我正在尝试在 Amazon Linux 2023 上使用 Let's Encrypt nginx 获取 SSL 证书。
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo rpm -ihv --nodeps ./epel-release-latest-8.noarch.rpm
sudo yum install python3-certbot-nginx
Problem: package certbot-1.22.0-1.el8.noarch requires python3-certbot = 1.22.0-1.el8,
but none of the providers can be installed
- conflicting requests
- nothing provides python3.6dist(setuptools) >= 39.0.1 needed by python3-certbot-1.22.0-1.el8.noarch
- nothing provides python3.6dist(cryptography) >= 2.5.0 needed by python3-certbot-1.22.0-1.el8.noarch
- nothing provides python3.6dist(configobj) >= 5.0.6 needed by python3-certbot-1.22.0-1.el8.noarch
- nothing provides python3.6dist(distro) >= 1.0.1 needed …有人告诉我,我们最近创建了一个新的 Amazon Linux 实例,其中包含最新最好的(版本 2017.3-01)。我正在尝试确定它是否基于 CentOS 7(因为这是唯一支持安装 Google Chrome 的版本)。我跑了
[davea@mymachine ~]$ uname -a
Linux mymachine 4.9.32-15.41.amzn1.x86_64 #1 SMP Thu Jun 22 06:20:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
但我仍然无法确定我的 Amazon Linux 发行版基于哪个版本的 CentOS。
编辑:根据给出的建议,这里是 cat 命令的输出
[davea@mymachine ~]$ sudo cat /etc/*release*
[sudo] password for davea:
NAME="Amazon Linux AMI"
VERSION="2017.03"
ID="amzn"
ID_LIKE="rhel fedora"
VERSION_ID="2017.03"
PRETTY_NAME="Amazon Linux AMI 2017.03"
ANSI_COLOR="0;33"
CPE_NAME="cpe:/o:amazon:linux:2017.03:ga"
HOME_URL="http://aws.amazon.com/amazon-linux-ami/"
Amazon Linux AMI release 2017.03
cpe:/o:amazon:linux:2017.03:ga
I am following this guide on how to Configure SSL/TLS on Amazon Linux 2023. It recommends to obtain a CA-signed certificate using Certbot. And to get Certbot, it's recommended to install Snap.
I have tried several things, not able to install any of prerequisites:
sudo yum install snapd
Error: Unable to find a match: snapd
sudo amazon-linux-extras install epel
sudo: amazon-linux-extras: command not found
sudo yum install -y amazon-linux-extras
Error: Unable to find a match: amazon-linux-extras
我有 aws 访问密钥和秘密密钥。我希望在 aws 凭证文件 (~/.aws/credentials) 中更新会话令牌,我将如何获取它?
我希望它们在命令行中生成。
我正在使用 Amazon Linux 并尝试从我的主目录运行 cron 作业(我在机器上没有 sudo 权限)。我正在通过执行 crontab -e 并添加这一行来设置 cron 作业
30 18 * * * /home/myuser/run_my_script.sh
其中。但是,我观察到事情似乎没有运行,所以我想弄清楚原因。但是运行这个
[myuser@mymachine ~]$ tail /var/log/cron
tail: cannot open ‘/var/log/cron’ for reading: Permission denied
没有帮助。我怎样才能弄清楚为什么事情没有运行,或者在我的脚本中出现问题的地方?
我已经尝试了许多方法来设置运行 Amazon Linux 2 的永久环境变量 EC2 实例,但没有一种方法在用户和登录会话之间是持久的。
什么特定的语法和过程将成功设置环境变量,以便所有用户和每个会话期间都可以使用变量的值?
到目前为止,我尝试过的方法包括在实例的 USERDATA 启动脚本期间分别在以下三个文件中分别设置值:
/etc/csh.cshrc
/etc/environment
/etc/profile
我一次尝试一个文件,而不是同时尝试所有三个文件。
我也尝试过使用 Python 的,os.environ但也没有用。
根据@NasirRiley 的建议,当我创建一个setVars.sh文件并将其放入/etc/profile.d实例的USERDATA启动序列时,它现在可以工作:
#!/bin/bash
export SOME_VAR_NAME=some-var-value
我尝试安装,但看到错误
Error: Package: mysql-community-server-5.7.17-1.el7.x86_64 (mysql57-community)
Requires: systemd
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
我还删除了所有以前的安装。我怎样才能解决这个问题?
我正在运行最新的 Amazon AMI (amzn-ami-hvm-2016.09.1.20170119-x86_64-gp2)。如果我运行nginx -V,我可以看到它已经配置了许多模块:
$ nginx -V
nginx version: nginx/1.10.1
built by gcc 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC)
built with OpenSSL 1.0.1k-fips 8 Jan 2015
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 …我正在使用亚马逊 Linux。当我运行“sudo yum install”时,它最终会出现以下错误
[myuser@mydomain ~]$ sudo yum update
[sudo] password for myuser:
Loaded plugins: fastestmirror, priorities, update-motd, upgrade-helper
Loading mirror speeds from cached hostfile
* CentOS-base: mirror.us.leaseweb.net
* CentOS-extras: mirror.us-midwest-1.nexcess.net
* CentOS-updates: mirrors.centos.webair.com
* amzn-main: packages.us-east-1.amazonaws.com
* amzn-updates: packages.us-east-1.amazonaws.com
* base: mirror.us.leaseweb.net
* updates: mirrors.centos.webair.com
amzn-main/latest | 2.1 kB 00:00
amzn-updates/latest | 2.3 kB 00:00
6590 packages excluded due to repository priority protections
Resolving Dependencies
--> Running transaction check
---> Package GConf2.x86_64 0:2.28.0-6.el6 will be updated
---> Package GConf2.x86_64 …我无法通过主机上的虚拟 Tap 设备将虚拟机连接到 IPv6 互联网。即,我无法 ping ipv6.google.com 或公共 IPv6 主机全局主接口地址。前任:
-bash-4.2$ ping6 ipv6.google.com
PING ipv6.google.com(sea15s11-in-x0e.1e100.net) 56 data bytes
From 2600:1f14:680:xxxx:66a3:79d5:6c1d:14c icmp_seq=1 Destination unreachable: Address unreachable
From 2600:1f14:680:xxxx:66a3:79d5:6c1d:14c icmp_seq=2 Destination unreachable: Address unreachable
From 2600:1f14:680:xxxx:66a3:79d5:6c1d:14c icmp_seq=3 Destination unreachable: Address unreachable
^C
--- ipv6.google.com ping statistics ---
4 packets transmitted, 0
received, +3 errors, 100% packet loss, time 3082ms
或者到主机的全局 ipv6 地址,我得到同样的错误。
简单拓扑:
router -----(eth0)----- host ----(tap device)---- vm
主机上的邻居发现似乎存在一些问题,当我从主机的 tap 端点对 tap 接口进行 tcpdump 时,我收到了请求消息,但没有返回任何内容:
[user ~]$ …