Slaan oor na inhoud

Release Notes for Rocky Linux 8.7

Minimal ISO

The minimal ISO does not contain the AppStream repository. This means that packages that come from AppStream will be absent after an install using the Minimal ISO. Examples of such packages include - rsyslog, policycoreutils-python-utils and so on. This is not a bug and is to be expected.

Upgrading From Any Rocky Linux 8 Version

Simply run sudo dnf -y upgrade

Cloud Images

As well as the normal install images, there are several images available for new and existing cloud platforms.

In between Rocky Linux 8.6 and 8.7, images for Oracle Cloud Platform (OCP) were developed and released. The Oracle images join our existing set of images including GenericCloud, Amazon AWS (EC2), Container RootFS/OCI, Vagrant (Libvirt, VirtualBox, and VMWare), Google Cloud Platform, Microsoft Azure, and other CSP-maintained images.

Additionally, The GenericCloud, EC2, and Azure images now have a variant which uses an LVM partition for the root filesystem, allowing systems administrators additional flexibility and options for configuring their systems.

More information on the artifacts produced by the Cloud Special Interest Group, as well as information on how to get involved can be found on the SIG/Cloud Wiki page.

Known Issues

There are no known issues currently found in 8.7. We will add them here later if they show up after the release.

Major Changes

For a complete list of major changes, please see the upstream listing here.

Below are some highlights.


  • Network Security Services (NSS) no longer supports RSA keys shorter than 1023 bits.
  • clevis-luks-askpass is now enabled by default.
  • fapolicyd rebased to 1.1.3


This release modifies the scap-security-guide so that it is better aligned with DISA. For more information on this and other security related changes, see the upstream document

  • SCAP Security Guide (SSG) rebased to 0.1.63 along with several other changes relating to SSG and DISA STIG.

Shells and command-line Tools

  • xmlstarlet - a new tool that provides a simple set of command-line utilities for parsing XML files.
  • opencryptoki updated to 3.18.0
  • powerpc-utils updated to 1.3.10
  • libva updated to 2.13.0


  • NetworkManager rebased to 1.40. For notable changes see the upstream release notes here.
  • NetworkManager now stores the DHCP lease information in the/run/NetworkManager/devices/ directory

Filesystem And Storage

  • nfsrahead has been added. Can be used to modify readahead value for NFS mounts, and thus affect the NFS read performance.
  • rpcctl command now displays SunRPC connection information.
  • multipath.conf can now include protocol-specific configuration overrides in DM Multipath

Dynamic Programming Languages, Web and Database Servers

Module Streams

Later versions of the following components are now available as new module streams:

  • ruby:3.1
  • mercurial:6.2
  • Node.js 18

Additional Changes

  • mariadb-java-client rebased to version 2.7.1
  • redis rebased to 6.2.7
  • A new default for the LimitRequestBody directive in httpd configuration

For more on these changes, visit the upstream page dealing with these changes.

Infrastructure Services

  • chrony updated to 4.2
  • unbound updated to 1.16.2

Compilers And Development Tools

  • libpfm now supports AMD Zen 2 and Zen 3 processors
  • papi now supports AMD Zen 2 and Zen 3 processors
  • Improved hardware identification for ARM processors
  • The LLVM gold plugin is now available on the IBM Z architecture

GCC Toolset 12

  • Annobin rebased to version 10.79
  • binutils rebased to version 2.38
  • GCC 12 and later supports _FORTIFY_SOURCE level 3
  • GDB rebased to version 11.2


  • New module stream maven:3.8


  • DNS stub resolver option now supports no-aaaa option
  • Rust Toolset rebased to version 1.62.1
  • LLVM Toolset rebased to version 14.0.0

Identity Management

  • SSSD now supports memory caching for SID requests
  • IdM now supports configuring an AD Trust with Windows Server 2022
  • IdM now indicates whether a given name is a user or a group in a trusted AD domain during a name search
  • New ipasmartcard_server and ipasmartcard_client roles
  • samba rebased to version 4.16.1
  • SSSD now supports direct integration with Windows Server 2022


  • open-vm-tools rebased to 12.0.5
  • ESXi hypervisor and SEV-ES is now fully supported

Reporting Bugs

Please report any bugs you encounter to the Rocky Linux Bug Tracker. We also welcome you to join our community in any way you wish be it on our Forums, Mattermost, IRC on Libera.Chat, Reddit, Mailing Lists, or any other way you wish to participate!