{"id":16860,"date":"2019-07-31T14:23:42","date_gmt":"2019-07-31T05:23:42","guid":{"rendered":"http:\/\/www.skyarch.net\/blog\/?p=16860"},"modified":"2019-07-31T14:23:42","modified_gmt":"2019-07-31T05:23:42","slug":"amazon-linux-2-%e3%81%ab-amazon-linux-extra-%e3%81%8b%e3%82%89-bcc-%e3%82%92%e5%b0%8e%e5%85%a5%e3%81%99%e3%82%8b%e6%89%8b%e9%a0%86","status":"publish","type":"post","link":"https:\/\/www.skyarch.net\/blog\/amazon-linux-2-%e3%81%ab-amazon-linux-extra-%e3%81%8b%e3%82%89-bcc-%e3%82%92%e5%b0%8e%e5%85%a5%e3%81%99%e3%82%8b%e6%89%8b%e9%a0%86\/","title":{"rendered":"Amazon Linux 2 \u306b Amazon Linux Extra \u304b\u3089 bcc \u3092\u5c0e\u5165\u3059\u308b\u624b\u9806"},"content":{"rendered":"<p>\u4ee5\u524d Amazon Linux 2 \u306b bcc \u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u306a\u3044\u306e\u3067\u3001<a href=\"http:\/\/www.skyarch.net\/blog\/?p=16785\">\u30bd\u30fc\u30b9\u30b3\u30fc\u30c9\u304b\u3089\u30b3\u30f3\u30d1\u30a4\u30eb\u3057\u3066\u5c0e\u5165\u3059\u308b\u624b\u9806<\/a>\u3092\u3054\u7d39\u4ecb\u3057\u307e\u3057\u305f\u304c\u3001\u4eca\u65e5\u6c17\u304c\u3064\u3044\u305f\u3089 Amazon Linux Extra \u306b\u5165\u3063\u3066\u3044\u305f\u306e\u3067\u3001\u3053\u3061\u3089\u304b\u3089\u5c0e\u5165\u3057\u3066\u307f\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n<h2 id=\"amazon-linux-extra-\u3068\u306f\">Amazon Linux Extra \u3068\u306f<\/h2>\n<p>Amazon Linux Extra \u3068\u306f\u3001Amazon Linux 2 \u3067\u6a19\u6e96\u30d1\u30c3\u30b1\u30fc\u30b8\u3068\u306f\u5225\u306b\u6bd4\u8f03\u7684\u65b0\u3057\u3044\u30d0\u30fc\u30b8\u30e7\u30f3\u3084\u8a00\u8a9e\u30e9\u30f3\u30bf\u30a4\u30e0\u306a\u3069\u3092\u63d0\u4f9b\u3057\u3066\u3044\u308b\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u30c1\u30e3\u30f3\u30cd\u30eb\u3067\u3059\u3002<\/p>\n<p>\u6b32\u3057\u3044\u30d0\u30fc\u30b8\u30e7\u30f3\u3084\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u306a\u3044\u5834\u5408\u3001\u81ea\u5206\u3067\u9811\u5f35\u3089\u306a\u304f\u3066\u3082\u3068\u308a\u3042\u3048\u305a\u78ba\u8a8d\u3057\u3066\u307f\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n<h2 id=\"bcc-\u306e\u5c0e\u5165\">bcc \u306e\u5c0e\u5165<\/h2>\n<p>\u307e\u305a bcc \u304c\u914d\u4fe1\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002amazon-linux-extras \u30b3\u30de\u30f3\u30c9\u3092\u5f15\u6570\u306a\u3057\u3067\u5b9f\u884c\u3059\u308b\u3068\u5229\u7528\u53ef\u80fd\u306a\u30ea\u30dd\u30b8\u30c8\u30ea\u4e00\u89a7\u304c\u8868\u793a\u3055\u308c\u307e\u3059\u3002<\/p>\n<pre class=\"brush: bash; title: ; wrap-lines: false; notranslate\" title=\"\">\r\n$ amazon-linux-extras\r\n  0  ansible2                 available    &#x5B; =2.4.2  =2.4.6 ]\r\n  2  httpd_modules            available    &#x5B; =1.0 ]\r\n  3  memcached1.5             available    &#x5B; =1.5.1  =1.5.16 ]\r\n.............&lt;snip&gt;..................\r\n 34  lynis                    available    &#x5B; =stable ]\r\n 35  kernel-ng                available    &#x5B; =stable ]\r\n 36  BCC                      available    &#x5B; =0.x ]\r\n 37  mono                     available    &#x5B; =5.x ]\r\n<\/pre>\n<p>36 \u756a\u306b BCC \u304c\u51fa\u529b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u81ea\u4f53\u306f\u7c21\u5358\u3067\u3059\u3002\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3060\u3051\u3067\u3059\u3002<\/p>\n<pre class=\"brush: bash; title: ; wrap-lines: false; notranslate\" title=\"\">\r\n$ sudo amazon-linux-extras install -y BCC\r\n<\/pre>\n<p>\u4f9d\u5b58\u95a2\u4fc2\u306b\u5f93\u3063\u3066\u3001\u4ee5\u4e0b\u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n<pre class=\"brush: bash; title: ; wrap-lines: false; notranslate\" title=\"\">\r\nInstalled:\r\n  bcc.x86_64 0:0.10.0-1.amzn2.0.1\r\n\r\nDependency Installed:\r\n  bcc-tools.x86_64 0:0.10.0-1.amzn2.0.1               clang-libs.x86_64 0:7.0.1-1.amzn2.0.2               cpp.x86_64 0:7.3.1-5.amzn2.0.2\r\n  elfutils-libelf-devel.x86_64 0:0.170-4.amzn2        gcc.x86_64 0:7.3.1-5.amzn2.0.2                      glibc-devel.x86_64 0:2.26-32.amzn2.0.1\r\n  glibc-headers.x86_64 0:2.26-32.amzn2.0.1            kernel-devel.x86_64 0:4.14.133-113.105.amzn2        kernel-headers.x86_64 0:4.14.133-113.105.amzn2\r\n  libatomic.x86_64 0:7.3.1-5.amzn2.0.2                libcilkrts.x86_64 0:7.3.1-5.amzn2.0.2               libitm.x86_64 0:7.3.1-5.amzn2.0.2\r\n  libmpc.x86_64 0:1.0.1-3.amzn2.0.2                   libmpx.x86_64 0:7.3.1-5.amzn2.0.2                   libquadmath.x86_64 0:7.3.1-5.amzn2.0.2\r\n  libsanitizer.x86_64 0:7.3.1-5.amzn2.0.2             llvm-libs.x86_64 0:7.0.1-1.amzn2.0.1                mpfr.x86_64 0:3.1.1-4.amzn2.0.2\r\n  python-netaddr.noarch 0:0.7.5-9.amzn2               python2-bcc.x86_64 0:0.10.0-1.amzn2.0.1             yum-plugin-dkms-build-requires.noarch 0:1.0-2.amzn2\r\n  zlib-devel.x86_64 0:1.2.7-17.amzn2.0.2\r\n<\/pre>\n<h2 id=\"\u52d5\u4f5c\u78ba\u8a8d\">\u52d5\u4f5c\u78ba\u8a8d<\/h2>\n<p>\u4ee5\u524d\u3082\u3054\u7d39\u4ecb\u3057\u305f execsnoop \u3092\u5b9f\u884c\u3057\u3066\u307f\u307e\u3059\u3002\u6dfb\u4ed8\u30c4\u30fc\u30eb\u7fa4\u306f\u3001bcc-tools \u30d1\u30c3\u30b1\u30fc\u30b8\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u307e\u3059\u3002\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u305f\u30c4\u30fc\u30eb\u306f \/usr\/share\/bcc\/tools \u914d\u4e0b\u306b\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u5b9f\u884c\u3057\u3066\u307f\u307e\u3059\u3002<\/p>\n<pre class=\"brush: bash; title: ; wrap-lines: false; notranslate\" title=\"\">\r\n$ sudo \/usr\/share\/bcc\/tools\/execsnoop\r\nPCOMM            PID    PPID   RET ARGS\r\ndhclient-script  2748   2275     0 \/usr\/sbin\/dhclient-script\r\nhostname         2750   2749     0 \/bin\/hostname\r\ncat              2752   2751     0 \/bin\/cat \/proc\/cmdline\r\ncat              2754   2753     0 \/bin\/cat \/proc\/cmdline\r\ndbus-send        2755   2748     0 \/bin\/dbus-send --system --print-reply --dest=org.freedesktop.DBus \/org\/freedesktop\/DBus org.freedesktop.DBus.GetNameOwner string:org.freedesktop.NetworkManager\r\n.............&lt;snip&gt;..................\r\n<\/pre>\n<p>\u554f\u984c\u306a\u304f\u5b9f\u884c\u3067\u304d\u305f\u69d8\u3067\u3059\u3002 \u306a\u304a\u5b9f\u884c\u4e2d\u306e\u30ab\u30fc\u30cd\u30eb\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u5bfe\u5fdc\u3059\u308b\u3001kernel-header\u3001kernel-devel \u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u306a\u3044\u5834\u5408\u306f\u4ee5\u4e0b\u306e\u69d8\u306b\u30a8\u30e9\u30fc\u306b\u306a\u308b\u306e\u3067\u6ce8\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"brush: bash; title: ; wrap-lines: false; notranslate\" title=\"\">\r\n$ sudo \/usr\/share\/bcc\/tools\/execsnoop\r\nmodprobe: FATAL: Module kheaders not found in directory \/lib\/modules\/4.14.123-111.109.amzn2.x86_64\r\nchdir(\/lib\/modules\/4.14.123-111.109.amzn2.x86_64\/build): No such file or directory\r\nTraceback (most recent call last):\r\n  File &quot;\/usr\/share\/bcc\/tools\/execsnoop&quot;, line 165, in &lt;module&gt;\r\n    b = BPF(text=bpf_text)\r\n  File &quot;\/usr\/lib\/python2.7\/site-packages\/bcc\/__init__.py&quot;, line 325, in __init__\r\n    raise Exception(&quot;Failed to compile BPF text&quot;)\r\nException: Failed to compile BPF text\r\n<\/pre>\n<p>\u4ee5\u4e0a\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4ee5\u524d Amazon Linux 2 \u306b bcc \u306e\u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u306a\u3044\u306e\u3067\u3001\u30bd\u30fc\u30b9\u30b3\u30fc\u30c9\u304b\u3089\u30b3\u30f3\u30d1\u30a4\u30eb\u3057\u3066\u5c0e\u5165\u3059\u308b\u624b\u9806\u3092\u3054\u7d39\u4ecb\u3057\u307e\u3057\u305f\u304c\u3001\u4eca\u65e5\u6c17\u304c\u3064\u3044\u305f\u3089 Amazon Linux Extra \u306b\u5165\u3063\u3066\u3044\u305f\u306e\u3067\u3001\u3053\u3061\u3089\u304b\u3089\u5c0e&#8230;<\/p>\n","protected":false},"author":1,"featured_media":16792,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_locale":"ja","_original_post":"16860","footnotes":""},"categories":[326,29,18],"tags":[725],"class_list":{"0":"post-16860","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-amazonlinux","8":"category-linux","9":"category-os","10":"tag-bcc","11":"ja"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/16860","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/comments?post=16860"}],"version-history":[{"count":4,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/16860\/revisions"}],"predecessor-version":[{"id":16876,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/posts\/16860\/revisions\/16876"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/media\/16792"}],"wp:attachment":[{"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/media?parent=16860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/categories?post=16860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyarch.net\/blog\/wp-json\/wp\/v2\/tags?post=16860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}