この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。
ようやく来ました
こんにちは、のんピ(@non____97)です。
ついにAmazon Linux 2023がGAされました。
RC(Release Candidate)版が公開されてから早かったですね。
AWS公式ブログも公開されていますね。
また、AWS公式ドキュメントの内容も充実しています。
早速試してみたので紹介します。
Amazon Linux 2023とは
概要
Amazon Linux 2023を実際に触ってみる前にAmazon Linux 2023とは何なのかを整理します。
Amazon Linux 2023とはAWSがクラウドに最適化した第3世代のLinuxディストリビューションです。(Amazon Linuxが第1世代、Amazon Linux 2が第2世代)
前世代のAmazon Linuxと同じく利用にあたって追加のライセンス費用は不要です。
元々はAmazon Linux 2022でリリース予定でしたが、リリースが2023年にずれ込んだことからAmazon Linux 2023に名称が変わっています。
その影響でAmazon Linux 2のサポート期限が2025年6月末まで延長されています。
また、x86_64とarm64のどちらのCPUアーキテクチャもサポートしています。
ライフサイクル
今回リリースされたAmazon Linux 2023以降、Amazon Linuxは2年ごとにメジャーリリースされ、四半期ごとのマイナーリリースが行われます。各メジャーバージョンは最大5年間のサポートが提供されます。
Amazon Linux 2023のEOLは2028/3/15です。Amazon LinuxとAmazon Linux 2のEOLと併せてダイアグラムにすると以下のようになります。
抜粋 : Amazon Linux 2023, a Cloud-Optimized Linux Distribution with Long-Term Support | AWS News Blog
Amazon Linux 2023以降のAmazon Linuxのメジャーリリースのメンテナンス期間は以下の通りです。
| Year | Amazon Linux 2023 | Amazon Linux 2025 | Amazon Linux 2027 | Amazon Linux 2029 |
|---|---|---|---|---|
| 2023 | Standard support | |||
| 2024 | Standard support | |||
| 2025 | Maintenance | Standard support | ||
| 2026 | Maintenance | Standard support | ||
| 2027 | Maintenance | Maintenance | Standard support | |
| 2028 | EOL | Maintenance | Standard support | |
| 2029 | EOL | Maintenance | Maintenance | Standard support |
| 2030 | EOL | EOL | Maintenance | Standard support |
| 2031 | EOL | EOL | Maintenance | Maintenance |
抜粋 : Release cadence - Amazon Linux 2023
メジャーリリースとマイナーリリースの内容は以下AWS公式ドキュメントに記載されています。メジャーリリース時には互換性があるか十分に検証した上でアップデートしましょう。
- Major version release— Includes new features and improvements in security and performance across the stack. The improvements might include major changes to the kernel, toolchain, Glib C, OpenSSL, and any other system libraries and utilities. Major releases of Amazon Linux are based in part on the current version of the upstream Fedora Linux distribution. AWS might add or replace specific packages from other non-Fedora upstreams.
- Minor version release— A quarterly update that includes security updates, bug fixes, and new features and packages. Each minor version is a cumulative list of updates that includes security and bug fixes in addition to new features and packages. These releases might include latest language runtimes, such as PHP. They might also include other popular software packages such as Ansible and Docker.
(以下機械翻訳)
- メジャーバージョンリリース-スタック全体のセキュリティとパフォーマンスにおける新機能と改善を含む。この改善には、カーネル、ツールチェーン、Glib C、OpenSSL、およびその他のシステムライブラリやユーティリティに対する大きな変更が含まれる場合があります。Amazon Linuxのメジャーリリースは、アップストリームのFedora Linuxディストリビューションの現在のバージョンに一部基づいています。AWSは、Fedora以外のアップストリームから特定のパッケージを追加または置き換えることがあります。
- マイナーバージョンリリース - セキュリティアップデート、バグフィックス、新機能やパッケージを含む四半期ごとのアップデート。各マイナーバージョンは、新しい機能やパッケージに加えて、セキュリティやバグの修正を含む更新の累積リストです。これらのリリースには、PHPなどの最新の言語ランタイムが含まれる場合があります。また、AnsibleやDockerなどの一般的なソフトウェアパッケージも含まれる場合があります。
また、マイナーリリース名は以下のように付与されます。
2023.0.202303012023.1.202306012023.2.20230901
それぞれ対応するAMIの名前は以下のようになります。
al2023-ami-2023.0.20230301.0-kernel-6.1-x86_64al2023-ami-2023.1.20230601.0-kernel-6.1-x86_64al2023-ami-2023.2.20230901.0-kernel-6.1-x86_64
各リリースの詳細はリリースノートをご覧ください。
GAされた2023-03-15はいくつか既知の問題があります。特に気になったのは以下の2点です。
- Systems Manager Patch ManagerがAmazon Linux 2023をサポートしていない
- CodeDeployエージェントがAmazon Linux 2023上で動作しない
こちらの対応が必ず必要な場合は、現時点でのAmazon Linux 2023の使用は見合わせましょう。
パッケージの更新
Amazon Linux 2023ではリポジトリが特定のバージョンにロックされています。
以前のAmazon Linuxではcloud-initのデフォルト設定だと起動時にセキュリティアップデートがインストールされました。
Amazon Linux は、起動時にクリティカルまたは重要なセキュリティ更新をダウンロードおよびインストールするよう設定されています。起動後にユースケースに必要な更新を行うことをお勧めします。例えば、起動時にすべての更新(セキュリティ更新だけでなく)を適用したり、各更新を評価してシステムに適用可能なもののみを適用することができます。これは、cloud-init 設定 repo_upgrade を使用して制御されます。次の cloud-init 設定のスニペットは、インスタンス初期化に渡すユーザーデータテキストで設定を変更する方法を示しています。
(中略)
repo_upgrade のデフォルトの設定は security です。つまり、ユーザーデータに異なる値を指定しない場合、デフォルトでは、Amazon Linux はその時点でインストールされているパッケージの起動時に、セキュリティ更新を実行します。Amazon Linux は、インストール済みのパッケージに更新がある場合も、/etc/motd ファイルを使用して、ログイン時に利用可能な更新の数を一覧表示して通知します。これらの更新をインストールするには、インスタンスで sudo yum upgrade を実行する必要があります。
Amazon Linux 2023ではそのような挙動はしません。これにより、同じAMIから作成されたEC2インスタンスのパッケージは同一のものとなり、ワークロードの内でパッケージバージョンを揃えることが容易になります。
アップデートをする場合はリポジトリのバージョンを指定して行います。
# 利用可能なリポジトリバージョンの確認
$ sudo dnf check-release-update
# リポジトリバージョンを指定してアップデート
$ sudo dnf --releasever=<version> updateSSM RunCommandでシンプルにyum updateで定期アップデートをしている場合は気をつけたいですね。
releaseverに指定する文字列はlatest、もしくは2023.0.20230210などの日付がスタンプされたバージョンです。
未指定である場合はsystem-releaseのバージョンとなります。優先度の降順は以下の通りです。
- コマンドラインのフラグ
--releasever=versionの値 (使用されている場合) - オーバーライド変数ファイル
/etc/dnf/vars/releaseverで指定されている値 (設定されている場合) system-releaseのバージョン
例えばコマンドラインで--releasever=versionを指定した場合、オーバーライド変数ファイルやsystem-releaseのバージョンよりも優先して使用されます。
現在のsystem-releaseのバージョンは以下コマンドで確認できます。
$ rpm -q system-release --qf "%{VERSION}\n"
2023.0.20230315オーバーライド変数ファイル/etc/dnf/vars/releaseverにlatestを設定することで常に最新のリポジトリバージョンを参照することも可能です。
$ echo latest | sudo tee /etc/dnf/vars/releasever
latestAWS公式ドキュメントを確認すると、注意点として以下のような記載がありました。
If you don't override the releasever variable, it's locked to latest by default.
Deterministic upgrades through versioned repositories usage - Amazon Linux 2023
オーバーライドしない場合はlatestで固定されるようです。もし、そうであればsystem-releaseのバージョンを参照する意味合いがよく分からなくなります。これはマイナーリリースが公開されたタイミングで別途検証しようと思います。
詳細については以下AWS公式ドキュメントをご覧ください。
また、パッケージマネージャーがyumからdnfに変更されています。yumとdnfの違いが気になる方はDNFの以下ドキュメントをご覧ください。
Amazon Linux 2との主な変更点
SELinux
その他Amazon Linux 2との主な変更点を紹介します。
まず、大きな変更点がSELinuxがデフォルトで有効になっている点です。
ただし、PermissiveモードなのでSELinuxのポリシーは強制されません。
SELinuxの詳細はSELinux NotebookやRedhat公式ドキュメントをご覧ください。
OpenSSL
OpenSSL 1.0.2ではなく、OpenSSL 3がデフォルトでインストールされています。
OpenSSL 3.0になったことでNode.js 18などAmazon Linux 2で使えなかったバージョンの言語を使用することができるようになりました。
一方で、OpenSSLのマイグレーションガイドでも言及されていますが、OpenSSL 1.0.2からOpenSSL 3.0にアップデートはかなり難易度が高いようです。OpenSSL 1.1.1の更新内容と併せてご覧ください。
glibc、gcc及びbinutils
glibcやgcc、binutilsのバージョンも更新されています。
| パッケージ名 | Amazon Linux 2 | Amazon Linux 2023 |
|---|---|---|
| glibc | 2.26 | 2.34 |
| gcc | 7.3 | 11.3 |
| binutils | 2.29 | 2.39 |
特にglibcとgccの更新が大きいですね。こちらの兼ね合いでインストールできなかったパッケージにも対応できるようになりました。
gp3
ルートボリュームのEBSボリュームのデフォルトがgp2からgp3となりました。
毎回gp2からgp3に変更していた煩わしさから解放されます。
IMDSv2
デフォルトでIMDSv2のみ使用するようになっています。
インスタンスメタデータにアクセスする際、IMDSv2に対応していない処理をしている場合は修正しておきましょう。
IMDSv2の詳細は以下をご覧ください。
カーネルライブパッチ
OSを再起動することなくカーネルのパッチを適用できるようになりました。
カーネルライブパッチはセキュリティアップデートとバグフィックスの2種類があります。
- Security updates – Include updates for Linux common vulnerabilities and exposures (CVE). These updates are typically rated as important or critical using the Amazon Linux Security Advisory ratings. They generally map to a Common Vulnerability Scoring System (CVSS) score of 7 and higher. In some cases, AWS might provide updates before a CVE is assigned. In these cases, the patches might appear as bug fixes.
- Bug fixes – Include fixes for critical bugs and stability issues that aren't associated with CVEs.
(以下機械翻訳)
- セキュリティアップデート - Linuxの一般的な脆弱性と暴露(CVE)に対するアップデートが含まれています。これらのアップデートは、通常、Amazon Linux Security Advisoryのレーティングを使用して重要または重要であると評価されます。一般的に、CVSS(Common Vulnerability Scoring System)スコアは7以上とされています。場合によっては、AWSはCVEが割り当てられる前にアップデートを提供することがあります。このような場合、パッチはバグフィックスとして表示されることがあります。
- バグフィックス - CVEに関連しない重要なバグや安定性の問題の修正を含む。
Kernel Live Patching on Amazon Linux 2023 - Amazon Linux 2023
あくまでパッチなので、機能追加が行われるバージョンにアップデートすることはできないので注意しましょう。
カーネルライブパッチは、リリース後最大3か月間提供するようです。
カーネルライブパッチの有効化、適用方法などの各種操作は以下AWS公式ドキュメントをご覧ください。
SSH サーバー
Amazon Linux 2023ではssh-rsaホストキーアルゴリズム(HostKeyAlgorithms)が無効されています。SSH接続をする場合、クライアントはssh-ed25519やecdsa-sha2-nistp256、rsa-sha2-256などをサポートする必要があります。
なお、使用できなくなったのはssh-rsaであって、マネジメントコンソールから生成したRSAのキーペアを使ってSSH接続できなくなるという訳ではありません。以下のようにRSAのキーペアは2048-bit SSH-2 RSAであるため、変わらず接続することが可能です。
Amazon EC2 は、Linux インスタンス向けの、ED25519 および 2048-bit SSH-2 RSA キーをサポートしています。
Amazon EC2 のキーペアと Linux インスタンス - Amazon Elastic Compute Cloud
2023/3/19時点のTera Termの最新バージョンである4.106はrsa-sha2-256やrsa-sha2-512をサポートしていません。
5.0からはrsa-sha2-256やrsa-sha2-512をサポートしているようです。現在はベータ版なのでGAされるのを待ちましょう。
TTSSH - 変更 - SSH2 の rsa-sha2-256, rsa-sha2-512 ホスト鍵方式をサポートした。 - SSH2 の rsa-sha2-256, rsa-sha2-512 公開鍵認証をサポートした。
また、デフォルトでは以下のキー交換アルゴリズム(KexAlgorithms)をサポートしています。
curve25519-sha256curve25519-sha256@libssh.orgecdh-sha2-nistp256ecdh-sha2-nistp384ecdh-sha2-nistp521diffie-hellman-group-exchange-sha256diffie-hellman-group14-sha256diffie-hellman-group16-sha512diffie-hellman-group18-sha512
ssh-rsaしかサポートしていないクライアントの場合は、EC2インスタンス側crypto-policiesでssh-rsaを受け入れるように設定変更します。
# デフォルトの crypto-policies の確認
$ update-crypto-policies --show
DEFAULT
# crypto-policies による各種情報の確認
$ cat /etc/crypto-policies/back-ends/opensshserver.config
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
MACs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
PubkeyAcceptedAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
CASignatureAlgorithms ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512
# crypto-policies を LEGACY に変更
$ sudo update-crypto-policies --set LEGACY
Setting system policy to LEGACY
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.
# crypto-policies が LEGACY に変更されたことを確認
$ update-crypto-policies --show
LEGACY
# crypto-policies による各種情報の確認
$ cat /etc/crypto-policies/back-ends/opensshserver.config
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc
MACs hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
GSSAPIKexAlgorithms gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
PubkeyAcceptedAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-dss,ssh-dss-cert-v01@openssh.com
CASignatureAlgorithms ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dsscrypto-policiesの各値は/usr/share/crypto-policies/policies/配下の.polから確認することが可能です。
# crypto-policies の .pol ファイルの一覧
$ rpm -ql crypto-policies | grep pol$
/etc/crypto-policies/state/CURRENT.pol
/usr/share/crypto-policies/policies/DEFAULT.pol
/usr/share/crypto-policies/policies/EMPTY.pol
/usr/share/crypto-policies/policies/FEDORA38.pol
/usr/share/crypto-policies/policies/FIPS.pol
/usr/share/crypto-policies/policies/FUTURE.pol
/usr/share/crypto-policies/policies/GOST-ONLY.pol
/usr/share/crypto-policies/policies/LEGACY.pol
/usr/share/crypto-policies/policies/NEXT.pol
/usr/share/crypto-policies/policies/TEST-FEDORA39.pol
# DEFAULT 設定時の値の確認
$ cat /usr/share/crypto-policies/policies/DEFAULT.pol
# A reasonable default for today's standards. It should provide
# 112-bit security with the exception of SHA1 signatures in DNSSec
# SHA1 is also enabled in HMAC where collision attacks do not matter.
# MACs: all HMAC with SHA1 or better + all modern MACs (Poly1305 etc)
# Curves: all prime >= 255 bits (including Bernstein curves)
# Signature algorithms: with SHA-256 hash or better (no DSA)
# TLS Ciphers: >= 128-bit key, >= 128-bit block (AES, ChaCha20, including AES-CBC)
# non-TLS Ciphers: as TLS Ciphers with added Camellia
# key exchange: ECDHE, RSA, DHE (no DHE-DSS)
# DH params size: >= 2048
# RSA params size: >= 2048
# TLS protocols: TLS >= 1.2, DTLS >= 1.2
mac = AEAD HMAC-SHA2-256 HMAC-SHA1 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
group = X25519 X448 SECP256R1 SECP384R1 SECP521R1 \
FFDHE-2048 FFDHE-3072 FFDHE-4096 FFDHE-6144 FFDHE-8192
hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512 SHA2-224 SHA3-224 \
SHAKE-256
hash@DNSSec = SHA1+ # SHA1 is still prevalent in DNSSec
sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA2-256-FIDO \
ECDSA-SHA3-384 ECDSA-SHA2-384 \
ECDSA-SHA3-512 ECDSA-SHA2-512 \
EDDSA-ED25519 EDDSA-ED25519-FIDO EDDSA-ED448 \
RSA-PSS-SHA3-256 RSA-PSS-SHA2-256 \
RSA-PSS-SHA3-384 RSA-PSS-SHA2-384 \
RSA-PSS-SHA3-512 RSA-PSS-SHA2-512 \
RSA-PSS-RSAE-SHA3-256 RSA-PSS-RSAE-SHA2-256 \
RSA-PSS-RSAE-SHA3-384 RSA-PSS-RSAE-SHA2-384 \
RSA-PSS-RSAE-SHA3-512 RSA-PSS-RSAE-SHA2-512 \
RSA-SHA3-256 RSA-SHA2-256 \
RSA-SHA3-384 RSA-SHA2-384 \
RSA-SHA3-512 RSA-SHA2-512 \
ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 \
ECDSA-SHA3-224 RSA-PSS-SHA3-224 RSA-SHA3-224
sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+ # SHA1 is still prevalent in DNSSec
cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 CAMELLIA-256-GCM \
AES-256-CTR AES-256-CBC CAMELLIA-256-CBC AES-128-GCM AES-128-CCM \
CAMELLIA-128-GCM AES-128-CTR AES-128-CBC CAMELLIA-128-CBC
cipher@TLS = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 AES-256-CBC \
AES-128-GCM AES-128-CCM AES-128-CBC
# CBC ciphers in SSH are considered vulnerable to plaintext recovery attacks
# and disabled in client OpenSSH 7.6 (2017) and server OpenSSH 6.7 (2014).
cipher@SSH = -*-CBC
# 'RSA' is intentionally before DHE ciphersuites, as the DHE ciphersuites have
# interoperability issues in TLS.
key_exchange = ECDHE RSA DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK ECDHE-GSS DHE-GSS
protocol@TLS = TLS1.3 TLS1.2 DTLS1.2
protocol@IKE = IKEv2
# Parameter sizes
min_dh_size = 2048
min_dsa_size = 2048
min_rsa_size = 2048
# GnuTLS only for now
sha1_in_certs = 0
arbitrary_dh_groups = 1
ssh_certs = 1
ssh_etm = 1EPEL
Amazon Linux 2023ではExtra Packages for Enterprise Linux (EPEL)をサポートしていません。
Extra Packages for Enterprise Linux (EPEL) is a project in the Fedora community with the objective of creating a large array of packages for enterprise-level Linux operating systems. The project has primarily produced RHEL and CentOS packages. Amazon Linux 2 features a high level of compatibility with CentOS 7. As a result, many EPEL7 packages work on Amazon Linux 2. However, AL2023 doesn't support EPEL or EPEL-like repositories.
Comparing Amazon Linux 2 and Amazon Linux 2023 - Amazon Linux 2023
EPELを追加しようとしても以下のように怒られます。
$ sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
Last metadata expiration check: 0:19:04 ago on Sat Mar 18 22:57:42 2023.
epel-release-latest-9.noarch.rpm 275 kB/s | 18 kB 00:00
Error:
Problem: conflicting requests
- nothing provides redhat-release >= 9 needed by epel-release-9-4.el9.noarch
(try to add '--skip-broken' to skip uninstallable packages)ここで「Amazon Linux 2でNginxをインストールする場合はEPELを使用していたけど、Amazon Linux 2023では別リポジトリを追加しなければならないの?」と気になる方もいるかもしれません。
大丈夫です。NginxはAmazon Linux 2023では標準リポジトリ(amazonlinux.repo)に存在しています。
各種パッケージ
Amazon Linux 2023で追加されたパッケージ、削除されたパッケージ、更新されたパッケージはかなり多くあります。
- New packages for Amazon Linux 2023 - Amazon Linux 2023
- Removed packages - Amazon Linux 2023
- Updated packages - Amazon Linux 2023
個人的に気になったものは以下の通りです。
- 追加されたパッケージ
grpcnkfnodejsphp8.1ruby3.2ssmtpstressw3m
- 削除されたパッケージ
amazon-linux-extrasansibleawslogsdhcpec2-net-utilsftpgnome-desktop3mysql-connector-odbcNetworkManagernfs4-acl-toolsntppacemakerphppythonpython38rubysquidyum
- 更新されたパッケージ
awscli:1.18.147-1.amzn2.0.2->2.9.19-1.amzn2023.0.1bind:9.11.4-26.P2.amzn2.5.2->9.16.27-1.amzn2023.0.2ec2-utils:1.2-47.amzn2->2.0.1-1.amzn2023.0.2gcc:7.3.1-15.amzn2->11.3.1-4.amzn2023.0.2glibc:2.26-62.amzn2->2.34-52.amzn2023.0.2openssh:7.4p1-22.amzn2.0.1->8.7p1-8.amzn2023.0.4openssl:1.0.2k-24.amzn2.0.6->3.0.8-1.amzn2023.0.1postgresql:14.3-2.amzn2.0.1->15.0-1.amzn2023.0.2python3:3.7.16-1.amzn2.0.1->3.9.16-1.amzn2023.0.3
Amazon Linux 2から移行する場合は使用していたパッケージが存在しているかチェックしましょう。
また、各リリース毎のパッケージのバージョンは以下AWS公式ドキュメントにまとまっています。
各パッケージのサポート期間とサポート状況は以下AWS公式ドキュメントをご覧ください。
他Linuxディストリビューションとの関係性
Amazon Linux 2023はFedoraベースのLinuxディストリビューションです。ただし、Fedora以外にもアップストリームがあります。例えばカーネルのソースはFedoraのものをカスタマイズするのではなく、kernel.orgから選択しているようです。
The Generally Available (GA) version of AL2023 isn't directly comparable to any specific Fedora release. The AL2023 GA version includes components from Fedora 34, 35, and 36. Some of the components are the same as the components in Fedora and some are modified. Other components more closely resemble the components in CentOS 9 Streams or were developed independently. The Amazon Linux kernel is sourced from the long-term support options that are on kernel.org, chosen independently from Fedora.
(以下機械翻訳)
AL2023の一般に利用可能な(GA)バージョンは、特定のFedoraリリースと直接比較することはできません。AL2023 GAバージョンは、Fedora 34、35、36のコンポーネントを含んでいます。いくつかのコンポーネントはFedoraのコンポーネントと同じであり、いくつかは修正されています。その他のコンポーネントは、CentOS 9 Streamsのコンポーネントにより近いか、独自に開発されたものです。Amazon Linuxカーネルは、kernel.orgにある長期サポートオプションから、Fedoraとは別に選択されたものをソースとしています。
AMIの確認
それでは実際に触ってみます。
まず、マネジメントコンソールからAMIを確認します。
クイックスタートにAmazon Linux 2023がありますね。
表示されたAMIの詳細を確認してみます。
$ aws ec2 describe-images \
--image-ids ami-02f3f602d23f1659d
{
"Images": [
{
"Architecture": "x86_64",
"CreationDate": "2023-03-13T23:52:35.000Z",
"ImageId": "ami-02f3f602d23f1659d",
"ImageLocation": "amazon/al2023-ami-2023.0.20230315.0-kernel-6.1-x86_64",
"ImageType": "machine",
"Public": true,
"OwnerId": "137112412989",
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"State": "available",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"DeleteOnTermination": true,
"Iops": 3000,
"SnapshotId": "snap-07288b20d4d442c83",
"VolumeSize": 8,
"VolumeType": "gp3",
"Throughput": 125,
"Encrypted": false
}
}
],
"Description": "Amazon Linux 2023 AMI 2023.0.20230315.0 x86_64 HVM kernel-6.1",
"EnaSupport": true,
"Hypervisor": "xen",
"ImageOwnerAlias": "amazon",
"Name": "al2023-ami-2023.0.20230315.0-kernel-6.1-x86_64",
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SriovNetSupport": "simple",
"VirtualizationType": "hvm",
"BootMode": "uefi-preferred",
"DeprecationTime": "2025-03-13T23:52:35.000Z",
"ImdsSupport": "v2.0"
}
]
}デフォルトボリュームがgp3であることが分かります。また、IMDSもv2のようですね。
パラメーターストアからも確認してみます。
al2023で検索すると以下のように8つのパラメーターが表示されました。
/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-arm64/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-arm64/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64/aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-6.1-arm64/aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-6.1-x86_64/aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-default-arm64/aws/service/ami-amazon-linux-latest/al2023-ami-minimal-kernel-default-x86_64
arm64とx86-64とどちらのアーキテクチャーのAMIがありますね。
minimalとdefaultの違いはOSの実行に必要な最も基本的なツールとユーティリティのみがインストールされているかどうかになります。基本的にはdefaultを選択することになると思われます。
You can choose to use a standard or minimal Amazon Machine Image (AMI) of Amazon Linux 2023 (AL2023).
The standard AL2023 AMI is the default Amazon Machine Image (AMI) that you create. This version comes installed with all of the most commonly used applications and tools. We recommend the standard AMI if you want to get started quickly and aren't interested in customizing the AMI.
The minimal AL2023 AMI is the basic, streamlined version that contains only the most basic tools and utilities necessary to run the OS. We recommend the minimal AMI if you want to have the smallest possible OS footprint possible. The minimal AMI offers slightly reduced disk space utilization and better long-term cost efficiency. The minimal AMI is suitable if you want a smaller OS and don't mind manually installing tools and applications.
For instructions on how to create an Amazon EC2 instance of the standard or minimal AMI type, see Get started with Amazon Linux 2023.
Comparing Amazon Linux 2023 standard (default) and minimal AMIs - Amazon Linux 2023
なお、defaultのパラメーターのAMIとサフィックスが何もついていないパラメーターのAMIは同じものでした。
起動したEC2インスタンスの確認
それではEC2インスタンスを起動させます。
起動させたEC2インスタンスは以下の通りです。
$ aws ec2 describe-images --image-ids ami-02f3f602d23f1659d
aws ec2 describe-instances --instance-ids i-08aac655640fd7a9c
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-02f3f602d23f1659d",
"InstanceId": "i-08aac655640fd7a9c",
"InstanceType": "t3.micro",
"KeyName": "<キーペア名>",
"LaunchTime": "2023-03-15T22:00:40+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "us-east-1b",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-172-31-7-233.ec2.internal",
"PrivateIpAddress": "172.31.7.233",
"ProductCodes": [],
"PublicDnsName": "ec2-44-192-37-26.compute-1.amazonaws.com",
"PublicIpAddress": "44.192.37.26",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-0355def964cb72d89",
"VpcId": "vpc-0e0796981cea634c1",
"Architecture": "x86_64",
"BlockDeviceMappings": [
"GroupName": "launch-wizard-1",
"GroupId": "sg-07ea9d6dc0aa48b2d"
}
],
"Ipv6Addresses": [],
"MacAddress": "02:04:4d:6f:d5:6b",
"NetworkInterfaceId": "eni-01bf04ad7fd8fa1f7",
"OwnerId": "<AWSアカウントID>",
"PrivateDnsName": "ip-172-31-7-233.ec2.internal",
"PrivateIpAddress": "172.31.7.233",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-44-192-37-26.compute-1.amazonaws.com",
"PublicIp": "44.192.37.26"
},
"Primary": true,
"PrivateDnsName": "ip-172-31-7-233.ec2.internal",
"PrivateIpAddress": "172.31.7.233"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-0355def964cb72d89",
"VpcId": "vpc-0e0796981cea634c1",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "launch-wizard-1",
"GroupId": "sg-07ea9d6dc0aa48b2d"
}
],
"SourceDestCheck": true,
"SpotInstanceRequestId": "sir-34cyhnxh",
"Tags": [
{
"Key": "Name",
"Value": "al2023"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 2
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"MetadataOptions": {
"State": "applied",
"HttpTokens": "required",
"HttpPutResponseHopLimit": 2,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "disabled"
},
"EnclaveOptions": {
"Enabled": false
},
"BootMode": "uefi-preferred",
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"UsageOperationUpdateTime": "2023-03-15T22:00:40+00:00",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": true,
"EnableResourceNameDnsAAAARecord": false
},
"MaintenanceOptions": {
"AutoRecovery": "default"
},
"CurrentInstanceBootMode": "uefi"
}
],
"OwnerId": "<AWSアカウントID>",
"ReservationId": "r-03d46fb2a23c97dcb"
}
]
}OSの情報確認
シェル
SSMセッションマネージャーでEC2インスタンスに接続して、OSの各種情報を確認します。
# 現在のユーザー確認
$ whoami
ssm-user
# 現在のディレクトリ確認
$ pwd
/usr/bin
# ログインシェルを確認
$ echo $SHELL
/bin/bash
# 使用できるシェルの一覧を確認
$ cat /etc/shells
/bin/sh
/bin/bash
/usr/bin/sh
/usr/bin/bash
/bin/csh
/bin/tcsh
/usr/bin/csh
/usr/bin/tcshOSとカーネルのバージョン確認
# OSのバージョン確認
$ cat /etc/os-release
NAME="Amazon Linux"
VERSION="2023"
ID="amzn"
ID_LIKE="fedora"
VERSION_ID="2023"
PLATFORM_ID="platform:al2023"
PRETTY_NAME="Amazon Linux 2023"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
HOME_URL="https://aws.amazon.com/linux/"
BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
SUPPORT_END="2028-03-01"
# カーネルのバージョン確認
$ uname -r
6.1.15-28.43.amzn2023.x86_64
# カーネルの詳細確認
$ rpm -qi kernel
Name : kernel
Version : 6.1.15
Release : 28.43.amzn2023
Architecture: x86_64
Install Date: Mon Mar 13 23:37:19 2023
Group : System Environment/Kernel
Size : 176192488
License : GPLv2 and Redistributable, no modification permitted
Signature : RSA/SHA512, Thu Jan 1 00:00:00 1970, Key ID e951904ad832c631
Source RPM : kernel-6.1.15-28.43.amzn2023.src.rpm
Build Date : Thu Mar 9 17:16:01 2023
Build Host : ip-10-0-52-220.us-west-2.compute.internal
Packager : Amazon Linux
Vendor : Amazon Linux
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.SELinux
# SELinuxのモード
$ getenforce
Permissive
# SELinuxのステータスと使用されているSELinuxポリシー
$ sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
# 監査ログファイルの確認
$ sudo ls -l /var/log/audit/audit.log
-rw-------. 1 root root 219596 Mar 18 08:45 /var/log/audit/audit.log
# 監査ログの確認
$ sudo head /var/log/audit/audit.log
type=DAEMON_START msg=audit(1678917649.599:8216): op=start ver=3.0.6 format=enriched kernel=6.1.15-28.43.amzn2023.x86_64 auid=4294967295 pid=1142 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0res=successAUID="unset" UID="root"
type=SYSCALL msg=audit(1678917649.599:77): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed675b810 a2=3c a3=0 items=0 ppid=1138 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditd" exe="/usr/sbin/auditd" subj=system_u:system_r:auditd_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.599:77): proctitle="/sbin/auditd"
type=CONFIG_CHANGE msg=audit(1678917649.599:78): op=set audit_pid=1142 old=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1AUID="unset"
type=SYSCALL msg=audit(1678917649.599:78): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed67594c0 a2=3c a3=0 items=0 ppid=1138 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditd" exe="/usr/sbin/auditd" subj=system_u:system_r:auditd_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.599:78): proctitle="/sbin/auditd"
type=SERVICE_START msg=audit(1678917649.599:79): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset"
type=CONFIG_CHANGE msg=audit(1678917649.709:80): auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 op=add_rule key=(null) list=1 res=1AUID="unset"
type=SYSCALL msg=audit(1678917649.709:80): arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7ffdd27ed010 a2=420 a3=0 items=0 ppid=1145 pid=1172 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1678917649.709:80): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573dnfリポジトリ
# リポジトリの一覧
$ dnf repolist --all
repo id repo name status
amazonlinux Amazon Linux 2023 repository enabled
amazonlinux-debuginfo Amazon Linux 2023 repository - Debug disabled
amazonlinux-source Amazon Linux 2023 repository - Source packages disabled
kernel-livepatch Amazon Linux 2023 Kernel Livepatch repository enabled
kernel-livepatch-source Amazon Linux 2023 Kernel Livepatch repository - Source packages disabled
# インストールされているパッケージのサポート期限の確認
$ sudo dnf supportinfo --show installed | sort
Last metadata expiration check: 0:26:41 ago on Wed Mar 15 22:01:04 2023.
acl 2.3.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
acpid 2.0.32-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
alternatives 1.15-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
amazon-cloudwatch-agent 1.247357.0b252275-1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
amazon-ec2-net-utils 2.3.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
amazon-linux-repo-s3 2023.0.20230315-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
amazon-rpm-config 228-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
amazon-ssm-agent 3.2.582.0-1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
at 3.1.23-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
attr 2.5.1-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
audit 3.0.6-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
audit-libs 3.0.6-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
aws-cfn-bootstrap 2.0-23.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
awscli-2 2.9.19-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
basesystem 11-11.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bash 5.2.15-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bash-completion 2.11-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bc 1.07.1-14.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bind-libs 9.16.27-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bind-license 9.16.27-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bind-utils 9.16.27-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
binutils 2.39-6.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
boost-filesystem 1.75.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
boost-system 1.75.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
boost-thread 1.75.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bzip2 1.0.8-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
bzip2-libs 1.0.8-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
c-ares 1.17.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ca-certificates 2023.2.60-1.0.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
checkpolicy 3.4-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
chkconfig 1.15-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
chrony 4.3-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cloud-init 22.2.2-1.amzn2023.1.7 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cloud-utils-growpart 0.31-8.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
coreutils 8.32-30.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
coreutils-common 8.32-30.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cpio 2.13-13.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cracklib 2.9.6-27.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cracklib-dicts 2.9.6-27.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
crontabs 1.11-24.20190603git.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
crypto-policies 20220428-1.gitdfb10ea.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
crypto-policies-scripts 20220428-1.gitdfb10ea.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cryptsetup 2.6.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cryptsetup-libs 2.6.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
curl-minimal 7.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cyrus-sasl-lib 2.1.27-18.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
cyrus-sasl-plain 2.1.27-18.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dbus 1.12.24-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dbus-broker 32-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dbus-common 1.12.24-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dbus-libs 1.12.24-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
device-mapper 1.02.185-1.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
device-mapper-libs 1.02.185-1.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
diffutils 3.8-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dnf 4.12.0-2.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dnf-data 4.12.0-2.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dnf-plugin-release-notification 1.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dnf-plugin-support-info 1.0-2.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dnf-plugins-core 4.1.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dosfstools 4.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dracut 055-6.amzn2023.0.6 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dracut-config-ec2 3.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dracut-config-generic 055-6.amzn2023.0.6 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dwz 0.14-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
dyninst 10.2.1-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
e2fsprogs 1.46.5-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
e2fsprogs-libs 1.46.5-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ec2-hibinit-agent 1.0.4-0.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ec2-instance-connect 1.1-19.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ec2-instance-connect-selinux 1.1-19.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ec2-utils 2.0.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ed 1.14.2-10.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
efi-filesystem 5-4.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
efi-srpm-macros 5-4.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
elfutils-debuginfod-client 0.188-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
elfutils-default-yama-scope 0.188-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
elfutils-libelf 0.188-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
elfutils-libs 0.188-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ethtool 5.15-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
expat 2.5.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
file 5.39-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
file-libs 5.39-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
filesystem 3.14-5.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
findutils 4.8.0-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
fonts-srpm-macros 2.0.5-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
fstrm 0.6.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
fuse-libs 2.9.9-13.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gawk 5.1.0-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gdbm-libs 1.19-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gdisk 1.0.8-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gettext 0.21-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gettext-libs 0.21-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ghc-srpm-macros 1.5.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glib2 2.73.2-680.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glibc 2.34-52.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glibc-all-langpacks 2.34-52.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glibc-common 2.34-52.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glibc-gconv-extra 2.34-52.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
glibc-locale-source 2.34-52.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gmp 6.2.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gnupg2-minimal 2.3.7-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gnutls 3.7.8-359.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
go-srpm-macros 3.1.0-32.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gpgme 1.15.1-6.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gpm-libs 1.20.7-26.amzn2023.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grep 3.8-1.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
groff-base 1.22.4-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grub2-common 2.06-61.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grub2-efi-x64-ec2 2.06-61.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grub2-pc-modules 2.06-61.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grub2-tools 2.06-61.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grub2-tools-minimal 2.06-61.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
grubby 8.40-51.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gssproxy 0.8.4-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
gzip 1.12-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hostname 3.23-4.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hunspell 1.7.0-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hunspell-en 0.20140811.1-18.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hunspell-en-GB 0.20140811.1-18.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hunspell-en-US 0.20140811.1-18.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hunspell-filesystem 1.7.0-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
hwdata 0.353-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
info 6.7-10.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
inih 49-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
initscripts 10.09-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
iproute 5.10.0-2.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
iputils 20210202-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
irqbalance 1.9.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
jansson 2.14-0.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
jitterentropy 3.4.1-4.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
json-c 0.14-8.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kbd 2.4.0-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kbd-misc 2.4.0-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kernel 6.1.15-28.43.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kernel-livepatch-repo-s3 2023.0.20230315-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kernel-srpm-macros 1.0-14.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kernel-tools 6.1.15-28.43.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
keyutils 1.6.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
keyutils-libs 1.6.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kmod 29-2.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kmod-libs 29-2.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
kpatch-runtime 0.9.7-8.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
krb5-libs 1.20.1-8.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
less 608-2.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libacl 2.3.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libaio 0.3.111-11.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libarchive 3.5.3-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libargon2 20171227-9.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libassuan 2.5.5-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libattr 2.5.1-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libbasicobjects 0.1.1-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libblkid 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcap 2.48-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcap-ng 0.8.2-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcbor 0.7.0-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcollection 0.7.0-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcom_err 1.46.5-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcomps 0.1.18-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libconfig 1.7.2-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libcurl-minimal 7.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libdb 5.3.28-49.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libdhash 0.5.0-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libdnf 0.67.0-1.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libeconf 0.4.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libedit 3.1-38.20210714cvs.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libev 4.33-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libevent 2.1.12-3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libfdisk 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libffi 3.1-28.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libfido2 1.10.0-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libgcc 11.3.1-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libgcrypt 1.10.1-7.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libgomp 11.3.1-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libgpg-error 1.42-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libibverbs 37.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libidn2 2.3.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libini_config 1.3.1-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libkcapi 1.4.0-105.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libkcapi-hmaccalc 1.4.0-105.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libldb 2.6.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libmaxminddb 1.5.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libmetalink 0.1.3-14.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libmnl 1.0.4-13.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libmodulemd 2.13.0-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libmount 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libnfsidmap 2.5.4-2.rc3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libnghttp2 1.51.0-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libnl3 3.5.0-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpath_utils 0.2.1-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpcap 1.10.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpipeline 1.5.3-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpkgconf 1.8.0-4.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpsl 0.21.1-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libpwquality 1.4.4-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libref_array 0.1.5-47.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
librepo 1.14.2-1.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libreport-filesystem 2.15.2-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libseccomp 2.5.3-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libselinux 3.4-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libselinux-utils 3.4-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsemanage 3.4-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsepol 3.4-3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsigsegv 2.13-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsmartcols 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsolv 0.7.22-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libss 1.46.5-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsss_certmap 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsss_idmap 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libsss_nss_idmap 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libstdc++ 11.3.1-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libstoragemgmt 1.9.4-5.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
libtalloc 2.3.4-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libtasn1 4.19.0-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libtdb 1.4.7-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libtevent 0.13.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libtextstyle 0.21-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libtirpc 1.3.3-0.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libunistring 0.9.10-10.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libuser 0.63-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libutempter 1.2.1-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libuuid 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libuv 1.44.1-156.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libverto 0.3.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libverto-libev 0.3.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libxcrypt 4.4.33-7.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libxml2 2.10.3-2.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libyaml 0.2.5-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
libzstd 1.5.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lm_sensors-libs 3.6.0-8.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lmdb-libs 0.9.29-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
logrotate 3.20.1-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lsof 4.94.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lua-libs 5.4.4-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lua-srpm-macros 1-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
lz4-libs 1.9.4-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
man-db 2.9.3-3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
man-pages 5.10-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
microcode_ctl 2.1-53.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
mpfr 4.1.0-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nano 5.8-3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ncurses 6.2-4.20200222.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ncurses-base 6.2-4.20200222.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ncurses-libs 6.2-4.20200222.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
net-tools 2.0-0.59.20160912git.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nettle 3.8-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
newt 0.52.21-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nfs-utils 2.5.4-2.rc3.amzn2023.0.3 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
npth 1.6-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nspr 4.35.0-4.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nss 3.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nss-softokn 3.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nss-softokn-freebl 3.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nss-sysinit 3.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
nss-util 3.88.1-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ntsysv 1.15-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
numactl-libs 2.0.14-3.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
ocaml-srpm-macros 6-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openblas-srpm-macros 2-9.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openldap 2.4.57-6.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssh 8.7p1-8.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssh-clients 8.7p1-8.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssh-server 8.7p1-8.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssl 3.0.8-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssl-libs 3.0.8-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
openssl-pkcs11 0.4.12-3.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
os-prober 1.77-7.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
p11-kit 0.24.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
p11-kit-trust 0.24.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
package-notes-srpm-macros 0.4-18.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pam 1.5.1-8.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
parted 3.4-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
passwd 0.80-10.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pciutils 3.7.0-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pciutils-libs 3.7.0-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pcre2 10.40-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pcre2-syntax 10.40-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Carp 1.50-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Class-Struct 0.66-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-DynaLoader 1.47-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Encode 3.15-462.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Errno 1.30-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Exporter 5.74-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Fcntl 1.13-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-File-Basename 2.85-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-File-Path 2.18-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-File-Temp 0.231.100-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-File-stat 1.09-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Getopt-Long 2.52-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Getopt-Std 1.12-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-HTTP-Tiny 0.078-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-IO 1.43-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-IPC-Open3 1.21-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-MIME-Base64 3.16-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-POSIX 1.94-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-PathTools 3.78-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Pod-Escapes 1.07-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Pod-Perldoc 3.28.01-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Pod-Simple 3.42-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Pod-Usage 2.01-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Scalar-List-Utils 1.56-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-SelectSaver 1.02-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Socket 2.032-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Storable 3.21-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Symbol 1.08-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Term-ANSIColor 5.01-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Term-Cap 1.17-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Text-ParseWords 3.30-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-Time-Local 1.300-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-constant 1.33-459.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-if 0.60.800-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-interpreter 5.32.1-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-libs 5.32.1-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-mro 1.23-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-overload 1.31-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-overloading 0.02-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-parent 0.238-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-podlators 4.14-458.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-srpm-macros 1-39.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-subs 1.03-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
perl-vars 1.05-477.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pkgconf 1.8.0-4.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pkgconf-m4 1.8.0-4.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
pkgconf-pkg-config 1.8.0-4.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
policycoreutils 3.4-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
policycoreutils-python-utils 3.4-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
popt 1.18-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
procps-ng 3.3.17-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
protobuf-c 1.4.1-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
psacct 6.6.4-9.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
psmisc 23.4-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
publicsuffix-list-dafsa 20221208-60.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python-chevron 0.13.1-1.amzn2023.0.3 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python-srpm-macros 3.9-41.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3 3.9.16-1.amzn2023.0.3 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-attrs 20.3.0-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-audit 3.0.6-1.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-awscrt 0.16.7-1.amzn2023.0.1 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-babel 2.9.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-cffi 1.14.5-1.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-chardet 4.0.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-colorama 0.4.4-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-configobj 5.0.6-23.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-cryptography 36.0.1-1.amzn2023.0.3 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-daemon 2.3.0-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-dateutil 2.8.1-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-dbus 1.2.18-1.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-distro 1.5.0-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-dnf 4.12.0-2.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-dnf-plugins-core 4.1.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-docutils 0.16-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-gpg 1.15.1-6.amzn2023.0.3 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-hawkey 0.67.0-1.amzn2023.0.5 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-idna 2.10-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-jinja2 2.11.3-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-jmespath 0.10.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-jsonpatch 1.21-14.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-jsonpointer 2.0-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-jsonschema 3.2.0-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-libcomps 0.1.18-1.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-libdnf 0.67.0-1.amzn2023.0.5 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-libs 3.9.16-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-libselinux 3.4-5.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-libsemanage 3.4-5.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-libstoragemgmt 1.9.4-5.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-lockfile 0.12.2-5.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-markupsafe 1.1.1-10.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-netifaces 0.10.6-13.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-oauthlib 3.0.2-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pip-wheel 21.3.1-2.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-ply 3.11-11.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-policycoreutils 3.4-6.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-prettytable 0.7.2-25.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-prompt-toolkit 3.0.24-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pycparser 2.20-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pyrsistent 0.17.3-6.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-pyserial 3.4-10.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pysocks 1.7.1-8.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pytz 2022.7.1-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-pyyaml 5.4.1-2.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-requests 2.25.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-rpm 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-ruamel-yaml 0.16.6-5.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-ruamel-yaml-clib 0.1.2-6.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-setools 4.4.0-9.amzn2023.0.2 installed supported 2028-03-15 Python 3.9 (System Python) has security support until March 2028
python3-setuptools 59.6.0-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-setuptools-wheel 59.6.0-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-six 1.15.0-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-urllib3 1.25.10-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
python3-wcwidth 0.2.5-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
quota 4.06-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
quota-nls 4.06-4.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
readline 8.1-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rng-tools 6.14-1.git.56626083.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rootfiles 8.1-29.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpcbind 1.2.6-0.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm-build-libs 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm-libs 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm-plugin-selinux 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm-plugin-systemd-inhibit 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rpm-sign-libs 4.16.1.3-12.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rsync 3.2.6-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
rust-srpm-macros 21-42.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
screen 4.8.0-5.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sed 4.8-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
selinux-policy 36.16-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
selinux-policy-targeted 36.16-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
setup 2.13.7-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
shadow-utils 4.9-12.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
slang 2.3.2-9.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sqlite-libs 3.40.0-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sssd-client 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sssd-common 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sssd-kcm 2.5.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
strace 5.16-2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sudo 1.9.12-1.p2.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sysctl-defaults 1.0-3.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
sysstat 12.5.6-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
system-release 2023.0.20230315-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd-libs 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd-networkd 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd-pam 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd-resolved 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemd-udev 252.4-1161.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
systemtap-runtime 4.8-3.amzn2023.0.5 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
tar 1.34-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
tbb 2020.3-7.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
tcpdump 4.99.1-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
tcsh 6.24.07-1.amzn2023 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
time 1.9-16.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
traceroute 2.1.0-13.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
tzdata 2022g-1.amzn2023.0.1 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
unzip 6.0-57.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
update-motd 2.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
userspace-rcu 0.12.1-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
util-linux 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
util-linux-core 2.37.4-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
vim-common 9.0.1314-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
vim-data 9.0.1314-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
vim-enhanced 9.0.1314-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
vim-filesystem 9.0.1314-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
vim-minimal 9.0.1314-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
wget 1.21.3-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
which 2.21-26.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
words 3.0-37.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
xfsdump 3.1.11-2.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
xfsprogs 5.18.0-1.amzn2023.0.3 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
xxhash-libs 0.8.0-3.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
xz 5.2.5-9.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
xz-libs 5.2.5-9.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
yum 4.12.0-2.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
zip 3.0-28.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
zlib 1.2.11-33.amzn2023.0.4 installed supported 2028-03-15 Amazon Linux 2023 end-of-life
zstd 1.5.2-1.amzn2023.0.2 installed supported 2028-03-15 Amazon Linux 2023 end-of-life2023/3/15にリリースされたAmazon Linux 2023の全てのパッケージとバージョンは以下AWS公式ドキュメントにまとまっています。全てで2,177個のパッケージがあるようです。
サービス一覧
$ systemctl list-unit-files --type=service
UNIT FILE STATE PRESET
acpid.service disabled disabled
amazon-cloudwatch-agent.service disabled disabled
amazon-ssm-agent.service enabled enabled
arp-ethers.service disabled disabled
atd.service enabled enabled
auditd.service enabled enabled
auth-rpcgss-module.service static -
autovt@.service alias -
cfn-hup.service generated -
chrony-wait.service disabled disabled
chronyd.service enabled enabled
cloud-config.service enabled disabled
cloud-final.service enabled disabled
cloud-init-hotplugd.service static -
cloud-init-local.service enabled disabled
cloud-init.service enabled disabled
console-getty.service disabled disabled
container-getty@.service static -
dbus-broker.service enabled enabled
dbus-org.freedesktop.hostname1.service alias -
dbus-org.freedesktop.locale1.service alias -
dbus-org.freedesktop.login1.service alias -
dbus-org.freedesktop.network1.service alias -
dbus-org.freedesktop.portable1.service alias -
dbus-org.freedesktop.resolve1.service alias -
dbus-org.freedesktop.timedate1.service alias -
dbus.service alias -
debug-shell.service disabled disabled
dnf-makecache.service static -
dracut-cmdline.service static -
dracut-initqueue.service static -
dracut-mount.service static -
dracut-pre-mount.service static -
dracut-pre-pivot.service static -
dracut-pre-trigger.service static -
dracut-pre-udev.service static -
dracut-shutdown.service static -
emergency.service static -
fstrim.service static -
getty@.service enabled enabled
grub-boot-indeterminate.service static -
grub2-systemd-integration.service static -
gssproxy.service disabled disabled
hibinit-agent.service enabled enabled
import-state.service enabled enabled
initrd-cleanup.service static -
initrd-parse-etc.service static -
initrd-switch-root.service static -
initrd-udevadm-cleanup-db.service static -
irqbalance.service enabled enabled
kmod-static-nodes.service static -
kpatch.service disabled disabled
ldconfig.service static -
libstoragemgmt.service enabled enabled
loadmodules.service disabled disabled
logrotate.service static -
man-db-cache-update.service static -
man-db-restart-cache-update.service disabled disabled
modprobe@.service static -
nfs-blkmap.service disabled disabled
nfs-convert.service enabled disabled
nfs-idmapd.service static -
nfs-mountd.service static -
nfs-server.service disabled disabled
nfs-utils.service static -
nfsdcld.service static -
nis-domainname.service disabled disabled
pam_namespace.service static -
policy-routes@.service static -
psacct.service disabled disabled
quotaon.service static -
rc-local.service static -
rdisc.service disabled disabled
refresh-policy-routes@.service static -
rescue.service static -
rngd.service enabled enabled
rpc-gssd.service static -
rpc-statd-notify.service static -
rpc-statd.service static -
rpcbind.service disabled disabled
rpmdb-rebuild.service enabled enabled
selinux-autorelabel-mark.service enabled enabled
selinux-autorelabel.service static -
selinux-check-proper-disable.service disabled disabled
serial-getty@.service indirect disabled
sshd-keygen@.service disabled disabled
sshd.service enabled enabled
sshd@.service static -
sssd-autofs.service indirect disabled
sssd-kcm.service indirect disabled
sssd-nss.service indirect disabled
sssd-pac.service indirect disabled
sssd-pam.service indirect disabled
sssd-ssh.service indirect disabled
sssd-sudo.service indirect disabled
sssd.service enabled enabled
sysstat-collect.service static -
sysstat-summary.service static -
sysstat.service enabled enabled
system-update-cleanup.service static -
systemd-ask-password-console.service static -
systemd-ask-password-wall.service static -
systemd-backlight@.service static -
systemd-binfmt.service static -
systemd-boot-check-no-failures.service disabled disabled
systemd-coredump@.service static -
systemd-exit.service static -
systemd-firstboot.service static -
systemd-fsck-root.service enabled-runtime disabled
systemd-fsck@.service static -
systemd-halt.service static -
systemd-hibernate-resume@.service static -
systemd-hibernate.service static -
systemd-homed-activate.service disabled disabled
systemd-homed.service disabled enabled
systemd-hostnamed.service static -
systemd-hwdb-update.service static -
systemd-hybrid-sleep.service static -
systemd-initctl.service static -
systemd-journal-catalog-update.service static -
systemd-journal-flush.service static -
systemd-journald.service static -
systemd-journald@.service static -
systemd-kexec.service static -
systemd-localed.service static -
systemd-logind.service static -
systemd-machine-id-commit.service static -
systemd-modules-load.service static -
systemd-network-generator.service enabled enabled
systemd-networkd-wait-online.service enabled disabled
systemd-networkd-wait-online@.service disabled disabled
systemd-networkd.service enabled enabled
systemd-oomd.service disabled disabled
systemd-portabled.service static -
systemd-poweroff.service static -
systemd-pstore.service disabled enabled
systemd-quotacheck.service static -
systemd-random-seed.service static -
systemd-reboot.service static -
systemd-remount-fs.service enabled-runtime disabled
systemd-repart.service static -
systemd-resolved.service enabled enabled
systemd-rfkill.service static -
systemd-suspend-then-hibernate.service static -
systemd-suspend.service static -
systemd-sysctl.service static -
systemd-sysext.service disabled disabled
systemd-sysupdate-reboot.service indirect disabled
systemd-sysupdate.service indirect disabled
systemd-sysusers.service static -
systemd-time-wait-sync.service disabled disabled
systemd-timedated.service static -
systemd-timesyncd.service disabled disabled
systemd-tmpfiles-clean.service static -
systemd-tmpfiles-setup-dev.service static -
systemd-tmpfiles-setup.service static -
systemd-udev-settle.service static -
systemd-udev-trigger.service static -
systemd-udevd.service static -
systemd-update-done.service static -
systemd-update-utmp-runlevel.service static -
systemd-update-utmp.service static -
systemd-user-sessions.service static -
systemd-userdbd.service indirect disabled
systemd-vconsole-setup.service static -
systemd-volatile-root.service static -
update-motd.service enabled enabled
user-runtime-dir@.service static -
user@.service static -
169 unit files listed.プロセス一覧
$ sudo ps auxf
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 2 0.0 0.0 0 0 ? S 22:00 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [rcu_gp]
root 4 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [rcu_par_gp]
root 5 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [slub_flushwq]
root 6 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [netns]
root 8 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kworker/0:0H-events_highpri]
root 10 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [mm_percpu_wq]
root 11 0.0 0.0 0 0 ? I 22:00 0:00 \_ [rcu_tasks_kthread]
root 12 0.0 0.0 0 0 ? I 22:00 0:00 \_ [rcu_tasks_rude_kthread]
root 13 0.0 0.0 0 0 ? I 22:00 0:00 \_ [rcu_tasks_trace_kthread]
root 14 0.0 0.0 0 0 ? S 22:00 0:00 \_ [ksoftirqd/0]
root 15 0.0 0.0 0 0 ? I 22:00 0:00 \_ [rcu_preempt]
root 16 0.0 0.0 0 0 ? S 22:00 0:00 \_ [migration/0]
root 18 0.0 0.0 0 0 ? S 22:00 0:00 \_ [cpuhp/0]
root 19 0.0 0.0 0 0 ? S 22:00 0:00 \_ [cpuhp/1]
root 20 0.0 0.0 0 0 ? S 22:00 0:00 \_ [migration/1]
root 21 0.0 0.0 0 0 ? S 22:00 0:00 \_ [ksoftirqd/1]
root 23 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kworker/1:0H-events_highpri]
root 25 0.0 0.0 0 0 ? I 22:00 0:00 \_ [kworker/u4:1-events_unbound]
root 26 0.0 0.0 0 0 ? S 22:00 0:00 \_ [kdevtmpfs]
root 27 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [inet_frag_wq]
root 28 0.0 0.0 0 0 ? S 22:00 0:00 \_ [kauditd]
root 29 0.0 0.0 0 0 ? S 22:00 0:00 \_ [khungtaskd]
root 30 0.0 0.0 0 0 ? S 22:00 0:00 \_ [oom_reaper]
root 32 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [writeback]
root 33 0.0 0.0 0 0 ? S 22:00 0:00 \_ [kcompactd0]
root 34 0.0 0.0 0 0 ? SN 22:00 0:00 \_ [khugepaged]
root 35 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kintegrityd]
root 36 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kblockd]
root 37 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [blkcg_punt_bio]
root 39 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [tpm_dev_wq]
root 40 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [md]
root 41 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [edac-poller]
root 42 0.0 0.0 0 0 ? S 22:00 0:00 \_ [watchdogd]
root 43 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kworker/1:1H-xfs-log/nvme0n1p1]
root 60 0.0 0.0 0 0 ? S 22:00 0:00 \_ [kswapd0]
root 63 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfsalloc]
root 64 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs_mru_cache]
root 66 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kthrotld]
root 69 0.0 0.0 0 0 ? I 22:00 0:00 \_ [kworker/1:2-mm_percpu_wq]
root 82 0.0 0.0 0 0 ? S 22:00 0:00 \_ [xenbus_probe]
root 113 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [nvme-wq]
root 115 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [nvme-reset-wq]
root 117 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [nvme-delete-wq]
root 124 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [mld]
root 143 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [ipv6_addrconf]
root 162 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kstrp]
root 174 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [zswap-shrink]
root 242 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kworker/u5:0]
root 243 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [kworker/0:1H-xfs-log/nvme0n1p1]
root 361 0.0 0.0 0 0 ? I 22:00 0:00 \_ [kworker/0:3-cgroup_destroy]
root 706 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-buf/nvme0n1]
root 707 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-conv/nvme0n]
root 708 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-reclaim/nvm]
root 709 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-blockgc/nvm]
root 710 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-inodegc/nvm]
root 711 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-log/nvme0n1]
root 712 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xfs-cil/nvme0n1]
root 713 0.0 0.0 0 0 ? S 22:00 0:00 \_ [xfsaild/nvme0n1p1]
root 1157 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [ena]
root 1179 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [cryptd]
root 1340 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [rpciod]
root 1341 0.0 0.0 0 0 ? I< 22:00 0:00 \_ [xprtiod]
root 2034 0.0 0.0 0 0 ? I 22:06 0:00 \_ [kworker/0:1-mm_percpu_wq]
root 2088 0.0 0.0 0 0 ? I 22:06 0:00 \_ [kworker/1:0-events]
root 2203 0.0 0.0 0 0 ? I 22:10 0:00 \_ [kworker/u4:0-events_unbound]
root 2265 0.0 0.0 0 0 ? I 22:13 0:00 \_ [kworker/1:1-mm_percpu_wq]
root 2322 0.0 0.0 0 0 ? I 22:13 0:00 \_ [kworker/0:0-events]
root 2329 0.0 0.0 0 0 ? D 22:15 0:00 \_ [kworker/u4:2+events_unbound]
root 2454 0.0 0.0 0 0 ? I 22:17 0:00 \_ [kworker/u4:3-events_unbound]
root 1 0.2 1.7 105312 16896 ? Ss 22:00 0:02 /usr/lib/systemd/systemd --switched-root --system --deseria
root 756 0.0 1.5 42264 14964 ? Ss 22:00 0:00 /usr/lib/systemd/systemd-journald
root 1127 0.0 1.1 30288 10460 ? Ss 22:00 0:00 /usr/lib/systemd/systemd-udevd
systemd+ 1140 0.0 1.5 21036 14512 ? Ss 22:00 0:00 /usr/lib/systemd/systemd-resolved
root 1142 0.0 0.2 36024 2776 ? S<sl 22:00 0:00 /sbin/auditd
root 1191 0.0 0.6 15260 6528 ? Ss 22:00 0:00 /usr/bin/systemd-inhibit --what=handle-suspend-key:handle-h
root 1358 0.0 0.1 2668 1132 ? S 22:00 0:00 \_ /usr/sbin/acpid -f
root 1194 0.0 0.3 81328 2940 ? Ssl 22:00 0:00 /usr/sbin/irqbalance --foreground
libstor+ 1195 0.0 0.2 2752 2040 ? Ss 22:00 0:00 /usr/bin/lsmd -d
root 1196 3.7 0.7 164768 6868 ? Ssl 22:00 0:37 /usr/sbin/rngd -f -x pkcs11 -x nist
root 1197 0.0 1.1 240020 10684 ? Ss 22:00 0:00 /usr/sbin/sssd -i --logger=files
root 1263 0.0 1.3 243644 12684 ? S 22:00 0:00 \_ /usr/libexec/sssd/sssd_be --domain implicit_files --uid
root 1283 0.0 4.1 267284 39504 ? S 22:00 0:00 \_ /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=fil
dbus 1199 0.0 0.4 8372 3884 ? Ss 22:00 0:00 /usr/bin/dbus-broker-launch --scope system --audit
dbus 1217 0.0 0.3 5264 2904 ? S 22:00 0:00 \_ dbus-broker --log 4 --controller 9 --machine-id ec26934
systemd+ 1200 0.0 1.0 235712 9592 ? Ss 22:00 0:00 /usr/lib/systemd/systemd-networkd
chrony 1213 0.0 0.4 86864 4152 ? S 22:00 0:00 /usr/sbin/chronyd -F 2
root 1242 0.0 0.3 281008 3532 ? Ssl 22:00 0:00 /usr/sbin/gssproxy -D
root 1334 0.0 1.0 17600 9864 ? Ss 22:00 0:00 /usr/lib/systemd/systemd-logind
root 1495 0.0 0.2 20544 2624 ? Ss 22:00 0:00 /usr/sbin/atd -f
root 1496 0.0 0.1 221344 1068 tty1 Ss+ 22:00 0:00 /sbin/agetty -o -p -- \u --noclear - linux
root 1497 0.0 0.1 221388 1064 ttyS0 Ss+ 22:00 0:00 /sbin/agetty -o -p -- \u --keep-baud 115200,57600,38400,960
root 1503 0.0 0.7 29104 7096 ? Ss 22:00 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root 1840 0.0 1.6 1247744 15776 ? Ssl 22:01 0:00 /usr/bin/amazon-ssm-agent
root 1880 0.0 2.8 1484360 26732 ? Sl 22:01 0:00 \_ /usr/bin/ssm-agent-worker
root 2009 0.1 2.3 1326884 21740 ? Sl 22:05 0:01 \_ /usr/bin/ssm-session-worker <IAMロール名>-03f3f
ssm-user 2029 0.0 0.4 232300 4200 pts/0 Ss 22:05 0:00 \_ sh
root 2392 1.0 0.8 260288 8448 pts/0 S+ 22:17 0:00 \_ sudo ps auxf
root 2463 0.0 0.3 232680 2912 pts/0 R+ 22:17 0:00 \_ ps auxf
root 2395 4.0 0.6 15260 6528 ? Ss 22:17 0:00 /usr/lib/systemd/systemd-userdbd
root 2410 0.0 0.8 24876 7684 ? S 22:17 0:00 \_ systemd-userwork
root 2412 0.0 0.7 15612 6672 ? S 22:17 0:00 \_ systemd-userwork
root 2413 0.0 0.7 15612 6684 ? S 22:17 0:00 \_ systemd-userwork
root 2451 6.0 1.3 19836 12912 ? Ss 22:17 0:00 /usr/lib/systemd/systemd --user
root 2456 0.0 0.7 115676 6800 ? S 22:17 0:00 \_ (sd-pam)使用しているポート一覧
$ sudo ss -antup
Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
udp UNCONN 0 0 172.31.7.233%ens5:68 0.0.0.0:* users:(("systemd-network",pid=1200,fd=17))
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=1213,fd=5))
udp UNCONN 0 0 [fe80::4:4dff:fe6f:d56b]%ens5:546 [::]:* users:(("systemd-network",pid=1200,fd=19))
udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=1213,fd=6))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1503,fd=4))
tcp ESTAB 0 0 172.31.7.233:44510 67.220.240.167:443 users:(("ssm-agent-worke",pid=1880,fd=10))
tcp ESTAB 0 0 172.31.7.233:59786 209.54.182.89:443 users:(("ssm-session-wor",pid=2009,fd=16))
tcp TIME-WAIT 0 0 172.31.7.233:33134 52.119.198.91:443
tcp ESTAB 0 0 172.31.7.233:53100 209.54.181.213:443 users:(("ssm-agent-worke",pid=1880,fd=14))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=1503,fd=6))ディスクサイズ一覧
$ df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs 460M 0 460M 0% /dev/shm
tmpfs 184M 384K 184M 1% /run
/dev/nvme0n1p1 8.0G 1.8G 6.3G 22% /
tmpfs 460M 0 460M 0% /tmpマウントされているファイルシステム一覧
$ findmnt
TARGET SOURCE FSTYPE OPTIONS
/ /dev/nvme0n1p1
│ xfs rw,noatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,sunit=1024,swidth
├─/proc proc proc rw,nosuid,nodev,noexec,relatime
│ └─/proc/sys/fs/binfmt_misc systemd-1 autofs rw,relatime,fd=29,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=1
├─/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/security securityfs securityfs rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot
│ ├─/sys/fs/pstore pstore pstore rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/firmware/efi/efivars efivarfs efivarfs rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/bpf bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700
│ ├─/sys/fs/selinux selinuxfs selinuxfs rw,nosuid,noexec,relatime
│ ├─/sys/kernel/debug debugfs debugfs rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/tracing tracefs tracefs rw,nosuid,nodev,noexec,relatime,seclabel
│ ├─/sys/kernel/config configfs configfs rw,nosuid,nodev,noexec,relatime
│ └─/sys/fs/fuse/connections fusectl fusectl rw,nosuid,nodev,noexec,relatime
├─/dev devtmpfs devtmpfs rw,nosuid,seclabel,size=4096k,nr_inodes=114352,mode=755
│ ├─/dev/shm tmpfs tmpfs rw,nosuid,nodev,seclabel
│ ├─/dev/pts devpts devpts rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000
│ ├─/dev/hugepages hugetlbfs hugetlbfs rw,relatime,seclabel,pagesize=2M
│ └─/dev/mqueue mqueue mqueue rw,nosuid,nodev,noexec,relatime,seclabel
├─/run tmpfs tmpfs rw,nosuid,nodev,seclabel,size=188280k,nr_inodes=819200,mode=755
│ ├─/run/credentials/systemd-sysctl.service
│ │ ramfs ramfs ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
│ ├─/run/credentials/systemd-tmpfiles-setup-dev.service
│ │ ramfs ramfs ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
│ └─/run/credentials/systemd-tmpfiles-setup.service
│ ramfs ramfs ro,nosuid,nodev,noexec,relatime,seclabel,mode=700
├─/tmp tmpfs tmpfs rw,nosuid,nodev,seclabel,nr_inodes=1048576
├─/boot/efi systemd-1 autofs rw,relatime,fd=38,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=1
└─/var/lib/nfs/rpc_pipefs sunrpc rpc_pipefs rw,relatimeユーザー一覧
$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/usr/sbin/nologin
systemd-oom:x:999:999:systemd Userspace OOM Killer:/:/usr/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/usr/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/usr/share/empty.sshd:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
libstoragemgmt:x:997:997:daemon account for libstoragemgmt:/:/usr/sbin/nologin
systemd-coredump:x:996:996:systemd Core Dumper:/:/usr/sbin/nologin
systemd-timesync:x:995:995:systemd Time Synchronization:/:/usr/sbin/nologin
ec2-instance-connect:x:994:994::/home/ec2-instance-connect:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
chrony:x:993:993:chrony system user:/var/lib/chrony:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
ec2-user:x:1000:1000:EC2 Default User:/home/ec2-user:/bin/bash
cwagent:x:992:992:Cloudwatch Agent:/home/cwagent:/sbin/nologin
ssm-user:x:1001:1001::/home/ssm-user:/bin/bashグループ一覧
$ cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:ec2-user
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:ec2-user
cdrom:x:11:
mail:x:12:
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:33:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
users:x:100:
nobody:x:65534:
utmp:x:22:
utempter:x:35:
dbus:x:81:
input:x:104:
kvm:x:36:
render:x:105:
sgx:x:106:
systemd-journal:x:190:ec2-user
systemd-network:x:192:
systemd-oom:x:999:
systemd-resolve:x:193:
ssh_keys:x:998:
sshd:x:74:
rpc:x:32:
libstoragemgmt:x:997:
systemd-coredump:x:996:
systemd-timesync:x:995:
ec2-instance-connect:x:994:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
rpcuser:x:29:
chrony:x:993:
tcpdump:x:72:
screen:x:84:
ec2-user:x:1000:
cwagent:x:992:
ssm-user:x:1001:OSライブラリを検証した上でAmazon Linux 2023を使っていこう
Amazon Linux 2023がGAになったアップデートを紹介しました。
Amazon Linux 2のサポート期間は2025年6月まで延長されましたが、OSライブラリを検証した上で早めにAmazon Linux 2023を使っていきましょう。
その際はAmazon Linux 2 and Amazon Linux 2023の比較をしているAWS公式ドキュメントがあるので、こちらを参考にすると良いかと思います。
この記事が誰かの助けになれば幸いです。
以上、AWS事業本部 コンサルティング部の のんピ(@non____97)でした!
6
