Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Package Request] - Need support for below packages #744

Closed
manojsihag opened this issue Jul 4, 2024 · 10 comments
Closed

[Package Request] - Need support for below packages #744

manojsihag opened this issue Jul 4, 2024 · 10 comments
Labels
documentation Improvements or additions to documentation enhancement New feature or request epel Package request for one that was in EPEL packages Package request

Comments

@manojsihag
Copy link

manojsihag commented Jul 4, 2024

(Edited by @stewartsmith to point to where each is being tracked, and again 2024-09-26, and again 2024-11-12)


Trying to migrate from AL2 to AL2023. Could not find AL2023 compatible rpm for below packages.

  1. haveged - see https://docs.aws.amazon.com/linux/al2023/ug/epel.html#haveged
  2. lshell - See https://docs.aws.amazon.com/linux/al2023/ug/epel.html#lshell
  3. monit - See [Package Request] - Monit #124
  4. python3-redis
  5. python3-psutil - available
  6. python-plumbum
  7. PyYAML - python3-pyyaml available
  8. tmpwatch. - see https://docs.aws.amazon.com/linux/al2023/ug/epel.html#tmpwatch

Some of these packages are available in epel which is not supported by AL2023. Could you please provide support for these packages and suggest a way forward regarding these.

@danie-dejager
Copy link

  • haveged is no longer needed in kernel 5.15+ as improvements have been made in how entropy is gathered and managed, making haveged less necessary. Use rngd instead.
  • lshell is unmaintained. What access do you want to limit with it? Will sudo or ssh not suffice? Restricting access to programs is very hard to do right, I'd rather not use unmaintained software for the purpose.
  • monit builds from Fedora source in COPR without any missing dependencies. It is very old though. Probably better to configure systemd to do some of the work instead.
  • python3-redis is missing and would need to be built to cater for the different name for redis used in al2023.
  • python3-psutil 5.8.0 is part of al2023.
  • PyYAML can easily be built from Fedora source in COPR without any missing dependencies.
  • tmpwatch is still in use but have you looked at systemd-tmpfiles as a modern replacement?

@stewartsmith
Copy link
Member

monit is tracked in #124

@stewartsmith
Copy link
Member

The lshell package has never been shipped as part of Amazon Linux. It was available in EPEL6.
The Fedora packaging repository for lshell covers why it was not packaged in EPEL7 or Fedora 30. It was also removed from Debian.

The upstream lshell project is no longer being actively maintained and contains known unpatched Critical CVEs: CVE-2016-6902 and CVE-2016-6903.

The alternative suggested in the Debian bug, rssh is also unmaintained upstream, with the author citing unfixable security issues as the reason.

For these reasons, adding lshell to AL2023 is not planned.

@stewartsmith
Copy link
Member

python3-pyyaml is certainly present and can be used, I think it's been there since the start? Not sure, but a long time.

@stewartsmith
Copy link
Member

python3-psutil is also present.

@stewartsmith
Copy link
Member

@stewartsmith
Copy link
Member

We have also added documentation regarding lshell (and rssh) and the outstanding security issues which are the reason they will not be added to Amazon Linux.

@stewartsmith stewartsmith added the documentation Improvements or additions to documentation label Nov 12, 2024
@stewartsmith
Copy link
Member

@stewartsmith
Copy link
Member

The documentation now covers that in AL2023, systemd-tmpfiles provides the functionality of tmpwatch.

@stewartsmith stewartsmith added epel Package request for one that was in EPEL enhancement New feature or request packages Package request labels Nov 12, 2024
@stewartsmith
Copy link
Member

This seems to leave two package requests left:

  1. python-plumbum was not shipped in Amazon Linux 1 or 2, but is part of the third party epel repository.
  2. python3-redis was also not shipped in Amazon Linux 1 or 2, but was part of the third party epel repository.

I'm going to split these out into two separate issues rather than keeping them in one.

python3-redis can be tracked in #835 and python-plumbum can be tracked in #836

I'm going to resolve this issue in favor of those now that we have covered the other packages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation enhancement New feature or request epel Package request for one that was in EPEL packages Package request
Projects
None yet
Development

No branches or pull requests

3 participants