Skip to content

Release notes for Rocky Linux 9.4

You can find a complete list of most changes in the upstream release notes found here.

Upgrading

You can upgrade from Rocky Linux 9.x to Rocky Linux 9.4 by running sudo dnf -y upgrade.

Note

Rocky Linux does not offer an upgrade path from any version of Rocky Linux 8. We recommend doing a fresh OS install to move to Rocky Linux 9.4.

Images

Several images are available along with the normal install images, including cloud and container platforms.

You can find more on the artifacts produced by the Cloud Special Interest Group, and information on how to get involved on the SIG/Cloud Wiki page.

Installing

Prior to installing, ensure compatibility of your CPU with this procedure!

To install Rocky Linux 9.4, head to the download page and download the version you need for your architecture.

The Rocky team release highlights

Cloud and Live Image Updates

New image build workflow and process

Most images for the 9.4 release were created using a new image builder: KIWI, from OpenSUSE. The images aim to be feature complete with the old images, and no serious regressions are intended. If you find a bug, please let us know and we will do our best to resolve or explain any differences.

The images still built with imagefactory are: Vagrant-VBox, Vagrant-VMware, and OCP-Base (Oracle Cloud Platform). The remaining Cloud, Container, and Vagrant images were built using KIWI. The new build workflow will enable Rocky Linux to provide more frequent updates to our images on all cloud providers.

You are invited to check out the KIWI configuration used as well as our toolkit used to invoke KIWI.

Azure - Community Galleries and Publisher Change

The Rocky Linux publisher account for Microsoft Azure has changed, and previous images are now deprecated. For more information, including details on how to migrate to the new account, please visit the forums post.

In addition to the Azure Marketplace, Rocky Linux is available for free on the Azure Community Gallery, providing incredibly easy access to run Rocky on Microsoft Azure. Instructions on how to utilize the Community Gallery images can be found on this news post.

New and notable

Major changes

For a complete list of major changes, see the upstream listing here.

Highlights and new features from this release are detailed next.

Image builder

  • From Rocky Linux 9.4 forward, you can specify arbitrary custom mount points except for specific paths that are reserved for the operating system
  • Creation of different partitioning modes is now available including auto-lvm, lvm, and raw
  • Customize tailor options for a profile and add it to your blueprint customizations by using selected and unselected options to add and remove rules

Security

Listed below are security-related highlights in the latest Rocky Linux 9.4 release. For a complete list of security-related changes, see the upstream link here.

  • SELinux userspace release 3.6 introduces deny rules for further customizing policies
  • Keylime server components, the verifier and registrar, are available as Containers
  • Rsyslog processing system introduces customizable TLS/SSL encryption settings and additional options that relate to capability dropping
  • OpenSSL TLS toolkit adds a drop-in directory for provider-specific configuration files
  • libkcapi 1.4.0 introduces new tools and options. Notably, with the new -T option, you can specify target file names in hash-sum calculations
  • stunnel 5.7.1 TLS/SSL tunneling service changes the behavior of OpenSSL 1.1 and later versions in FIPS mode. Besides this change, this version provides many new features such as support for modern PostgreSQL clients

Dynamic programming languages, web, and database servers

For a detailed list of the changes in this category see the upstream link here.

Later versions of the following Application Streams are now available:

  • Python 3.12
  • Ruby 3.3 available as a module stream
  • PHP 8.2 available as a module stream
  • nginx 1.24 available as a module stream
  • MariaDB 10.11 available as a module stream
  • PostgreSQL 16 available as a module stream

The following applications have been upgraded:

  • Git rebased to version 2.43.0
  • Git LFS rebased to version 3.4.1

Containers

For details on the changes in this category see the upstream link here.

Notable changes include:

  • The podman build farm command for creating multi-architecture container images is available as a Technology Preview
  • Podman now supports containers.conf modules to load a predetermined set of configurations
  • The Container Tools package is updated
  • Podman v4.9 RESTful API now displays data of progress when you pull or push an image to the registry
  • SQLite is now fully supported as a default database backend for podman
  • Containerfile now supports multi-line HereDoc instructions
  • pasta as a network name is now deprecated
  • The BoltDB database backend is now deprecated
  • The container-tools:4.0 module is now deprecated
  • The Container Network Interface (CNI) network stack is deprecated and will be removed in a future release

Compilers and development tools

For details on the changes in this category see the upstream link here

  • LLVM Toolset rebased to version 17.0
  • Rust Toolset rebased to version 1.75.0
  • Go Toolset rebased to version 1.21.0
  • Clang resource directory moved (from usr/lib64/clang/17 to usr/lib/clang/17)
  • elfutils rebased to version 0.190
  • systemtap rebased to version 5.0
  • Updated GCC Toolset 13
  • pcp updated to version 6.2.0
  • New grafana-selinux package
  • New processor microarchitectures supported in papi
  • New package maven-openjdk21
  • New package libzip-tools
  • cmake rebased to version 3.26

Known issues

Many known issues exist in 9.4 including those related to:

  • Installer and image creation
  • Security
  • Software management
  • Shells and command-line tools
  • Infrastructure services
  • Networking
  • Kernel
  • File systems and storage
  • Dynamic programing languages, web and database servers
  • Identity management
  • Desktop
  • Graphics infrastructure
  • Virtualization
  • Supportability
  • Containers

Review the upstream listing for the complete details on these issues.

Deprecated Software

Some Application Streams, which are part of the Rocky Linux 9.4 repositories, won't receive any further updates. These currently include Node.js 16 (retirement April 2024) and .NET 7 (retirement May 2024). Furthermore OpenJDK 11 will reach it's EoL for Rocky Linux 9 in October 2024. Please make sure to use supported versions (Node.js 18 or 20 modules, .NET 6 or 8 packages, OpenJDK 1.8.0, 17 or 21 packages) if further patches are desired.

Reporting bugs

Please report any bugs you encounter to the Rocky Linux Bug Tracker. We also welcome you to join our community in any way you wish be it on our Forums, Mattermost, IRC on Libera.Chat, Reddit, Mailing Lists, or any other way you wish to participate!