Amazon has begun testing a new general-purpose Amazon Linux 2022 distribution that is cloud-optimized and integrates with Amazon EC2 tools and advanced features. The distribution will replace the Amazon Linux 2 product and is notable for moving away from using the CentOS package base as the basis in favor of the Fedora Linux distribution. Assemblies are generated for x86_64 and ARM64 (Aarch64) architectures.
The project has also moved to a new predictable maintenance cycle, with major new releases every two years, with interim quarterly updates. Each major release will fork off the current Fedora Linux release at that time. Interim releases are planned to include new versions of some in-demand packages, such as programming languages, but these versions will ship in parallel in a separate namespace - for example, the Amazon Linux 2022 release will include Python 3.8, but the quarterly update will offer Python 3.9, which does not will replace core Python, but will be available as a standalone set of python39 packages that can be used at will.
The total support time for each release will be five years, of which two years the distribution will be in the active development stage and three years in the maintenance phase with the formation of corrective updates. The user will be given the opportunity to link to the state of the repositories and independently choose the tactics for installing updates and switching to new releases. While primarily focused on AWS (Amazon Web Services), the distribution will also ship as a generic virtual machine image that can be used on-premises or in other cloud environments.
In addition to the transition to the Fedora Linux package base, one of the significant changes is the inclusion by default of the SELinux forced access control system in the βenforcingβ mode. The Linux kernel will include enhanced security enhancements such as digital signature verification of kernel modules. Updates for the Linux kernel will be released using "live patching" technology, which makes it possible to fix vulnerabilities and apply important fixes to the kernel without rebooting the system.
Source: opennet.ru