Manage package and operating system updates in AL2023
Unlike previous versions of Amazon Linux, AL2023 AMIs are locked to a specific version of the Amazon Linux repository. To apply both security and bug fixes to an AL2023 instance, update the DNF configuration. Alternatively, launch a newer AL2023 instance.
This section describes how to manage DNF
packages and repositories on a running instance. It also describes how to configure DNF from a user
data script to enable the latest available Amazon Linux repository at launch time. For more information, see DNF Command Reference
Topics
- Checking for available package updates
- Applying security updates using DNF and repository versions
- Automatic service restart after (security) updates
- Launching an instance with the latest repository version enabled
- Getting package support information
- Checking for newer repository versions
- Adding, enabling, or disabling new repositories
- Adding repositories with cloud-init
Checking for available package updates
You can use the dnf check-update command to check for any updates for your system. For AL2023, we
recommend that you add the --releasever= option to the
command.version-number
When you add this option, DNF also checks for updates for a later version of
the repository. For example, after you run the dnf check-update command, use the
latest returned version as the value for the
version-number
If the instance is updated to use the latest version of the repository, the output includes a list of all the packages to be updated.
Note
If you don't specify the release version with the optional flag to the dnf check-update command,
only the currently configured repository version is checked. This means that packages in the later version of the
repository aren't checked.
$sudo dnf check-update --releasever=2023.0.20230210Last metadata expiration check: 0:06:13 ago on Mon 13 Feb 2023 10:39:32 PM UTC. bind-libs.x86_64 32:9.16.27-1.amzn2023 amazonlinux bind-license.noarch 32:9.16.27-1.amzn2023 amazonlinux bind-utils.x86_64 32:9.16.27-1.amzn2023 amazonlinux cloud-init.noarch 22.2.2-1.amzn2023.1.4 amazonlinux dnf.noarch 4.12.0-2.amzn2023.0.1 amazonlinux dnf-data.noarch 4.12.0-2.amzn2023.0.1 amazonlinux dracut.x86_64 055-6.amzn2023.0.4 amazonlinux dracut-config-generic.x86_64 055-6.amzn2023.0.4 amazonlinux glib2.x86_64 2.73.2-678.amzn2023 amazonlinux gmp.x86_64 1:6.2.1-2.amzn2023 amazonlinux grep.x86_64 3.8-1.amzn2023.0.1 amazonlinux kpatch-runtime.noarch 0.9.4-7.amzn2023 amazonlinux libgcc.x86_64 11.3.1-2.amzn2023.0.6 amazonlinux libgomp.x86_64 11.3.1-2.amzn2023.0.6 amazonlinux libpkgconf.x86_64 1.7.3-7.amzn2023.0.1 amazonlinux libstdc++.x86_64 11.3.1-2.amzn2023.0.6 amazonlinux lz4-libs.x86_64 1.9.4-1.amzn2023 amazonlinux pkgconf.x86_64 1.7.3-7.amzn2023.0.1 amazonlinux pkgconf-m4.noarch 1.7.3-7.amzn2023.0.1 amazonlinux pkgconf-pkg-config.x86_64 1.7.3-7.amzn2023.0.1 amazonlinux python3-dnf.noarch 4.12.0-2.amzn2023.0.1 amazonlinux python3-rpm.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm-build-libs.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm-libs.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm-plugin-selinux.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm-plugin-systemd-inhibit.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux rpm-sign-libs.x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux slang.x86_64 2.3.2-9.amzn2023.0.1 amazonlinux system-release.noarch 2023.0.20230210-0.amzn2023 amazonlinux systemd.x86_64 250.8-1.amzn2023.0.1 amazonlinux systemd-libs.x86_64 250.8-1.amzn2023.0.1 amazonlinux systemd-networkd.x86_64 250.8-1.amzn2023.0.1 amazonlinux systemd-pam.x86_64 250.8-1.amzn2023.0.1 amazonlinux systemd-resolved.x86_64 250.8-1.amzn2023.0.1 amazonlinux systemd-udev.x86_64 250.8-1.amzn2023.0.1 amazonlinux vim-common.x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux vim-data.noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux vim-enhanced.x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux vim-filesystem.noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux vim-minimal.x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux wget.x86_64 1.21.3-1.amzn2023 amazonlinux yum.noarch 4.12.0-2.amzn2023.0.1 amazonlinux
For this command, if there are newer packages available, the return code is 100. If there aren't any newer packages available, the return code is 0. In addition, the output also lists all the packages to update.
Applying security updates using DNF and repository versions
New package updates and security updates are made available to new repository versions only. For instances that
you launched from earlier AL2023 AMI versions, you must update the repository version before you can install security
updates. The dnf check-release-update command includes an example update command that updates all the
packages that are installed on the system to versions in a newer repository.
$sudo dnf update --releasever=2023.0.20230210Last metadata expiration check: 0:01:40 ago on Mon 13 Feb 2023 10:39:32 PM UTC. Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Upgrading: bind-libs x86_64 32:9.16.27-1.amzn2023 amazonlinux 1.2 M bind-license noarch 32:9.16.27-1.amzn2023 amazonlinux 16 k bind-utils x86_64 32:9.16.27-1.amzn2023 amazonlinux 202 k cloud-init noarch 22.2.2-1.amzn2023.1.4 amazonlinux 1.1 M dnf noarch 4.12.0-2.amzn2023.0.1 amazonlinux 454 k dnf-data noarch 4.12.0-2.amzn2023.0.1 amazonlinux 42 k dracut x86_64 055-6.amzn2023.0.4 amazonlinux 345 k dracut-config-generic x86_64 055-6.amzn2023.0.4 amazonlinux 8.5 k glib2 x86_64 2.73.2-678.amzn2023 amazonlinux 2.7 M gmp x86_64 1:6.2.1-2.amzn2023 amazonlinux 324 k grep x86_64 3.8-1.amzn2023.0.1 amazonlinux 316 k kpatch-runtime noarch 0.9.4-7.amzn2023 amazonlinux 30 k libgcc x86_64 11.3.1-2.amzn2023.0.6 amazonlinux 121 k libgomp x86_64 11.3.1-2.amzn2023.0.6 amazonlinux 296 k libpkgconf x86_64 1.7.3-7.amzn2023.0.1 amazonlinux 37 k libstdc++ x86_64 11.3.1-2.amzn2023.0.6 amazonlinux 758 k lz4-libs x86_64 1.9.4-1.amzn2023 amazonlinux 81 k pkgconf x86_64 1.7.3-7.amzn2023.0.1 amazonlinux 41 k pkgconf-m4 noarch 1.7.3-7.amzn2023.0.1 amazonlinux 15 k pkgconf-pkg-config x86_64 1.7.3-7.amzn2023.0.1 amazonlinux 11 k python3-dnf noarch 4.12.0-2.amzn2023.0.1 amazonlinux 415 k python3-rpm x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 89 k rpm x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 487 k rpm-build-libs x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 92 k rpm-libs x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 311 k rpm-plugin-selinux x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 18 k rpm-plugin-systemd-inhibit x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 19 k rpm-sign-libs x86_64 4.16.1.3-12.amzn2023.0.2 amazonlinux 22 k slang x86_64 2.3.2-9.amzn2023.0.1 amazonlinux 410 k system-release noarch 2023.0.20230210-0.amzn2023 amazonlinux 25 k systemd x86_64 250.8-1.amzn2023.0.1 amazonlinux 4.2 M systemd-libs x86_64 250.8-1.amzn2023.0.1 amazonlinux 615 k systemd-networkd x86_64 250.8-1.amzn2023.0.1 amazonlinux 614 k systemd-pam x86_64 250.8-1.amzn2023.0.1 amazonlinux 335 k systemd-resolved x86_64 250.8-1.amzn2023.0.1 amazonlinux 277 k systemd-udev x86_64 250.8-1.amzn2023.0.1 amazonlinux 1.9 M vim-common x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 7.2 M vim-data noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux 27 k vim-enhanced x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 1.8 M vim-filesystem noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux 21 k vim-minimal x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 764 k wget x86_64 1.21.3-1.amzn2023 amazonlinux 813 k yum noarch 4.12.0-2.amzn2023.0.1 amazonlinux 39 k Transaction Summary ================================================================================ Upgrade 43 Packages ...
You can add the --security option to update the packages with security features only.
$sudo dnf update --releasever=2023.0.20230210 --securityAmazon Linux 2023 repository 18 MB/s | 11 MB 00:00 Last metadata expiration check: 0:00:02 ago on Mon 13 Feb 2023 10:39:32 PM UTC. Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Upgrading: bind-libs x86_64 32:9.16.27-1.amzn2023 amazonlinux 1.2 M bind-license noarch 32:9.16.27-1.amzn2023 amazonlinux 16 k bind-utils x86_64 32:9.16.27-1.amzn2023 amazonlinux 202 k gmp x86_64 1:6.2.1-2.amzn2023 amazonlinux 324 k lz4-libs x86_64 1.9.4-1.amzn2023 amazonlinux 81 k vim-common x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 7.2 M vim-data noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux 27 k vim-enhanced x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 1.8 M vim-filesystem noarch 2:9.0.327-1.amzn2023.0.1 amazonlinux 21 k vim-minimal x86_64 2:9.0.327-1.amzn2023.0.1 amazonlinux 764 k wget x86_64 1.21.3-1.amzn2023 amazonlinux 813 k Transaction Summary ================================================================================ Upgrade 11 Packages ...
To discover AL2023 package versions, do one or more of the following:
-
Run the
dnf check-updatecommand. -
Subscribe to the Amazon Linux repository update SNS topic (
arn:aws:sns:us-east-1:137112412989:amazon-linux-2023-ami-updates). For more information, see Subscribing to an Amazon SNS topic in the Amazon Simple Notification Service Developer Guide. -
Regularly refer to the AL2023 release notes.
Important
When you apply security updates to a running instance, ensure that DNF is pointing at the latest repository version.
Automatic service restart after (security) updates
Amazon Linux now ships with the smart-restartSmart-restart restarts systemd services on
system updates whenever a package is installed or deleted using the systems package manager. This occurs whenever
dnf (update|upgrade|downgrade) is executed.
Smart-restart uses the needs-restarting
package from dnf-utils and a custom denylisting mechanism to determine which services need to be restarted
and whether a system reboot is advised.
If a system reboot is advised, a reboot hint marker file is generated (/run/smart-restart/reboot-hint-marker).
To install smart-restart
Run the following DNF command (as you would with any other package).
$sudo dnf install smart-restart
After the installation, the subsequent transactions will trigger the smart-restart logic.
Denylist
Smart-restart can be instructed to block certain services from being restarted. The blocked services won't contribute to the decision
of whether a reboot is required. To block additional services, add a file with the suffix -denylist in /etc/smart-restart-conf.d/ as shown in the following example.
$cat /etc/smart-restart-conf.d/custom-denylist# Some comments myservice.service
Note
All *-denylist files are read and evaluated when making the decision of whether a reboot is required.
Custom hooks
In addition to denylisting, smart-restart provides a mechanism to run custom scripts before and after the attempts to restart the service.
The custom scripts can be used to manually perform preparation steps or to inform other components of a remaining or completed restart.
All scripts in /etc/smart-restart-conf.d/ with the suffix -pre-restart or -post-restartare executed. If the order is important, prefix all of the scripts with
a number to ensure the execution order as shown in the following example.
$ls /etc/smart-restart-conf.d/*-pre-restart001-my-script-pre-restart 002-some-other-script-pre-restart
Launching an instance with the latest repository version enabled
You can add DNF commands to a user-data script to control what RPM packages are installed on an Amazon Linux AMI when it's launched. In the following example, a user-data script is used to make sure that any instance launched with the user-data script has the same package updates installed.
#!/bin/bash dnf update --releasever=2023.0.20230210 # Additional setup and install commands below dnf install httpd php7.4 mysql80
You must run this script as superuser (root). To do this, run the following command.
$sudo sh -c "bashnameofscript.sh"
For more information, see User data and shell scripts in the Amazon EC2 User Guide.
Note
Instead of using a user-data script, launch the latest Amazon Linux AMI or a custom AMI that's based on the Amazon Linux AMI. The latest Amazon Linux AMI has all the necessary updates installed and is configured to point at a particular repository version.
Getting package support information
AL2023 incorporates many different open-source software projects. Each of these projects is managed
independently from Amazon Linux and have different release and end-of-support schedules. To provide you with Amazon Linux specific
information about these different packages, the DNF
supportinfo plugin provides metadata about a package. In the following example, the dnf
supportinfo command returns metadata for the glibc package.
$sudo dnf supportinfo --pkgglibcLast metadata expiration check: 0:07:56 ago on Wed Mar 1 23:21:49 2023. Name : glibc Version : 2.34-52.amzn2023.0.2 State : installed Support Status : supported Support Periods : from 2023-03-15 : supported : from 2028-03-15 : unsupported Support Statement : Amazon Linux 2023 End Of Life Link : https://aws.amazon.com/amazon-linux-ami/faqs/ Other Info : This is the support statement for AL2023. The ...: end of life of Amazon Linux 2023 would be March 2028. ...: From this point, the Amazon Linux 2023 packages (listed ...: below) will no longer, receive any updates from AWS.
Checking for newer repository versions
In an AL2023 instance, you can use the DNF utility to manage repositories and apply updated
RPM packages. These packages are available in the Amazon Linux repositories. You can use the
DNF command dnf check-release-update to check for new versions of the DNF
repository.
$sudo dnf check-release-updateWARNING: A newer release of "Amazon Linux" is available. Available Versions: Version 2023.0.20230210: Run the following command to update to 2023.0.20230210: dnf update --releasever=2023.0.20230210 Release notes: https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html
This returns a full list of all the newer versions of the DNF repositories that are available. If
nothing's returned, this means that DNF is currently configured to use the latest available version.
The version of the currently installed system-release package sets the releasever
DNF variable. To check the current repository version, run the following command.
$rpm -q system-release --qf "%{VERSION}\n"
When you run DNF package transactions (such as install, update, or remove commands), a warning
message notifies you of any new repository versions. For example, if you install the httpd package on an
instance that was launched from an older version of AL2023, the following output is returned.
$sudo dnf install httpd -yLast metadata expiration check: 0:16:52 ago on Wed Mar 1 23:21:49 2023. Dependencies resolved. ==================================================================== Package Arch Version Repository Size ==================================================================== Installing: httpd x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 46 k Installing dependencies: apr x86_64 1.7.2-2.amzn2023.0.2 amazonlinux 129 k apr-util x86_64 1.6.3-1.amzn2023.0.1 amazonlinux 98 k generic-logos-httpd noarch 18.0.0-12.amzn2023.0.3 amazonlinux 19 k httpd-core x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 1.3 M httpd-filesystem noarch 2.4.54-3.amzn2023.0.4 amazonlinux 13 k httpd-tools x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 80 k libbrotli x86_64 1.0.9-4.amzn2023.0.2 amazonlinux 315 k mailcap noarch 2.1.49-3.amzn2023.0.3 amazonlinux 33 k Installing weak dependencies: apr-util-openssl x86_64 1.6.3-1.amzn2023.0.1 amazonlinux 17 k mod_http2 x86_64 1.15.24-1.amzn2023.0.3 amazonlinux 152 k mod_lua x86_64 2.4.54-3.amzn2023.0.4 amazonlinux 60 k Transaction Summary ==================================================================== Install 12 Packages Total download size: 2.3 M Installed size: 6.8 M Downloading Packages: (1/12): apr-util-openssl-1.6.3-1.am 212 kB/s | 17 kB 00:00 (2/12): apr-1.7.2-2.amzn2023.0.2.x8 1.1 MB/s | 129 kB 00:00 (3/12): httpd-core-2.4.54-3.amzn202 8.9 MB/s | 1.3 MB 00:00 (4/12): mod_http2-1.15.24-1.amzn202 1.9 MB/s | 152 kB 00:00 (5/12): apr-util-1.6.3-1.amzn2023.0 1.7 MB/s | 98 kB 00:00 (6/12): mod_lua-2.4.54-3.amzn2023.0 1.4 MB/s | 60 kB 00:00 (7/12): httpd-2.4.54-3.amzn2023.0.4 1.5 MB/s | 46 kB 00:00 (8/12): libbrotli-1.0.9-4.amzn2023. 4.4 MB/s | 315 kB 00:00 (9/12): mailcap-2.1.49-3.amzn2023.0 753 kB/s | 33 kB 00:00 (10/12): httpd-tools-2.4.54-3.amzn2 978 kB/s | 80 kB 00:00 (11/12): httpd-filesystem-2.4.54-3. 210 kB/s | 13 kB 00:00 (12/12): generic-logos-httpd-18.0.0 439 kB/s | 19 kB 00:00 -------------------------------------------------------------------- Total 6.6 MB/s | 2.3 MB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : apr-1.7.2-2.amzn2023.0.2.x86_64 1/12 Installing : apr-util-openssl-1.6.3-1.amzn2023.0.1. 2/12 Installing : apr-util-1.6.3-1.amzn2023.0.1.x86_64 3/12 Installing : mailcap-2.1.49-3.amzn2023.0.3.noarch 4/12 Installing : httpd-tools-2.4.54-3.amzn2023.0.4.x86_ 5/12 Installing : generic-logos-httpd-18.0.0-12.amzn2023 6/12 Running scriptlet: httpd-filesystem-2.4.54-3.amzn2023.0.4 7/12 Installing : httpd-filesystem-2.4.54-3.amzn2023.0.4 7/12 Installing : httpd-core-2.4.54-3.amzn2023.0.4.x86_6 8/12 Installing : mod_http2-1.15.24-1.amzn2023.0.3.x86_6 9/12 Installing : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 10/12 Installing : mod_lua-2.4.54-3.amzn2023.0.4.x86_64 11/12 Installing : httpd-2.4.54-3.amzn2023.0.4.x86_64 12/12 Running scriptlet: httpd-2.4.54-3.amzn2023.0.4.x86_64 12/12 Verifying : apr-1.7.2-2.amzn2023.0.2.x86_64 1/12 Verifying : apr-util-openssl-1.6.3-1.amzn2023.0.1. 2/12 Verifying : httpd-core-2.4.54-3.amzn2023.0.4.x86_6 3/12 Verifying : mod_http2-1.15.24-1.amzn2023.0.3.x86_6 4/12 Verifying : apr-util-1.6.3-1.amzn2023.0.1.x86_64 5/12 Verifying : mod_lua-2.4.54-3.amzn2023.0.4.x86_64 6/12 Verifying : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 7/12 Verifying : httpd-2.4.54-3.amzn2023.0.4.x86_64 8/12 Verifying : httpd-tools-2.4.54-3.amzn2023.0.4.x86_ 9/12 Verifying : mailcap-2.1.49-3.amzn2023.0.3.noarch 10/12 Verifying : httpd-filesystem-2.4.54-3.amzn2023.0.4 11/12 Verifying : generic-logos-httpd-18.0.0-12.amzn2023 12/12 Installed: apr-1.7.2-2.amzn2023.0.2.x86_64 apr-util-1.6.3-1.amzn2023.0.1.x86_64 apr-util-openssl-1.6.3-1.amzn2023.0.1.x86_64 generic-logos-httpd-18.0.0-12.amzn2023.0.3.noarch httpd-2.4.54-3.amzn2023.0.4.x86_64 httpd-core-2.4.54-3.amzn2023.0.4.x86_64 httpd-filesystem-2.4.54-3.amzn2023.0.4.noarch httpd-tools-2.4.54-3.amzn2023.0.4.x86_64 libbrotli-1.0.9-4.amzn2023.0.2.x86_64 mailcap-2.1.49-3.amzn2023.0.3.noarch mod_http2-1.15.24-1.amzn2023.0.3.x86_64 mod_lua-2.4.54-3.amzn2023.0.4.x86_64 Complete!
Adding, enabling, or disabling new repositories
To install a package from a different repository with the DNF package management system, add the
repository information to the /etc/dnf/dnf.conf file or to its own
repository.repo/etc/yum.repos.d directory. You
can do this manually. However, most DNF repositories provide their own
repository.repo
Note
At this time, there are no additional repositories that can be added to AL2023. This might change in the future. Also, you can write your own packages, and make those packages available to your AL2023 enterprise environment. Before you can use the packages, you must add and enable the repository where the packages are stored.
To find out what repositories are currently enabled, you can run the following command:
$dnf repolist all --verboseLoaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, needs-restarting, playground, release-notification, repoclosure, repodiff, repograph, repomanage, reposync, supportinfo DNF version: 4.12.0 cachedir: /var/cache/dnf Last metadata expiration check: 0:00:02 ago on Wed Mar 1 23:40:15 2023. Repo-id : amazonlinux Repo-name : Amazon Linux 2023 repository Repo-status : enabled Repo-revision : 1677203368 Repo-updated : Fri Feb 24 01:49:28 2023 Repo-pkgs : 12632 Repo-available-pkgs: 12632 Repo-size : 12 G Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/x86_64/mirror.list Repo-baseurl : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/guids/cf9296325a6c46ff40c775a8e2d632c4c3fd9d9164014ce3304715d61b90ca8e/x86_64/ : (0 more) Repo-expire : 172800 second(s) (last: Wed Mar 1 23:40:15 : 2023) Repo-filename : /etc/yum.repos.d/amazonlinux.repo Repo-id : amazonlinux-debuginfo Repo-name : Amazon Linux 2023 repository - Debug Repo-status : disabled Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/debuginfo/x86_64/mirror.list Repo-expire : 21600 second(s) (last: unknown) Repo-filename : /etc/yum.repos.d/amazonlinux.repo Repo-id : amazonlinux-source Repo-name : Amazon Linux 2023 repository - Source packages Repo-status : disabled Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/core/mirrors/2023.0.20230222/SRPMS/mirror.list Repo-expire : 21600 second(s) (last: unknown) Repo-filename : /etc/yum.repos.d/amazonlinux.repo Repo-id : kernel-livepatch Repo-name : Amazon Linux 2023 Kernel Livepatch repository Repo-status : disabled Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/kernel-livepatch/mirrors/al2023/x86_64/mirror.list Repo-expire : 172800 second(s) (last: unknown) Repo-filename : /etc/yum.repos.d/kernel-livepatch.repo Repo-id : kernel-livepatch-source Repo-name : Amazon Linux 2023 Kernel Livepatch repository - : Source packages Repo-status : disabled Repo-mirrors : https://al2023-repos-us-west-2-de612dc2.s3.dualstack.us-west-2.amazonaws.com/kernel-livepatch/mirrors/al2023/SRPMS/mirror.list Repo-expire : 21600 second(s) (last: unknown) Repo-filename : /etc/yum.repos.d/kernel-livepatch.repo Total packages: 12632
Note
If you don't add the --verbose option flag, the output only includes the Repo-id,
Repo-name, and Repo-status information.
To add a yum repository to /etc/yum.repos.d
directory:
-
Find the location of the
.repofile. In this example, the.repofile is athttps://www.example.com/repository.repo -
Add the repository with the
dnf config-managercommand.
$sudo dnf config-manager --add-repohttps://www.example.com/repository.repoLoaded plugins: priorities, update-motd, upgrade-helper adding repo from:https://www.example.com/repository.repograbbing filehttps://www.example.com/repository.repoto /etc/yum.repos.d/repository.reporepository.repo| 4.0 kB 00:00 repo saved to /etc/yum.repos.d/repository.repo
After you install a repository, you must enable it as described in the next procedure.
To enable a yum repository in /etc/yum.repos.d, use the
dnf config-manager command with the --enable flag and
repository name.
$sudo dnf config-manager --enablerepository
Note
To disable a repository, use the same command syntax, but replace --enable with
--disable in the command.
Adding repositories with cloud-init
In addition to adding a repository using the previous method, you can also add a new repository using the
cloud-init framework.
To add a new package repository, we recommend the use of the following template. Consider saving this file locally.
#cloud-config yum_repos: repository.repo: baseurl: https://www.example.com/ enabled: true gpgcheck: true gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EXAMPLE name: Example Repository
Note
One advantage to using cloud-init is that you can add a packages: section to your
configuration file. In this section, you can include the names of the packages that you want to install. You can
install packages from either the default repository or the new repository that you added in the
cloud-config file.
For more specific information about the structure of the YAML file, see Adding a YUM
repositorycloud-init documentation.
After you set up the YAML format file, you can run it in the cloud-init framework in the Amazon CLI.
Make sure to include the --userdata option and the name of the .yml file to call the
desired operations.
$aws ec2 run-instances \ --image-id \ resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64\ --instance-typem5.xlarge\ --regionus-east-1\ --key-nameaws-key-us-east-1\ --security-group-idssg-004a7650\ --user-data file://cloud-config.yml