─/tmp                        tmpfs      tmpfs      rw,nosuid,nodev,seclabel,nr_inodes=1048576
├─/boot/efi                   systemd-1  autofs     rw,relatime,fd=38,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=1
└─/var/lib/nfs/rpc_pipefs     sunrpc     rpc_pipefs rw,relatime

ユーザー一覧

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/usr/sbin/nologin
systemd-oom:x:999:999:systemd Userspace OOM Killer:/:/usr/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/usr/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/usr/share/empty.sshd:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
libstoragemgmt:x:997:997:daemon account for libstoragemgmt:/:/usr/sbin/nologin
systemd-coredump:x:996:996:systemd Core Dumper:/:/usr/sbin/nologin
systemd-timesync:x:995:995:systemd Time Synchronization:/:/usr/sbin/nologin
ec2-instance-connect:x:994:994::/home/ec2-instance-connect:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
chrony:x:993:993:chrony system user:/var/lib/chrony:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
ec2-user:x:1000:1000:EC2 Default User:/home/ec2-user:/bin/bash
cwagent:x:992:992:Cloudwatch Agent:/home/cwagent:/sbin/nologin
ssm-user:x:1001:1001::/home/ssm-user:/bin/bash

グループ一覧

$ cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:ec2-user
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:ec2-user
cdrom:x:11:
mail:x:12:
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:33:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
users:x:100:
nobody:x:65534:
utmp:x:22:
utempter:x:35:
dbus:x:81:
input:x:104:
kvm:x:36:
render:x:105:
sgx:x:106:
systemd-journal:x:190:ec2-user
systemd-network:x:192:
systemd-oom:x:999:
systemd-resolve:x:193:
ssh_keys:x:998:
sshd:x:74:
rpc:x:32:
libstoragemgmt:x:997:
systemd-coredump:x:996:
systemd-timesync:x:995:
ec2-instance-connect:x:994:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
rpcuser:x:29:
chrony:x:993:
tcpdump:x:72:
screen:x:84:
ec2-user:x:1000:
cwagent:x:992:
ssm-user:x:1001:

OSライブラリを検証した上でAmazon Linux 2023を使っていこう

Amazon Linux 2023がGAになったアップデートを紹介しました。

Amazon Linux 2のサポート期間は2025年6月まで延長されましたが、OSライブラリを検証した上で早めにAmazon Linux 2023を使っていきましょう。

その際はAmazon Linux 2 and Amazon Linux 2023の比較をしているAWS公式ドキュメントがあるので、こちらを参考にすると良いかと思います。

この記事が誰かの助けになれば幸いです。

以上、AWS事業本部 コンサルティング部の のんピ(@non____97)でした!

Share this article

facebook logohatena logotwitter logo

© Classmethod, Inc. All rights reserved.