本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 在 AL2023 中管理套件和作業系統更新
與舊版 Amazon Linux 不同,AL2023 AMIs 會鎖定到特定版本的 Amazon Linux 儲存庫。若要同時將安全性和錯誤修正套用至 AL2023 執行個體,請將DNF組態更新為最新的可用版本。或者,啟動較新的 AL2023 執行個體。
本節說明如何在執行中的執行個體管理 DNF 套件和儲存庫。另外說明如何從使用者資料指令碼設定 DNF,以在啟動時啟用最新的 Amazon Linux 儲存庫。如需更多詳細資訊,請參閱 [DNF 命令參考](https://dnf.readthedocs.io/en/latest/command_ref.html)。
建議套用新 AL2023 版本中可用的*所有*更新。僅選擇安全性更新,或僅選擇特定更新應該是例外狀況,而不是規則。如需與特定執行個體[安全建議](alas.md)相關的清單,請參閱 [列出適用的建議](listing-applicable-advisories.md)。如需*僅*安裝與特定[諮詢](alas.md)相關的更新的資訊,請參閱[就地套用安全性更新](security-inplace-update.md)。
**重要**
如果您想要報告漏洞或對 AWS 雲端服務或開放原始碼專案有安全疑慮,請使用[漏洞報告頁面](https://aws.amazon.com/security/vulnerability-reporting/)聯絡 AWS 安全部門
**Topics**
+ [檢查可用的套件更新](#dnf-package-updates)
+ [使用 DNF 和儲存庫版本套用安全更新](#apply-security-updates)
+ [在 (安全性) 更新後自動重新啟動服務](#automatic-restart-services)
+ [何時需要重新啟動才能套用安全性更新?](#reboot)
+ [啟動已啟用最新儲存庫版本的執行個體](#launch-an-instance-repo-version)
+ [取得套件支援資訊](#dnf-support-info-plugin)
+ [使用 檢查較新的儲存庫版本 `dnf check-release-update`](#dnf-repository-updates)
+ [新增、啟用或停用新儲存庫](#dnf-repo-addition)
+ [使用 cloud-init 新增儲存庫](#cloud-init-repo-update)
## 檢查可用的套件更新
您可以使用 `dnf check-update` 命令來檢查系統是否有任何更新。對於 AL2023,建議您將此 `--releasever={{version-number}}` 選項新增至命令。
當您新增此選項時,DNF 也會檢查儲存庫較新版本的更新。例如,執行 `dnf check-update` 命令後,請使用最新傳回的版本作為 `{{version-number}}` 的值.
如果執行個體已更新為使用最新版本的儲存庫,則輸出會包含要更新的所有套件清單。
**注意**
如果您沒有為 `dnf check-update` 命令指定有選用標誌的發行版本,則僅檢查目前設定的儲存庫版本。這表示不會檢查較新版本儲存庫中的套件。
------
#### [ Updates in a specific version ]
在此範例中,如果我們啟動了 [2023.0.20230628 版本的容器,我們將查看 2023.1](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)[.20230315 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html)版本中有哪些可用的更新。
**注意**
此範例使用 [2023.0.20230315](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html) 和 [2023.1.20230628](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html) 版本,這些*不是* AL2023 的最新版本。請參閱 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/)以取得最新版本,其中包含最新的安全性更新。
在此範例中,我們將從 [2023.0.20230315](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html) 版本的容器映像開始。
首先,我們從容器登錄檔擷取此容器映像。結尾`.0`的 表示特定版本的映像版本;此映像版本通常為零。
```
$ docker pull public.ecr.aws/amazonlinux/amazonlinux:{{2023.0.20230315.0}}
2023.0.20230315.0: Pulling from amazonlinux/amazonlinux
b76f3b09316a: Pull complete
Digest: sha256:94e7183b0739140dbd5b639fb7600f0a2299cec5df8780c26d9cb409da5315a9
Status: Downloaded newer image for public.ecr.aws/amazonlinux/amazonlinux:2023.0.20230315.0
public.ecr.aws/amazonlinux/amazonlinux:2023.0.20230315.0
```
我們現在可以在容器內產生 shell,並從中檢查更新。
```
$ docker run -it public.ecr.aws/amazonlinux/amazonlinux:{{2023.0.20230315.0}}
bash-5.2#
```
`dnf check-update` 命令現在用於檢查 [2023.1.20230628 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)版中可用的更新。
**注意**
套用套件更新是一項特殊權限操作。雖然在容器中執行 時通常不需要提升權限,但如果在 Amazon EC2 執行個體等非容器化環境中執行 ,則可以在不提升權限的情況下*檢查*更新。
```
$ dnf check-update --releasever={{2023.1.20230628}}
Amazon Linux 2023 repository 60 MB/s | 15 MB 00:00
Last metadata expiration check: 0:00:02 ago on Mon Jul 22 17:25:34 2024.
amazon-linux-repo-cdn.noarch 2023.1.20230628-0.amzn2023 amazonlinux
ca-certificates.noarch 2023.2.60-1.0.amzn2023.0.2 amazonlinux
curl-minimal.x86_64 8.0.1-1.amzn2023 amazonlinux
glib2.x86_64 2.74.7-688.amzn2023.0.1 amazonlinux
glibc.x86_64 2.34-52.amzn2023.0.3 amazonlinux
glibc-common.x86_64 2.34-52.amzn2023.0.3 amazonlinux
glibc-minimal-langpack.x86_64 2.34-52.amzn2023.0.3 amazonlinux
gnupg2-minimal.x86_64 2.3.7-1.amzn2023.0.4 amazonlinux
keyutils-libs.x86_64 1.6.3-1.amzn2023 amazonlinux
libcap.x86_64 2.48-2.amzn2023.0.3 amazonlinux
libcurl-minimal.x86_64 8.0.1-1.amzn2023 amazonlinux
libgcc.x86_64 11.3.1-4.amzn2023.0.3 amazonlinux
libgomp.x86_64 11.3.1-4.amzn2023.0.3 amazonlinux
libstdc++.x86_64 11.3.1-4.amzn2023.0.3 amazonlinux
libxml2.x86_64 2.10.4-1.amzn2023.0.1 amazonlinux
ncurses-base.noarch 6.2-4.20200222.amzn2023.0.4 amazonlinux
ncurses-libs.x86_64 6.2-4.20200222.amzn2023.0.4 amazonlinux
openssl-libs.x86_64 1:3.0.8-1.amzn2023.0.3 amazonlinux
python3-rpm.x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux
rpm.x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux
rpm-build-libs.x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux
rpm-libs.x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux
rpm-sign-libs.x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux
system-release.noarch 2023.1.20230628-0.amzn2023 amazonlinux
tzdata.noarch 2023c-1.amzn2023.0.1 amazonlinux
bash-5.2#
```
`system-release` 套件的版本顯示`dnf upgrade`命令將更新的版本,這是命令中請求的 [2023.1.20230628 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)版本。 `dnf check-update --releasever={{2023.1.20230628}}`
------
#### [ Updates in the latest version ]
在此範例中,如果我們啟動了 2023.4. `latest`版本的容器,我們將查看 AL2023 版本中有哪些可用的更新。 AL2023 [20240319](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html) 撰寫時,`latest`版本為 [2023.5.20240708](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html),因此此範例中列出的更新將截至該版本。
**注意**
此範例使用 [2023.4.20240319](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html) 和 [2023.5.20240708 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html)版本,後者是*撰寫時的*最新版本。如需最新版本的詳細資訊,請參閱 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/)。
在此範例中,我們將從 [2023.4.20240319 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html)版的容器映像開始。
首先,我們從容器登錄檔擷取此容器映像。結尾`.1`的 表示特定版本的映像版本。雖然映像版本通常為零,但此範例會使用映像版本為 的版本。
```
$ docker pull public.ecr.aws/amazonlinux/amazonlinux:{{2023.4.20240319.1}}
2023.4.20240319.1: Pulling from amazonlinux/amazonlinux
6de065fda9a2: Pull complete
Digest: sha256:b4838c4cc9211d966b6ea158dacc9eda7433a16ba94436508c2d9f01f7658b4e
Status: Downloaded newer image for public.ecr.aws/amazonlinux/amazonlinux:2023.4.20240319.1
public.ecr.aws/amazonlinux/amazonlinux:2023.4.20240319.1
```
我們現在可以在容器內產生 shell,並從中檢查更新。
```
$ docker run -it public.ecr.aws/amazonlinux/amazonlinux:{{2023.4.20240319.1}}
bash-5.2#
```
`dnf check-update` 命令現在用於檢查`latest`發行版本中可用的更新,在*寫入時*為 [2023.5.20240708](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html)。
**注意**
套用套件更新是一項特殊權限操作。雖然在容器中執行 時通常不需要提升權限,但如果在 Amazon EC2 執行個體等非容器化環境中執行 ,則可以在不提升權限的情況下*檢查*更新。
```
$ dnf --releasever=latest check-update
Amazon Linux 2023 repository 78 MB/s | 25 MB 00:00
Last metadata expiration check: 0:00:04 ago on Mon Jul 22 17:39:13 2024.
amazon-linux-repo-cdn.noarch 2023.5.20240708-1.amzn2023 amazonlinux
curl-minimal.x86_64 8.5.0-1.amzn2023.0.4 amazonlinux
dnf.noarch 4.14.0-1.amzn2023.0.5 amazonlinux
dnf-data.noarch 4.14.0-1.amzn2023.0.5 amazonlinux
expat.x86_64 2.5.0-1.amzn2023.0.4 amazonlinux
glibc.x86_64 2.34-52.amzn2023.0.10 amazonlinux
glibc-common.x86_64 2.34-52.amzn2023.0.10 amazonlinux
glibc-minimal-langpack.x86_64 2.34-52.amzn2023.0.10 amazonlinux
krb5-libs.x86_64 1.21-3.amzn2023.0.4 amazonlinux
libblkid.x86_64 2.37.4-1.amzn2023.0.4 amazonlinux
libcurl-minimal.x86_64 8.5.0-1.amzn2023.0.4 amazonlinux
libmount.x86_64 2.37.4-1.amzn2023.0.4 amazonlinux
libnghttp2.x86_64 1.59.0-3.amzn2023.0.1 amazonlinux
libsmartcols.x86_64 2.37.4-1.amzn2023.0.4 amazonlinux
libuuid.x86_64 2.37.4-1.amzn2023.0.4 amazonlinux
openssl-libs.x86_64 1:3.0.8-1.amzn2023.0.12 amazonlinux
python3.x86_64 3.9.16-1.amzn2023.0.8 amazonlinux
python3-dnf.noarch 4.14.0-1.amzn2023.0.5 amazonlinux
python3-libs.x86_64 3.9.16-1.amzn2023.0.8 amazonlinux
system-release.noarch 2023.5.20240708-1.amzn2023 amazonlinux
yum.noarch 4.14.0-1.amzn2023.0.5 amazonlinux
bash-5.2#
```
`system-release` 套件的版本會顯示`dnf upgrade`命令將更新的版本。
------
對於這個命令,如果有更新的套件可用,傳回碼是 100。如果沒有更新的套件可用,傳回碼是 0。此外,輸出也會列出所有要更新的套件。
## 使用 DNF 和儲存庫版本套用安全更新
新套件更新和安全更新僅適用於新的儲存庫版本。對於從舊版 AL2023 AMI 啟動的執行個體,您必須先更新儲存庫版本,然後才能安裝安全更新。`dnf check-release-update` 命令包含範例更新命令,可將系統上安裝的所有套件更新為較新儲存庫中的版本。
**注意**
如果您沒有為 `dnf check-update` 命令指定有選用標誌的發行版本,則僅檢查目前設定的儲存庫版本。這表示不會套用任何更新版本之儲存庫中已安裝套件的任何更新。
本節涵蓋套用所有可用更新的建議升級路徑,而不是選擇個別更新或僅標記為安全性更新的更新。透過套用所有更新,現有執行個體會移至與啟動更新 AMI 相同的套件集。此一致性可減少機群中套件版本的變化。如需套用特定更新的詳細資訊,請參閱 [就地套用安全性更新](security-inplace-update.md)。
------
#### [ Applying updates in a specific version ]
在此範例中,如果我們啟動了 [2023.0.20230628 版本的容器,我們將套用 2023.1](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)[.20230315 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html)版本中可用的更新。
**注意**
此範例使用 [2023.0.20230315](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html) 和 [2023.1.20230628](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html) 版本,這些*不是* AL2023 的最新版本。請參閱 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/)以取得最新版本,其中包含最新的安全性更新。
在此範例中,我們將從 [2023.0.20230315](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.0.20230315.html) 版本的容器映像開始。
首先,我們從容器登錄檔擷取此容器映像。結尾`.0`的 表示特定版本的映像版本;此映像版本通常為零。
```
$ docker pull public.ecr.aws/amazonlinux/amazonlinux:{{2023.0.20230315.0}}
2023.0.20230315.0: Pulling from amazonlinux/amazonlinux
b76f3b09316a: Pull complete
Digest: sha256:94e7183b0739140dbd5b639fb7600f0a2299cec5df8780c26d9cb409da5315a9
Status: Downloaded newer image for public.ecr.aws/amazonlinux/amazonlinux:2023.0.20230315.0
public.ecr.aws/amazonlinux/amazonlinux:2023.0.20230315.0
```
我們現在可以在容器內產生殼層,從中套用更新。
```
$ docker run -it public.ecr.aws/amazonlinux/amazonlinux:{{2023.0.20230315.0}}
bash-5.2#
```
`dnf upgrade` 命令現在用於套用 [2023.1.20230628 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)版中存在的所有更新。
**注意**
套用套件更新是一項特殊權限操作。雖然在容器中執行 時通常不需要提升權限,但如果在 Amazon EC2 執行個體等非容器化環境中執行 ,則需要以`root`使用者身分執行 `dnf upgrade`命令。這可以使用 `sudo`或 `su`命令來完成。
```
$ dnf upgrade --releasever={{2023.1.20230628}}
Amazon Linux 2023 repository 38 MB/s | 15 MB 00:00
Last metadata expiration check: 0:00:02 ago on Mon Jul 22 17:49:08 2024.
Dependencies resolved.
=================================================================================
Package Arch Version Repository Size
=================================================================================
Upgrading:
amazon-linux-repo-cdn noarch 2023.1.20230628-0.amzn2023 amazonlinux 18 k
ca-certificates noarch 2023.2.60-1.0.amzn2023.0.2 amazonlinux 829 k
curl-minimal x86_64 8.0.1-1.amzn2023 amazonlinux 150 k
glib2 x86_64 2.74.7-688.amzn2023.0.1 amazonlinux 2.7 M
glibc x86_64 2.34-52.amzn2023.0.3 amazonlinux 1.9 M
glibc-common x86_64 2.34-52.amzn2023.0.3 amazonlinux 307 k
glibc-minimal-langpack x86_64 2.34-52.amzn2023.0.3 amazonlinux 35 k
gnupg2-minimal x86_64 2.3.7-1.amzn2023.0.4 amazonlinux 421 k
keyutils-libs x86_64 1.6.3-1.amzn2023 amazonlinux 33 k
libcap x86_64 2.48-2.amzn2023.0.3 amazonlinux 67 k
libcurl-minimal x86_64 8.0.1-1.amzn2023 amazonlinux 249 k
libgcc x86_64 11.3.1-4.amzn2023.0.3 amazonlinux 105 k
libgomp x86_64 11.3.1-4.amzn2023.0.3 amazonlinux 280 k
libstdc++ x86_64 11.3.1-4.amzn2023.0.3 amazonlinux 744 k
libxml2 x86_64 2.10.4-1.amzn2023.0.1 amazonlinux 706 k
ncurses-base noarch 6.2-4.20200222.amzn2023.0.4 amazonlinux 60 k
ncurses-libs x86_64 6.2-4.20200222.amzn2023.0.4 amazonlinux 328 k
openssl-libs x86_64 1:3.0.8-1.amzn2023.0.3 amazonlinux 2.2 M
python3-rpm x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux 88 k
rpm x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux 486 k
rpm-build-libs x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux 90 k
rpm-libs x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux 309 k
rpm-sign-libs x86_64 4.16.1.3-12.amzn2023.0.6 amazonlinux 21 k
system-release noarch 2023.1.20230628-0.amzn2023 amazonlinux 29 k
tzdata noarch 2023c-1.amzn2023.0.1 amazonlinux 433 k
Transaction Summary
=================================================================================
Upgrade 25 Packages
Total download size: 12 M
Is this ok [y/N]:
```
`system-release` 套件的版本顯示`dnf upgrade`命令將更新的版本,這是命令中請求的 [2023.1.20230628 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.1.20230628.html)版本。 `dnf upgrade --releasever={{2023.1.20230628}}`
根據預設, `dnf` 會要求您確認是否要套用更新。您可以使用 `-y`旗標略過此提示`dnf`。在此範例中, `dnf upgrade -y --releasever={{2023.1.20230628}}`命令不會在套用更新之前要求確認。這在指令碼或其他自動化環境中非常有用。
一旦確認您要套用更新, 就會`dnf`套用更新。
```
Is this ok [y/N]:y
Downloading Packages:
(1/25): libcap-2.48-2.amzn2023.0.3.x86_64.rpm 1.5 MB/s | 67 kB 00:00
(2/25): python3-rpm-4.16.1.3-12.amzn2023.0.6.x86 2.1 MB/s | 88 kB 00:00
(3/25): libcurl-minimal-8.0.1-1.amzn2023.x86_64. 2.6 MB/s | 249 kB 00:00
(4/25): glib2-2.74.7-688.amzn2023.0.1.x86_64.rpm 26 MB/s | 2.7 MB 00:00
(5/25): glibc-minimal-langpack-2.34-52.amzn2023. 1.3 MB/s | 35 kB 00:00
(6/25): rpm-build-libs-4.16.1.3-12.amzn2023.0.6. 2.8 MB/s | 90 kB 00:00
(7/25): rpm-libs-4.16.1.3-12.amzn2023.0.6.x86_64 6.6 MB/s | 309 kB 00:00
(8/25): libgcc-11.3.1-4.amzn2023.0.3.x86_64.rpm 3.9 MB/s | 105 kB 00:00
(9/25): glibc-common-2.34-52.amzn2023.0.3.x86_64 11 MB/s | 307 kB 00:00
(10/25): glibc-2.34-52.amzn2023.0.3.x86_64.rpm 31 MB/s | 1.9 MB 00:00
(11/25): rpm-sign-libs-4.16.1.3-12.amzn2023.0.6. 877 kB/s | 21 kB 00:00
(12/25): gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86 15 MB/s | 421 kB 00:00
(13/25): openssl-libs-3.0.8-1.amzn2023.0.3.x86_6 35 MB/s | 2.2 MB 00:00
(14/25): libxml2-2.10.4-1.amzn2023.0.1.x86_64.rp 14 MB/s | 706 kB 00:00
(15/25): curl-minimal-8.0.1-1.amzn2023.x86_64.rp 4.2 MB/s | 150 kB 00:00
(16/25): rpm-4.16.1.3-12.amzn2023.0.6.x86_64.rpm 11 MB/s | 486 kB 00:00
(17/25): libgomp-11.3.1-4.amzn2023.0.3.x86_64.rp 7.0 MB/s | 280 kB 00:00
(18/25): libstdc++-11.3.1-4.amzn2023.0.3.x86_64. 14 MB/s | 744 kB 00:00
(19/25): keyutils-libs-1.6.3-1.amzn2023.x86_64.r 1.6 MB/s | 33 kB 00:00
(20/25): ncurses-libs-6.2-4.20200222.amzn2023.0. 10 MB/s | 328 kB 00:00
(21/25): tzdata-2023c-1.amzn2023.0.1.noarch.rpm 11 MB/s | 433 kB 00:00
(22/25): amazon-linux-repo-cdn-2023.1.20230628-0 781 kB/s | 18 kB 00:00
(23/25): ca-certificates-2023.2.60-1.0.amzn2023. 16 MB/s | 829 kB 00:00
(24/25): system-release-2023.1.20230628-0.amzn20 1.5 MB/s | 29 kB 00:00
(25/25): ncurses-base-6.2-4.20200222.amzn2023.0. 3.1 MB/s | 60 kB 00:00
---------------------------------------------------------------------------------
Total 28 MB/s | 12 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Upgrading : libgcc-11.3.1-4.amzn2023.0.3.x86_64 1/50
Running scriptlet: libgcc-11.3.1-4.amzn2023.0.3.x86_64 1/50
Upgrading : system-release-2023.1.20230628-0.amzn2023.noarch 2/50
Upgrading : amazon-linux-repo-cdn-2023.1.20230628-0.amzn2023.no 3/50
Upgrading : ncurses-base-6.2-4.20200222.amzn2023.0.4.noarch 4/50
Upgrading : tzdata-2023c-1.amzn2023.0.1.noarch 5/50
Upgrading : glibc-common-2.34-52.amzn2023.0.3.x86_64 6/50
Running scriptlet: glibc-2.34-52.amzn2023.0.3.x86_64 7/50
Upgrading : glibc-2.34-52.amzn2023.0.3.x86_64 7/50
Running scriptlet: glibc-2.34-52.amzn2023.0.3.x86_64 7/50
Upgrading : glibc-minimal-langpack-2.34-52.amzn2023.0.3.x86_64 8/50
Upgrading : libcap-2.48-2.amzn2023.0.3.x86_64 9/50
Upgrading : gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 10/50
Upgrading : libgomp-11.3.1-4.amzn2023.0.3.x86_64 11/50
Running scriptlet: ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch 12/50
Upgrading : ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch 12/50
Running scriptlet: ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch 12/50
Upgrading : openssl-libs-1:3.0.8-1.amzn2023.0.3.x86_64 13/50
Upgrading : libcurl-minimal-8.0.1-1.amzn2023.x86_64 14/50
Upgrading : curl-minimal-8.0.1-1.amzn2023.x86_64 15/50
Upgrading : rpm-libs-4.16.1.3-12.amzn2023.0.6.x86_64 16/50
Upgrading : rpm-4.16.1.3-12.amzn2023.0.6.x86_64 17/50
Upgrading : rpm-build-libs-4.16.1.3-12.amzn2023.0.6.x86_64 18/50
Upgrading : rpm-sign-libs-4.16.1.3-12.amzn2023.0.6.x86_64 19/50
Upgrading : python3-rpm-4.16.1.3-12.amzn2023.0.6.x86_64 20/50
Upgrading : glib2-2.74.7-688.amzn2023.0.1.x86_64 21/50
Upgrading : libxml2-2.10.4-1.amzn2023.0.1.x86_64 22/50
Upgrading : libstdc++-11.3.1-4.amzn2023.0.3.x86_64 23/50
Upgrading : keyutils-libs-1.6.3-1.amzn2023.x86_64 24/50
Upgrading : ncurses-libs-6.2-4.20200222.amzn2023.0.4.x86_64 25/50
Cleanup : glib2-2.73.2-680.amzn2023.0.3.x86_64 26/50
Cleanup : libstdc++-11.3.1-4.amzn2023.0.2.x86_64 27/50
Cleanup : libxml2-2.10.3-2.amzn2023.0.1.x86_64 28/50
Cleanup : python3-rpm-4.16.1.3-12.amzn2023.0.5.x86_64 29/50
Cleanup : rpm-build-libs-4.16.1.3-12.amzn2023.0.5.x86_64 30/50
Cleanup : rpm-sign-libs-4.16.1.3-12.amzn2023.0.5.x86_64 31/50
Cleanup : rpm-libs-4.16.1.3-12.amzn2023.0.5.x86_64 32/50
Cleanup : libcap-2.48-2.amzn2023.0.2.x86_64 33/50
Cleanup : gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 34/50
Cleanup : ncurses-libs-6.2-4.20200222.amzn2023.0.3.x86_64 35/50
Cleanup : libgomp-11.3.1-4.amzn2023.0.2.x86_64 36/50
Cleanup : rpm-4.16.1.3-12.amzn2023.0.5.x86_64 37/50
Cleanup : curl-minimal-7.88.1-1.amzn2023.0.1.x86_64 38/50
Cleanup : libcurl-minimal-7.88.1-1.amzn2023.0.1.x86_64 39/50
Cleanup : openssl-libs-1:3.0.8-1.amzn2023.0.1.x86_64 40/50
Cleanup : keyutils-libs-1.6.1-2.amzn2023.0.2.x86_64 41/50
Cleanup : amazon-linux-repo-cdn-2023.0.20230315-1.amzn2023.no 42/50
Cleanup : system-release-2023.0.20230315-1.amzn2023.noarch 43/50
Cleanup : ca-certificates-2023.2.60-1.0.amzn2023.0.1.noarch 44/50
Cleanup : ncurses-base-6.2-4.20200222.amzn2023.0.3.noarch 45/50
Cleanup : glibc-minimal-langpack-2.34-52.amzn2023.0.2.x86_64 46/50
Cleanup : glibc-2.34-52.amzn2023.0.2.x86_64 47/50
Cleanup : glibc-common-2.34-52.amzn2023.0.2.x86_64 48/50
Cleanup : tzdata-2022g-1.amzn2023.0.1.noarch 49/50
Cleanup : libgcc-11.3.1-4.amzn2023.0.2.x86_64 50/50
Running scriptlet: libgcc-11.3.1-4.amzn2023.0.2.x86_64 50/50
Running scriptlet: ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch 50/50
Running scriptlet: rpm-4.16.1.3-12.amzn2023.0.6.x86_64 50/50
Running scriptlet: libgcc-11.3.1-4.amzn2023.0.2.x86_64 50/50
Verifying : libcurl-minimal-8.0.1-1.amzn2023.x86_64 1/50
Verifying : libcurl-minimal-7.88.1-1.amzn2023.0.1.x86_64 2/50
Verifying : libcap-2.48-2.amzn2023.0.3.x86_64 3/50
Verifying : libcap-2.48-2.amzn2023.0.2.x86_64 4/50
Verifying : glib2-2.74.7-688.amzn2023.0.1.x86_64 5/50
Verifying : glib2-2.73.2-680.amzn2023.0.3.x86_64 6/50
Verifying : python3-rpm-4.16.1.3-12.amzn2023.0.6.x86_64 7/50
Verifying : python3-rpm-4.16.1.3-12.amzn2023.0.5.x86_64 8/50
Verifying : glibc-minimal-langpack-2.34-52.amzn2023.0.3.x86_64 9/50
Verifying : glibc-minimal-langpack-2.34-52.amzn2023.0.2.x86_64 10/50
Verifying : rpm-libs-4.16.1.3-12.amzn2023.0.6.x86_64 11/50
Verifying : rpm-libs-4.16.1.3-12.amzn2023.0.5.x86_64 12/50
Verifying : rpm-build-libs-4.16.1.3-12.amzn2023.0.6.x86_64 13/50
Verifying : rpm-build-libs-4.16.1.3-12.amzn2023.0.5.x86_64 14/50
Verifying : glibc-2.34-52.amzn2023.0.3.x86_64 15/50
Verifying : glibc-2.34-52.amzn2023.0.2.x86_64 16/50
Verifying : libgcc-11.3.1-4.amzn2023.0.3.x86_64 17/50
Verifying : libgcc-11.3.1-4.amzn2023.0.2.x86_64 18/50
Verifying : glibc-common-2.34-52.amzn2023.0.3.x86_64 19/50
Verifying : glibc-common-2.34-52.amzn2023.0.2.x86_64 20/50
Verifying : rpm-sign-libs-4.16.1.3-12.amzn2023.0.6.x86_64 21/50
Verifying : rpm-sign-libs-4.16.1.3-12.amzn2023.0.5.x86_64 22/50
Verifying : openssl-libs-1:3.0.8-1.amzn2023.0.3.x86_64 23/50
Verifying : openssl-libs-1:3.0.8-1.amzn2023.0.1.x86_64 24/50
Verifying : gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64 25/50
Verifying : gnupg2-minimal-2.3.7-1.amzn2023.0.3.x86_64 26/50
Verifying : libxml2-2.10.4-1.amzn2023.0.1.x86_64 27/50
Verifying : libxml2-2.10.3-2.amzn2023.0.1.x86_64 28/50
Verifying : curl-minimal-8.0.1-1.amzn2023.x86_64 29/50
Verifying : curl-minimal-7.88.1-1.amzn2023.0.1.x86_64 30/50
Verifying : rpm-4.16.1.3-12.amzn2023.0.6.x86_64 31/50
Verifying : rpm-4.16.1.3-12.amzn2023.0.5.x86_64 32/50
Verifying : libstdc++-11.3.1-4.amzn2023.0.3.x86_64 33/50
Verifying : libstdc++-11.3.1-4.amzn2023.0.2.x86_64 34/50
Verifying : libgomp-11.3.1-4.amzn2023.0.3.x86_64 35/50
Verifying : libgomp-11.3.1-4.amzn2023.0.2.x86_64 36/50
Verifying : keyutils-libs-1.6.3-1.amzn2023.x86_64 37/50
Verifying : keyutils-libs-1.6.1-2.amzn2023.0.2.x86_64 38/50
Verifying : ncurses-libs-6.2-4.20200222.amzn2023.0.4.x86_64 39/50
Verifying : ncurses-libs-6.2-4.20200222.amzn2023.0.3.x86_64 40/50
Verifying : ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch 41/50
Verifying : ca-certificates-2023.2.60-1.0.amzn2023.0.1.noarch 42/50
Verifying : tzdata-2023c-1.amzn2023.0.1.noarch 43/50
Verifying : tzdata-2022g-1.amzn2023.0.1.noarch 44/50
Verifying : amazon-linux-repo-cdn-2023.1.20230628-0.amzn2023.no 45/50
Verifying : amazon-linux-repo-cdn-2023.0.20230315-1.amzn2023.no 46/50
Verifying : system-release-2023.1.20230628-0.amzn2023.noarch 47/50
Verifying : system-release-2023.0.20230315-1.amzn2023.noarch 48/50
Verifying : ncurses-base-6.2-4.20200222.amzn2023.0.4.noarch 49/50
Verifying : ncurses-base-6.2-4.20200222.amzn2023.0.3.noarch 50/50
Upgraded:
amazon-linux-repo-cdn-2023.1.20230628-0.amzn2023.noarch
ca-certificates-2023.2.60-1.0.amzn2023.0.2.noarch
curl-minimal-8.0.1-1.amzn2023.x86_64
glib2-2.74.7-688.amzn2023.0.1.x86_64
glibc-2.34-52.amzn2023.0.3.x86_64
glibc-common-2.34-52.amzn2023.0.3.x86_64
glibc-minimal-langpack-2.34-52.amzn2023.0.3.x86_64
gnupg2-minimal-2.3.7-1.amzn2023.0.4.x86_64
keyutils-libs-1.6.3-1.amzn2023.x86_64
libcap-2.48-2.amzn2023.0.3.x86_64
libcurl-minimal-8.0.1-1.amzn2023.x86_64
libgcc-11.3.1-4.amzn2023.0.3.x86_64
libgomp-11.3.1-4.amzn2023.0.3.x86_64
libstdc++-11.3.1-4.amzn2023.0.3.x86_64
libxml2-2.10.4-1.amzn2023.0.1.x86_64
ncurses-base-6.2-4.20200222.amzn2023.0.4.noarch
ncurses-libs-6.2-4.20200222.amzn2023.0.4.x86_64
openssl-libs-1:3.0.8-1.amzn2023.0.3.x86_64
python3-rpm-4.16.1.3-12.amzn2023.0.6.x86_64
rpm-4.16.1.3-12.amzn2023.0.6.x86_64
rpm-build-libs-4.16.1.3-12.amzn2023.0.6.x86_64
rpm-libs-4.16.1.3-12.amzn2023.0.6.x86_64
rpm-sign-libs-4.16.1.3-12.amzn2023.0.6.x86_64
system-release-2023.1.20230628-0.amzn2023.noarch
tzdata-2023c-1.amzn2023.0.1.noarch
Complete!
bash-5.2#
```
------
#### [ Updates in the latest version ]
在此範例中,如果我們啟動了 2023.4. `latest`版本的容器,我們將套用 AL2023 版本的可用更新。 AL2023 [20240319](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html) 撰寫時,`latest`版本為 [2023.5.20240708](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html),因此此範例中列出的更新將截至該版本。
**注意**
此範例使用 [2023.4.20240319](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html) 和 [2023.5.20240708 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html)版本,後者是*撰寫時的*最新版本。如需最新版本的詳細資訊,請參閱 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/)。
在此範例中,我們將從 [2023.4.20240319 ](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.4.20240319.html)版本的容器映像開始。
首先,我們從容器登錄檔擷取此容器映像。結尾`.1`的 表示特定版本的映像版本。雖然映像版本通常為零,但此範例會使用映像版本為 的版本。
```
$ docker pull public.ecr.aws/amazonlinux/amazonlinux:{{2023.4.20240319.1}}
2023.4.20240319.1: Pulling from amazonlinux/amazonlinux
6de065fda9a2: Pull complete
Digest: sha256:b4838c4cc9211d966b6ea158dacc9eda7433a16ba94436508c2d9f01f7658b4e
Status: Downloaded newer image for public.ecr.aws/amazonlinux/amazonlinux:2023.4.20240319.1
public.ecr.aws/amazonlinux/amazonlinux:2023.4.20240319.1
```
我們現在可以在容器內產生殼層,從中套用更新。
```
$ docker run -it public.ecr.aws/amazonlinux/amazonlinux:{{2023.4.20240319.1}}
bash-5.2#
```
`dnf upgrade` 命令現在用於套用`latest`發行版本中可用的更新,在*寫入時*為 [2023.5.20240708](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes-2023.5.20240708.html)。
**注意**
套用套件更新是一項特殊權限操作。雖然在容器中執行 時通常不需要提升權限,但如果在 Amazon EC2 執行個體等非容器化環境中執行 ,則需要以`root`使用者身分執行 `dnf upgrade`命令。這可以使用 `sudo`或 `su`命令來完成。
根據預設, `dnf` 會要求您確認是否要套用更新。在此範例中,我們將使用 `-y`旗標來略過此提示`dnf`。
```
$ dnf -y --releasever=latest update
Amazon Linux 2023 repository 75 MB/s | 25 MB 00:00
Last metadata expiration check: 0:00:04 ago on Mon Jul 22 18:00:10 2024.
Dependencies resolved.
=================================================================================
Package Arch Version Repository Size
=================================================================================
Upgrading:
amazon-linux-repo-cdn noarch 2023.5.20240708-1.amzn2023 amazonlinux 17 k
curl-minimal x86_64 8.5.0-1.amzn2023.0.4 amazonlinux 160 k
dnf noarch 4.14.0-1.amzn2023.0.5 amazonlinux 460 k
dnf-data noarch 4.14.0-1.amzn2023.0.5 amazonlinux 34 k
expat x86_64 2.5.0-1.amzn2023.0.4 amazonlinux 117 k
glibc x86_64 2.34-52.amzn2023.0.10 amazonlinux 1.9 M
glibc-common x86_64 2.34-52.amzn2023.0.10 amazonlinux 295 k
glibc-minimal-langpack x86_64 2.34-52.amzn2023.0.10 amazonlinux 23 k
krb5-libs x86_64 1.21-3.amzn2023.0.4 amazonlinux 758 k
libblkid x86_64 2.37.4-1.amzn2023.0.4 amazonlinux 105 k
libcurl-minimal x86_64 8.5.0-1.amzn2023.0.4 amazonlinux 275 k
libmount x86_64 2.37.4-1.amzn2023.0.4 amazonlinux 132 k
libnghttp2 x86_64 1.59.0-3.amzn2023.0.1 amazonlinux 79 k
libsmartcols x86_64 2.37.4-1.amzn2023.0.4 amazonlinux 62 k
libuuid x86_64 2.37.4-1.amzn2023.0.4 amazonlinux 26 k
openssl-libs x86_64 1:3.0.8-1.amzn2023.0.12 amazonlinux 2.2 M
python3 x86_64 3.9.16-1.amzn2023.0.8 amazonlinux 27 k
python3-dnf noarch 4.14.0-1.amzn2023.0.5 amazonlinux 409 k
python3-libs x86_64 3.9.16-1.amzn2023.0.8 amazonlinux 7.3 M
system-release noarch 2023.5.20240708-1.amzn2023 amazonlinux 28 k
yum noarch 4.14.0-1.amzn2023.0.5 amazonlinux 32 k
Transaction Summary
=================================================================================
Upgrade 21 Packages
Total download size: 14 M
Downloading Packages:
(1/21): amazon-linux-repo-cdn-2023.5.20240708-1. 345 kB/s | 17 kB 00:00
(2/21): dnf-4.14.0-1.amzn2023.0.5.noarch.rpm 6.8 MB/s | 460 kB 00:00
(3/21): dnf-data-4.14.0-1.amzn2023.0.5.noarch.rp 1.6 MB/s | 34 kB 00:00
(4/21): expat-2.5.0-1.amzn2023.0.4.x86_64.rpm 4.6 MB/s | 117 kB 00:00
(5/21): glibc-2.34-52.amzn2023.0.10.x86_64.rpm 38 MB/s | 1.9 MB 00:00
(6/21): glibc-common-2.34-52.amzn2023.0.10.x86_6 8.8 MB/s | 295 kB 00:00
(7/21): glibc-minimal-langpack-2.34-52.amzn2023. 1.7 MB/s | 23 kB 00:00
(8/21): curl-minimal-8.5.0-1.amzn2023.0.4.x86_64 998 kB/s | 160 kB 00:00
(9/21): libblkid-2.37.4-1.amzn2023.0.4.x86_64.rp 4.1 MB/s | 105 kB 00:00
(10/21): krb5-libs-1.21-3.amzn2023.0.4.x86_64.rp 16 MB/s | 758 kB 00:00
(11/21): libmount-2.37.4-1.amzn2023.0.4.x86_64.r 7.9 MB/s | 132 kB 00:00
(12/21): libnghttp2-1.59.0-3.amzn2023.0.1.x86_64 5.6 MB/s | 79 kB 00:00
(13/21): libsmartcols-2.37.4-1.amzn2023.0.4.x86_ 4.4 MB/s | 62 kB 00:00
(14/21): libcurl-minimal-8.5.0-1.amzn2023.0.4.x8 7.1 MB/s | 275 kB 00:00
(15/21): libuuid-2.37.4-1.amzn2023.0.4.x86_64.rp 1.1 MB/s | 26 kB 00:00
(16/21): python3-3.9.16-1.amzn2023.0.8.x86_64.rp 1.5 MB/s | 27 kB 00:00
(17/21): python3-dnf-4.14.0-1.amzn2023.0.5.noarc 19 MB/s | 409 kB 00:00
(18/21): system-release-2023.5.20240708-1.amzn20 1.9 MB/s | 28 kB 00:00
(19/21): yum-4.14.0-1.amzn2023.0.5.noarch.rpm 1.6 MB/s | 32 kB 00:00
(20/21): openssl-libs-3.0.8-1.amzn2023.0.12.x86_ 26 MB/s | 2.2 MB 00:00
(21/21): python3-libs-3.9.16-1.amzn2023.0.8.x86_ 59 MB/s | 7.3 MB 00:00
---------------------------------------------------------------------------------
Total 34 MB/s | 14 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Upgrading : glibc-common-2.34-52.amzn2023.0.10.x86_64 1/42
Upgrading : glibc-minimal-langpack-2.34-52.amzn2023.0.10.x86_64 2/42
Running scriptlet: glibc-2.34-52.amzn2023.0.10.x86_64 3/42
Upgrading : glibc-2.34-52.amzn2023.0.10.x86_64 3/42
Running scriptlet: glibc-2.34-52.amzn2023.0.10.x86_64 3/42
Upgrading : libuuid-2.37.4-1.amzn2023.0.4.x86_64 4/42
Upgrading : openssl-libs-1:3.0.8-1.amzn2023.0.12.x86_64 5/42
Upgrading : krb5-libs-1.21-3.amzn2023.0.4.x86_64 6/42
Upgrading : libblkid-2.37.4-1.amzn2023.0.4.x86_64 7/42
Running scriptlet: libblkid-2.37.4-1.amzn2023.0.4.x86_64 7/42
Upgrading : expat-2.5.0-1.amzn2023.0.4.x86_64 8/42
Upgrading : python3-3.9.16-1.amzn2023.0.8.x86_64 9/42
Upgrading : python3-libs-3.9.16-1.amzn2023.0.8.x86_64 10/42
Upgrading : libnghttp2-1.59.0-3.amzn2023.0.1.x86_64 11/42
Upgrading : libcurl-minimal-8.5.0-1.amzn2023.0.4.x86_64 12/42
Upgrading : system-release-2023.5.20240708-1.amzn2023.noarch 13/42
Upgrading : amazon-linux-repo-cdn-2023.5.20240708-1.amzn2023.no 14/42
Upgrading : dnf-data-4.14.0-1.amzn2023.0.5.noarch 15/42
Upgrading : python3-dnf-4.14.0-1.amzn2023.0.5.noarch 16/42
Upgrading : dnf-4.14.0-1.amzn2023.0.5.noarch 17/42
Running scriptlet: dnf-4.14.0-1.amzn2023.0.5.noarch 17/42
Upgrading : yum-4.14.0-1.amzn2023.0.5.noarch 18/42
Upgrading : curl-minimal-8.5.0-1.amzn2023.0.4.x86_64 19/42
Upgrading : libmount-2.37.4-1.amzn2023.0.4.x86_64 20/42
Upgrading : libsmartcols-2.37.4-1.amzn2023.0.4.x86_64 21/42
Cleanup : yum-4.14.0-1.amzn2023.0.4.noarch 22/42
Running scriptlet: dnf-4.14.0-1.amzn2023.0.4.noarch 23/42
Cleanup : dnf-4.14.0-1.amzn2023.0.4.noarch 23/42
Running scriptlet: dnf-4.14.0-1.amzn2023.0.4.noarch 23/42
Cleanup : python3-dnf-4.14.0-1.amzn2023.0.4.noarch 24/42
Cleanup : amazon-linux-repo-cdn-2023.4.20240319-1.amzn2023.no 25/42
Cleanup : libmount-2.37.4-1.amzn2023.0.3.x86_64 26/42
Cleanup : curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 27/42
Cleanup : libcurl-minimal-8.5.0-1.amzn2023.0.2.x86_64 28/42
Cleanup : krb5-libs-1.21-3.amzn2023.0.3.x86_64 29/42
Cleanup : libblkid-2.37.4-1.amzn2023.0.3.x86_64 30/42
Cleanup : libnghttp2-1.57.0-1.amzn2023.0.1.x86_64 31/42
Cleanup : libsmartcols-2.37.4-1.amzn2023.0.3.x86_64 32/42
Cleanup : system-release-2023.4.20240319-1.amzn2023.noarch 33/42
Cleanup : dnf-data-4.14.0-1.amzn2023.0.4.noarch 34/42
Cleanup : python3-3.9.16-1.amzn2023.0.6.x86_64 35/42
Cleanup : python3-libs-3.9.16-1.amzn2023.0.6.x86_64 36/42
Cleanup : openssl-libs-1:3.0.8-1.amzn2023.0.11.x86_64 37/42
Cleanup : libuuid-2.37.4-1.amzn2023.0.3.x86_64 38/42
Cleanup : expat-2.5.0-1.amzn2023.0.3.x86_64 39/42
Cleanup : glibc-2.34-52.amzn2023.0.8.x86_64 40/42
Cleanup : glibc-minimal-langpack-2.34-52.amzn2023.0.8.x86_64 41/42
Cleanup : glibc-common-2.34-52.amzn2023.0.8.x86_64 42/42
Running scriptlet: glibc-common-2.34-52.amzn2023.0.8.x86_64 42/42
Verifying : amazon-linux-repo-cdn-2023.5.20240708-1.amzn2023.no 1/42
Verifying : amazon-linux-repo-cdn-2023.4.20240319-1.amzn2023.no 2/42
Verifying : curl-minimal-8.5.0-1.amzn2023.0.4.x86_64 3/42
Verifying : curl-minimal-8.5.0-1.amzn2023.0.2.x86_64 4/42
Verifying : dnf-4.14.0-1.amzn2023.0.5.noarch 5/42
Verifying : dnf-4.14.0-1.amzn2023.0.4.noarch 6/42
Verifying : dnf-data-4.14.0-1.amzn2023.0.5.noarch 7/42
Verifying : dnf-data-4.14.0-1.amzn2023.0.4.noarch 8/42
Verifying : expat-2.5.0-1.amzn2023.0.4.x86_64 9/42
Verifying : expat-2.5.0-1.amzn2023.0.3.x86_64 10/42
Verifying : glibc-2.34-52.amzn2023.0.10.x86_64 11/42
Verifying : glibc-2.34-52.amzn2023.0.8.x86_64 12/42
Verifying : glibc-common-2.34-52.amzn2023.0.10.x86_64 13/42
Verifying : glibc-common-2.34-52.amzn2023.0.8.x86_64 14/42
Verifying : glibc-minimal-langpack-2.34-52.amzn2023.0.10.x86_64 15/42
Verifying : glibc-minimal-langpack-2.34-52.amzn2023.0.8.x86_64 16/42
Verifying : krb5-libs-1.21-3.amzn2023.0.4.x86_64 17/42
Verifying : krb5-libs-1.21-3.amzn2023.0.3.x86_64 18/42
Verifying : libblkid-2.37.4-1.amzn2023.0.4.x86_64 19/42
Verifying : libblkid-2.37.4-1.amzn2023.0.3.x86_64 20/42
Verifying : libcurl-minimal-8.5.0-1.amzn2023.0.4.x86_64 21/42
Verifying : libcurl-minimal-8.5.0-1.amzn2023.0.2.x86_64 22/42
Verifying : libmount-2.37.4-1.amzn2023.0.4.x86_64 23/42
Verifying : libmount-2.37.4-1.amzn2023.0.3.x86_64 24/42
Verifying : libnghttp2-1.59.0-3.amzn2023.0.1.x86_64 25/42
Verifying : libnghttp2-1.57.0-1.amzn2023.0.1.x86_64 26/42
Verifying : libsmartcols-2.37.4-1.amzn2023.0.4.x86_64 27/42
Verifying : libsmartcols-2.37.4-1.amzn2023.0.3.x86_64 28/42
Verifying : libuuid-2.37.4-1.amzn2023.0.4.x86_64 29/42
Verifying : libuuid-2.37.4-1.amzn2023.0.3.x86_64 30/42
Verifying : openssl-libs-1:3.0.8-1.amzn2023.0.12.x86_64 31/42
Verifying : openssl-libs-1:3.0.8-1.amzn2023.0.11.x86_64 32/42
Verifying : python3-3.9.16-1.amzn2023.0.8.x86_64 33/42
Verifying : python3-3.9.16-1.amzn2023.0.6.x86_64 34/42
Verifying : python3-dnf-4.14.0-1.amzn2023.0.5.noarch 35/42
Verifying : python3-dnf-4.14.0-1.amzn2023.0.4.noarch 36/42
Verifying : python3-libs-3.9.16-1.amzn2023.0.8.x86_64 37/42
Verifying : python3-libs-3.9.16-1.amzn2023.0.6.x86_64 38/42
Verifying : system-release-2023.5.20240708-1.amzn2023.noarch 39/42
Verifying : system-release-2023.4.20240319-1.amzn2023.noarch 40/42
Verifying : yum-4.14.0-1.amzn2023.0.5.noarch 41/42
Verifying : yum-4.14.0-1.amzn2023.0.4.noarch 42/42
Upgraded:
amazon-linux-repo-cdn-2023.5.20240708-1.amzn2023.noarch
curl-minimal-8.5.0-1.amzn2023.0.4.x86_64
dnf-4.14.0-1.amzn2023.0.5.noarch
dnf-data-4.14.0-1.amzn2023.0.5.noarch
expat-2.5.0-1.amzn2023.0.4.x86_64
glibc-2.34-52.amzn2023.0.10.x86_64
glibc-common-2.34-52.amzn2023.0.10.x86_64
glibc-minimal-langpack-2.34-52.amzn2023.0.10.x86_64
krb5-libs-1.21-3.amzn2023.0.4.x86_64
libblkid-2.37.4-1.amzn2023.0.4.x86_64
libcurl-minimal-8.5.0-1.amzn2023.0.4.x86_64
libmount-2.37.4-1.amzn2023.0.4.x86_64
libnghttp2-1.59.0-3.amzn2023.0.1.x86_64
libsmartcols-2.37.4-1.amzn2023.0.4.x86_64
libuuid-2.37.4-1.amzn2023.0.4.x86_64
openssl-libs-1:3.0.8-1.amzn2023.0.12.x86_64
python3-3.9.16-1.amzn2023.0.8.x86_64
python3-dnf-4.14.0-1.amzn2023.0.5.noarch
python3-libs-3.9.16-1.amzn2023.0.8.x86_64
system-release-2023.5.20240708-1.amzn2023.noarch
yum-4.14.0-1.amzn2023.0.5.noarch
Complete!
bash-5.2#
```
------
若要探索 AL2023 更新,請執行下列一或多個動作:
+ 執行 `dnf check-update` 命令。這會檢查您鎖定的 Amazon Linux 版本中是否有任何未套用的更新。如果您只更新`system-release`套件,這可能會顯示更新,移動執行個體鎖定的儲存庫版本,但不套用其中可用的任何更新。
+ 訂閱 Amazon Linux 儲存庫更新 SNS 主題 (`arn:aws:sns:us-east-1:137112412989:amazon-linux-2023-ami-updates`)。如需詳細資訊,請參閱《Amazon Simple Notification Service 開發人員指南》**中的[訂閱 Amazon SNS 主題](https://docs.aws.amazon.com/sns/latest/dg/sns-create-subscribe-endpoint-to-topic.html)。
+ 定期參閱 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html)。
+ 透過 探索新版本[使用 檢查較新的儲存庫版本 `dnf check-release-update`](#dnf-repository-updates)。
**重要**
包含安全性更新的 AL2023 新版本會經常發行。請務必隨時掌握相關的安全修補程式。
## 在 (安全性) 更新後自動重新啟動服務
Amazon Linux 現在隨附[智慧型重新啟動](https://github.com/amazonlinux/smart-restart)套件。每當使用系統套件管理員安裝或刪除套件時, 會在系統更新時`Smart-restart`重新啟動系統服務。只要執行 `dnf (update|upgrade|downgrade)` ,就會發生這種情況。
`Smart-restart` 使用來自 的 `needs-restarting`套件`dnf-utils`和自訂拒絕清單機制,來判斷需要重新啟動哪些服務,以及是否建議重新啟動系統。如果建議重新啟動系統,則會產生重新啟動提示標記檔案 (`/run/smart-restart/reboot-hint-marker`)。
**安裝 `smart-restart`**
執行下列DNF命令 (如同使用任何其他套件)。
```
$ sudo dnf install smart-restart
```
安裝之後,後續交易會觸發`smart-restart`邏輯。
**拒絕清單**
`Smart-restart` 可指示 封鎖特定服務重新啟動。封鎖的服務不會導致決定是否需要重新啟動。若要封鎖其他服務,請在 `-denylist`中新增尾碼為 的檔案`/etc/smart-restart-conf.d/`,如下列範例所示。
```
$ cat /etc/smart-restart-conf.d/custom-denylist
# Some comments
myservice.service
```
**注意**
在決定是否需要重新啟動時,會讀取和評估所有`*-denylist`檔案。
**自訂掛鉤**
除了拒絕清單之外, `smart-restart`還提供在嘗試重新啟動服務之前和之後執行自訂指令碼的機制。自訂指令碼可用來手動執行準備步驟,或通知其他元件剩餘或已完成的重新啟動。
執行 中`/etc/smart-restart-conf.d/`具有尾碼 `-pre-restart`或 的所有指令碼`-post-restart`。如果順序很重要,請在所有指令碼前面加上數字,以確保執行順序,如下列範例所示。
```
$ ls /etc/smart-restart-conf.d/*-pre-restart
001-my-script-pre-restart
002-some-other-script-pre-restart
```
## 何時需要重新啟動才能套用安全性更新?
在某些情況下,Amazon Linux 需要重新開機才能套用更新:
+ Linux 核心套件的更新需要重新開機,才能啟用具有最新安全性更新的新核心。核心即時修補可能允許您在有限的時間內延遲安全更新。如需詳細資訊,請參閱 [AL2023 上的核心即時修補](live-patching.md)。
+ 在 EC2 Metal 執行個體上,Amazon Linux 提供微碼更新 (透過 Intel CPUs`microcode_ctl`套件和 AMD CPU `amd-ucode-firmware`套件)。 CPUs.) 這些微碼更新只會在後續執行個體重新啟動時啟用。對於虛擬化 EC2 執行個體,基礎 [AWS Nitro 系統會](https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/security-design-of-aws-nitro-system.html)為您處理微碼更新。
+ 有些執行中的系統化服務只有在完全系統重新啟動後才能正常運作。`smart-restart` 機制會保留重新啟動提示,通知您這類情況。請參閱 [在 (安全性) 更新後自動重新啟動服務](#automatic-restart-services)。
## 啟動已啟用最新儲存庫版本的執行個體
您可以將 DNF 命令新增至使用者資料指令碼,以控制啟動 Amazon Linux AMI 時要安裝哪些 RPM 套件。在下列範例中,使用者資料指令碼是用來確認以使用者資料指令碼啟動的任何執行個體都已安裝相同的套件更新。
```
#!/bin/bash
dnf upgrade --releasever=2023.0.20230210
# Additional setup and install commands below
dnf install httpd php7.4 mysql80
```
您必須以超級使用者 (根使用者) 的身分執行此指令碼。若要進行這項動作,請執行以下命令。
```
$ sudo sh -c "bash {{nameofscript}}.sh"
```
如需詳細資訊,請參閱《*Amazon EC2 使用者指南*》中的[使用者資料和 shell 指令碼](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-shell-scripts)。
**注意**
不要使用使用者資料指令碼,而是啟動最新的 Amazon Linux AMI 或以 Amazon Linux AMI 為基礎的自訂 AMI。最新的 Amazon Linux AMI 已安裝所有必要的更新,並且設定為指向特定的儲存庫版本。
## 取得套件支援資訊
AL2023 包含許多不同的開放原始碼軟體專案。這些專案全都是獨立於 Amazon Linux 管理,並且有不同的發行和終止支援排程。為了向您提供有關這些不同套件的 Amazon Linux 特定資訊,DNF`supportinfo` 外掛程式會提供有關套件的中繼資料。在下列範例中,**dnf supportinfo** 命令會傳回 `glibc` 套件的中繼資料。
```
$ sudo dnf supportinfo --pkg glibc
Last metadata expiration check: 0:07:56 ago on Wed Mar 1 23:21:49 2023.
Name : glibc
Version : 2.34-52.amzn2023.0.2
State : installed
Support Status : supported
Support Periods : from 2023-03-15 : supported
: from 2028-03-15 : unsupported
Support Statement : Amazon Linux 2023 End Of Life
Link : https://aws.amazon.com/amazon-linux-ami/faqs/
Other Info : This is the support statement for AL2023. The
...: end of life of Amazon Linux 2023 would be March 2028.
...: From this point, the Amazon Linux 2023 packages (listed
...: below) will no longer, receive any updates from AWS.
```
套件支援資訊也可在 [AL2023 版本備註](https://docs.aws.amazon.com/linux/al2023/release-notes/)的[支援陳述](https://docs.aws.amazon.com/linux/al2023/release-notes/support-info-by-support-statement.html)式區段中取得。
## 使用 檢查較新的儲存庫版本 `dnf check-release-update`
在 AL2023 執行個體中,您可以使用 DNF 公用程式來管理儲存庫和套用更新的 RPM 套件。這些套件可在 Amazon Linux 儲存庫中取得。您可以使用 DNF 命令 `dnf check-release-update` 來檢查 DNF 儲存庫的新版本。
**注意**
根據預設,AL2023 容器映像不包含 `dnf check-release-update`命令。
```
$ dnf check-release-update
No such command: check-release-update. Please use /usr/bin/dnf --help
It could be a DNF plugin command, try: "dnf install 'dnf-command(check-release-update)'"
```
`dnf install 'dnf-command(check-release-update)'` 執行 時, `dnf`會安裝提供 `check-release-update`命令的 套件,也就是 `dnf-plugin-release-notification`套件。在下列範例中, 引`-q`數會提供給 `dnf` ,使其具有安靜的輸出。
```
$ dnf -y -q install 'dnf-command(check-release-update)'
Installed:
dnf-plugin-release-notification-1.2-1.amzn2023.0.2.noarch
```
在 Amazon EC2 執行個體等非容器化環境中,預設會包含 `check-release-update`命令。
```
$ sudo dnf check-release-update
WARNING:
A newer release of "Amazon Linux" is available.
Available Versions:
Version 2023.0.20230210:
Run the following command to update to 2023.0.20230210:
dnf upgrade --releasever=2023.0.20230210
Release notes:
https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html
```
這將傳回所有可用 DNF 儲存庫新版本的完整清單。如果沒有傳回任何內容,這代表 DNF 目前設定為使用最新的可用版本。目前安裝的 `system-release` 套件版本設定 `releasever` DNF 變數。若要檢查目前儲存庫版本,請執行以下命令。
```
$ rpm -q system-release --qf "%{VERSION}\n"
```
當您執行 DNF 套件交易 (例如安裝、更新或移除命令) 時,會出現警告訊息,通知您是否有任何新的儲存庫版本。例如,如果您在從舊版 AL2023 啟動的執行個體上安裝 `httpd` 套件,則會傳回下列輸出。
```
$ sudo dnf install httpd -y
Last metadata expiration check: 0:16:52 ago on Wed Mar 1 23:21:49 2023.
Dependencies resolved.
====================================================================
Package Arch Version Repository Size
====================================================================
Installing:
httpd x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 46 k
Installing dependencies:
apr x86_64 1.7.2-2.amzn2023.0.2 amazonlinux 129 k
apr-util x86_64 1.6.3-1.amzn2023.0.1 amazonlinux 98 k
generic-logos-httpd
noarch 18.0.0-12.amzn2023.0.3 amazonlinux 19 k
httpd-core x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 1.3 M
httpd-filesystem noarch 2.4.54-3.amzn2023.0.4 amazonlinux 13 k
httpd-tools x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 80 k
libbrotli x86_64 1.0.9-4.amzn2023.0.2 amazonlinux 315 k
mailcap noarch 2.1.49-3.amzn2023.0.3 amazonlinux 33 k
Installing weak dependencies:
apr-util-openssl x86_64 1.6.3-1.amzn2023.0.1 amazonlinux 17 k
mod_http2 x86_64 1.15.24-1.amzn2023.0.3 amazonlinux 152 k
mod_lua x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 60 k
Transaction Summary
====================================================================
Install 12 Packages
Total download size: 2.3 M
Installed size: 6.8 M
Downloading Packages:
(1/12): apr-util-openssl-1.6.3-1.am 212 kB/s | 17 kB 00:00
(2/12): apr-1.7.2-2.amzn2023.0.2.x8 1.1 MB/s | 129 kB 00:00
(3/12): httpd-core-2.4.54-3.amzn202 8.9 MB/s | 1.3 MB 00:00
(4/12): mod_http2-1.15.24-1.amzn202 1.9 MB/s | 152 kB 00:00
(5/12): apr-util-1.6.3-1.amzn2023.0 1.7 MB/s | 98 kB 00:00
(6/12): mod_lua-2.4.54-3.amzn2023.0 1.4 MB/s | 60 kB 00:00
(7/12): httpd-2.4.54-3.amzn2023.0.4 1.5 MB/s | 46 kB 00:00
(8/12): libbrotli-1.0.9-4.amzn2023. 4.4 MB/s | 315 kB 00:00
(9/12): mailcap-2.1.49-3.amzn2023.0 753 kB/s | 33 kB 00:00
(10/12): httpd-tools-2.4.54-3.amzn2 978 kB/s | 80 kB 00:00
(11/12): httpd-filesystem-2.4.54-3. 210 kB/s | 13 kB 00:00
(12/12): generic-logos-httpd-18.0.0 439 kB/s | 19 kB 00:00
--------------------------------------------------------------------
Total 6.6 MB/s | 2.3 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : apr-1.7.2-2.amzn2023.0.2.x86_64 1/12
Installing : apr-util-openssl-1.6.3-1.amzn2023.0.1. 2/12
Installing : apr-util-1.6.3-1.amzn2023.0.1.x86_64 3/12
Installing : mailcap-2.1.49-3.amzn2023.0.3.noarch 4/12
Installing : httpd-tools-2.4.54-3.amzn2023.0.4.x86_ 5/12
Installing : generic-logos-httpd-18.0.0-12.amzn2023 6/12
Running scriptlet: httpd-filesystem-2.4.54-3.amzn2023.0.4 7/12
Installing : httpd-filesystem-2.4.54-3.amzn2023.0.4 7/12
Installing : httpd-core-2.4.54-3.amzn2023.0.4.x86_6 8/12
Installing : mod_http2-1.15.24-1.amzn2023.0.3.x86_6 9/12
Installing : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 10/12
Installing : mod_lua-2.4.54-3.amzn2023.0.4.x86_64 11/12
Installing : httpd-2.4.54-3.amzn2023.0.4.x86_64 12/12
Running scriptlet: httpd-2.4.54-3.amzn2023.0.4.x86_64 12/12
Verifying : apr-1.7.2-2.amzn2023.0.2.x86_64 1/12
Verifying : apr-util-openssl-1.6.3-1.amzn2023.0.1. 2/12
Verifying : httpd-core-2.4.54-3.amzn2023.0.4.x86_6 3/12
Verifying : mod_http2-1.15.24-1.amzn2023.0.3.x86_6 4/12
Verifying : apr-util-1.6.3-1.amzn2023.0.1.x86_64 5/12
Verifying : mod_lua-2.4.54-3.amzn2023.0.4.x86_64 6/12
Verifying : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 7/12
Verifying : httpd-2.4.54-3.amzn2023.0.4.x86_64 8/12
Verifying : httpd-tools-2.4.54-3.amzn2023.0.4.x86_ 9/12
Verifying : mailcap-2.1.49-3.amzn2023.0.3.noarch 10/12
Verifying : httpd-filesystem-2.4.54-3.amzn2023.0.4 11/12
Verifying : generic-logos-httpd-18.0.0-12.amzn2023 12/12
Installed:
apr-1.7.2-2.amzn2023.0.2.x86_64
apr-util-1.6.3-1.amzn2023.0.1.x86_64
apr-util-openssl-1.6.3-1.amzn2023.0.1.x86_64
generic-logos-httpd-18.0.0-12.amzn2023.0.3.noarch
httpd-2.4.54-3.amzn2023.0.4.x86_64
httpd-core-2.4.54-3.amzn2023.0.4.x86_64
httpd-filesystem-2.4.54-3.amzn2023.0.4.noarch
httpd-tools-2.4.54-3.amzn2023.0.4.x86_64
libbrotli-1.0.9-4.amzn2023.0.2.x86_64
mailcap-2.1.49-3.amzn2023.0.3.noarch
mod_http2-1.15.24-1.amzn2023.0.3.x86_64
mod_lua-2.4.54-3.amzn2023.0.4.x86_64
Complete!
```
## 新增、啟用或停用新儲存庫
**警告**
僅新增旨在與 AL2023 搭配使用的儲存庫。
雖然專為其他 分佈設計的儲存庫可能目前有效,但無法保證他們會繼續使用 AL2023 中的任何套件更新,或並非設計用於 AL2023 的儲存庫。
若要從與預設 Amazon Linux 儲存庫不同的儲存庫安裝套件,您需要設定`DNF`套件管理系統,以了解儲存庫的位置
若要`dnf`告知套件儲存庫,請將儲存庫資訊新增至 `/etc/yum.repos.d/`目錄中該儲存庫的組態檔案。許多第三方儲存庫提供組態檔案內容或包含組態檔案的可安裝套件。
**注意**
雖然儲存庫可以直接在 `/etc/dnf/dnf.conf` 檔案中設定,但不建議這麼做。建議在 中以自己的檔案設定每個儲存庫`/etc/yum.repos.d/`。
**若要了解目前啟用的儲存庫,可以執行以下命令:**
```
$ dnf repolist all --verbose
Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, needs-restarting, playground, release-notification, repoclosure, repodiff, repograph, repomanage, reposync, supportinfo
DNF version: 4.12.0
cachedir: /var/cache/dnf
Last metadata expiration check: 0:00:02 ago on Wed Mar 1 23:40:15 2023.
Repo-id : amazonlinux
Repo-name : Amazon Linux 2023 repository
Repo-status : enabled
Repo-revision : 1677203368
Repo-updated : Fri Feb 24 01:49:28 2023
Repo-pkgs : 12632
Repo-available-pkgs: 12632
Repo-size : 12 G
Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/x86_64/mirror.list
Repo-baseurl : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/guids/cf9296325a6c46ff40c775a8e2d632c4c3fd9d9164014ce3304715d61b90ca8e/x86_64/
: (0 more)
Repo-expire : 172800 second(s) (last: Wed Mar 1 23:40:15
: 2023)
Repo-filename : /etc/yum.repos.d/amazonlinux.repo
Repo-id : amazonlinux-debuginfo
Repo-name : Amazon Linux 2023 repository - Debug
Repo-status : disabled
Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/debuginfo/x86_64/mirror.list
Repo-expire : 21600 second(s) (last: unknown)
Repo-filename : /etc/yum.repos.d/amazonlinux.repo
Repo-id : amazonlinux-source
Repo-name : Amazon Linux 2023 repository - Source packages
Repo-status : disabled
Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/SRPMS/mirror.list
Repo-expire : 21600 second(s) (last: unknown)
Repo-filename : /etc/yum.repos.d/amazonlinux.repo
Repo-id : kernel-livepatch
Repo-name : Amazon Linux 2023 Kernel Livepatch repository
Repo-status : disabled
Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/kernel-livepatch/mirrors/al2023/x86_64/mirror.list
Repo-expire : 172800 second(s) (last: unknown)
Repo-filename : /etc/yum.repos.d/kernel-livepatch.repo
Repo-id : kernel-livepatch-source
Repo-name : Amazon Linux 2023 Kernel Livepatch repository -
: Source packages
Repo-status : disabled
Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/kernel-livepatch/mirrors/al2023/SRPMS/mirror.list
Repo-expire : 21600 second(s) (last: unknown)
Repo-filename : /etc/yum.repos.d/kernel-livepatch.repo
Total packages: 12632
```
**注意**
如果您未新增 `--verbose` 選項旗標,輸出只會包含 `Repo-id`、`Repo-name` 和 `Repo-status` 資訊。
**若要將 `yum` 儲存庫新增至 `/etc/yum.repos.d` 目錄:**
1. 尋找 `.repo` 檔案的位置。在此範例中,`.repo` 檔案位於 `{{https://www.example.com/repository.repo}}`。
1. 使用 `dnf config-manager` 命令新增儲存庫。
```
$ sudo dnf config-manager --add-repo {{https://www.example.com/repository.repo}}
Loaded plugins: priorities, update-motd, upgrade-helper
adding repo from: {{https://www.example.com/repository.repo}}
grabbing file {{https://www.example.com/repository.repo}} to /etc/yum.repos.d/{{repository.repo}}
{{repository.repo}} | 4.0 kB 00:00
repo saved to /etc/yum.repos.d/{{repository.repo}}
```
在您安裝儲存庫後,您必須啟用它,如下一個程序中所說明。
****若要在 `/etc/yum.repos.d` 中啟用 `yum` 儲存庫,請使用有 `--enable` 旗標和{{儲存庫}}名稱的 `dnf config-manager` 命令。
```
$ sudo dnf config-manager --enable {{repository}}
```
**注意**
若要停用儲存庫,請使用相同的命令語法,但在命令中以 `--disable` 取代 `--enable`。
## 使用 cloud-init 新增儲存庫
除了使用上一個方法新增儲存庫外,您還可以使用 `cloud-init` 架構來新增儲存庫。
若要新增套件儲存庫,建議您使用下列範本。請考慮在本機儲存此檔案。
```
#cloud-config
yum_repos:
repository.repo:
baseurl: https://www.example.com/
enabled: true
gpgcheck: true
gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EXAMPLE
name: Example Repository
```
**注意**
使用 `cloud-init` 的其中一個優點是您可以在設定檔案中加入 `packages:` 部分。在本節中,您可以加入要安裝的套件名稱。您可以從預設儲存庫或在 `cloud-config` 檔案中新增的新儲存庫安裝套件。
如需 YAML 檔案結構的詳細資訊,請參閱 *`cloud-init`文件*中的[新增 YUM 儲存庫](https://cloudinit.readthedocs.io/en/22.2.2/topics/examples.html#adding-a-yum-repository)。
設定 YAML 格式檔案後,您可以在 `cloud-init` 的 AWS CLI架構中執行。務必加入 `--userdata` 選項和 `.yml` 檔案的名稱,以呼叫所需的操作。
```
$ aws ec2 run-instances \
--image-id \
resolve:ssm:/aws/service/ami-amazon-linux-latest/{{al2023-ami-kernel-default-x86_64}} \
--instance-type {{m5.xlarge}} \
--region {{us-east-1}} \
--key-name {{aws-key-us-east-1}} \
--security-group-ids {{sg-004a7650}} \
--user-data file://{{cloud-config.yml}}
```