Current Release 10
Rocky Linux 10¶
Rocky Linux 10 (RL 10) is the latest major release of Rocky Linux's enterprise operating system.
Upgrading to Rocky Linux 10¶
Rocky Linux does not support upgrades to any major release. To move from 8.x or 9.x to Rocky Linux 10, you should perform a fresh install of the operating system.
New Features and Changes¶
The following sections describe selected features of RL 10.
As with all major Rocky Linux releases, this release note covers numerous enhancements, changes, and new features.
The overview that follows highlights changes in the following categories: Architecture, Kernel, Installer, Networking, Security, Virtualization, Containers, Storage, and Package Management. Chosen here are the features most likely to have relevance to a general audience.
For a complete list of major changes, see the upstream listing here.
Supported Architectures¶
Please check CPU Compatibility
On the x86_64 processor architecture, RL 10 no longer supports hardware at the x86-64-v2 microarchitecture level and earlier, and makes the x86-64-v3 microarchitecture level the baseline for distribution.
For more information, refer to the Supported Microarchitecture Levels section, particularly the section on testing the CPU for compatibility.
32-bit package discontinuation
Rocky Linux 10 has removed 32-bit compatibility for x86_64. Use 64-bit libraries or containers with 32-bit dependencies instead.
Rocky Linux 10 is supported on the following processor architectures:
- 64-bit AMD/Intel x86-64-v3 (x86_64)
- 64-bit RISC-V (riscv64)
- 64-bit ARMv8.0-A (aarch64)
- IBM POWER9, little endian (ppc64le)
- IBM z14 (s390x)
Brand New Support for RISC-V Architecture¶
The Rocky Linux release Engineering team worked long and hard to bring Rocky Linux 10 to certain RISC-V implementations.
Platforms/subsystems supported on release day include - StarFive VisionFive 2 (VF2), QEMU, and SiFive HiFive Premier P550.
For more details about this milestone, including RL10’s RISC-V support, please visit this site.
Supported Microarchitecture Levels¶
The x86-64-v3 microarchitecture is based on the feature set of the Intel Haswell processor generation. A handful of Intel Atom processors (such as the Gracemont-family processors) support x86-64-v3. In contrast, others, including Intel Atom Parker Ridge-family processors and the Intel Atom x6416RE Elkhart Lake-family processor, do not provide x86-64-v3 features and are therefore not supported in RL 10. If you doubt your processor's compatibility, use this procedure to verify.
AMD's implementation of the x86-64-v3 microarchitecture level, which serves as the baseline for Rocky Linux 10 on x86_64, was introduced with their Excavator microarchitecture. This means that processors older than those based on the Excavator architecture may not be fully supported by Rocky Linux 10.
Raspberry Pi image differences
The key difference between the Rocky Linux Pi images for version 10 is that 10 supports Pi 4 and Pi 5, whereas 9 supports Pi 3, Pi 4, Pi 5, and Pi Zero 2W.
Installation and Image Creation¶
Anaconda, the interactive graphical interface for the Rocky Linux installer, has a number of changes in version 10.
Key changes include:
- The disabling, by default, of the root account. System management requires creating an administrative user with full sudo privileges. If you opt to enable the root account by setting its password, then you can create standard users without administrative privileges.
- Remote Desktop Protocol (RDP) replaces VNC for graphical remote access during the installation process. This change affects the related kernel boot options.
- Removal of the time zone map under the "Time & Date" section of the installer.
- The graphical interface no longer supports adding third-party repositories during initial installation. Use the
inst.addrepoboot option or Kickstart instead. - Removal of documentation that had been available at the time of installation.
Kernel¶
The default out-of-box Kernel for RL 10 has been updated to version 6.12.0.
Some kernel features are now disabled due to being unmaintained, insecure, or deprecated.
The rh_waived kernel command-line argument can enable these features if required. Earliest Eligible Virtual Deadline First (EEVDF), which prioritizes latency-sensitive tasks with shorter time slices to improve responsiveness, replace the CFS scheduler.
Networking¶
Enhancements to networking features in RL 10 include changes to network configuration, network interface aggregation, DHCP clients and servers, as well as additions and removals to device drivers.
NetworkManager and Network Scripts¶
Deprecation of the old ifcfg-rh network scripts occurred in previous versions of Rocky Linux (9.x). With Rocky Linux 10, these scripts are no longer available.
You must use NetworkManager now. Those tools include nmcli, nmtui, and nmstate. This means that some older files and commands will no longer work, and the location where you keep your network configuration files has also changed.
- Files with the ifcfg- prefix in the /etc/sysconfig/network-scripts/ directory are not supported.
- The ifup and ifdown commands are no longer available.
- Legacy network scripts, such as ifup-local, are no longer supported.
- Network configuration files are stored in the /etc/NetworkManager/system-connections/ folder.
DHCP Client and Server¶
Implementation of the DHCP client in RL 10 is through an internal subsystem of NetworkManager. The legacy dhcp-client package is removed and is no-longer supported upstream.
Kea DHCP replaces the end-of-life ISC DHCP server in RL 10.
Network Bonding and Teaming¶
Previous versions of Rocky Linux deprecated the NIC teaming feature. In RL 10, this is now removed entirely. As a replacement, configure a bond instead of a network team.
Storage¶
In addition to the following changes, several storage-related device drivers are added, updated, or removed from RL 10.
Global File System 2 (GFS2)¶
RL 10 no-longer supports the GFS2 file system.
Device Mapper Multipath¶
Enabling Device Mapper (DM) Multipath on NVMe devices is not supported by RL 10.
LUKS2 Disk Encryption¶
The cryptsetup package has been rebased to version 2.7 to address issues and support LUKS-encrypted devices when using the kernel dump (kdump) service.
Security Features¶
With RL 10, comes the inclusion of numerous new security-related features.
Some of the updates include:
- System-wide cryptographic policies (crypto-policies): OpenSSL and OpenSSH now work with post-quantum algorithms.
- Sequoia PGP: A memory-free implementation of OpenPGP.
- OpenSSH: The restoration of stricter SSH host key permissions. (New Permissions = 0600 Vs Old permissions = 0640).
- GnuTLS: Client and server certificates are now compressed
- yescrypt algorithm: The password algorithm for the default user is changed.
New SELinux changes include the following updates:
- File context equivalency is inverted to /var/run = /run.
- The addition of new libvirt service types to the SELinux policy.
Virtualization¶
Virtualization sees key changes:
- The monolithic libvirtd daemon is deprecated. Use the modular daemons and sockets as replacements. Please see detailed documentation about the differences in the upstream documentation
- Deprecation of the i440fx virtual machine type
- Deprecation of Virtual Machine Manager, Cockpit is the intended replacement
Containers¶
Podman 5 in RL 10 introduces several improvements, including the new default container runtime, crun, which replaces runc. Control Groups v2 is now the default cgroup version.
Key updates include the deprecation of the slirp4netns network mode, the ability to configure retry attempts and delays for image push and pull operations, and comprehensive support for multi-architecture container images.
Furthermore, Podman 5 continues to support Quadlets, a feature introduced in Podman 4.4, which enables managing Podman containers with systemd using declarative unit files.
Software Management¶
RPM is now version 4.19, Which includes enhancements and updates to packaging and building tools. There is a new rpmsort command introduced for correctly ordering RPM version strings in output pipelines. As an example:
The old sort: rpm -q kernel | sort
kernel-6.12.0-130.el10.x86_64
kernel-6.12.0-13.el10.x86_64
The new rpmsort: rpm -q kernel | rpmsort
kernel-6.12.0-13.el10.x86_64
kernel-6.12.0-130.el10.x86_64
DNF¶
By default, DNF now omits downloading repository filelist metadata, enhancing responsiveness and conserving disk space. DNF commands that need this metadata will generally download it automatically.
Modularity¶
DNF modularity is deprecated, and Rocky Linux does not intend to provide AppStream content as modules in RL 10. In the future, RL 10 might provide additional application versions as RPM packages, software collections, or Flatpaks.
Desktop Environment¶
In RL 10, Wayland replaces the X.Org Server. Xwayland will support most X11 clients that have not yet been ported to Wayland. Some desktop applications and components are also replaced in RL 10.
Desktop Component changes¶
| Removed | Replacement |
|---|---|
| gedit text editor | GNOME Text Editor (gnome-text-editor) |
| Tweaks application | Use Tweaks options in GNOME settings and/or use the Flatpak on Flathub |
| Festival speech synthesizer | Espeak NG |
| Eye of GNOME (eog) image viewer | GNOME Image Viewer (loupe) |
| Cheese camera application | Snapshot application |
| GNOME Terminal | ptyxis terminal |
| PulseAudio daemon (but not the client interfaces) | Pipewire (has already been the default in RL 9) |
Several graphical desktop applications are no longer included in the Rocky Linux 10 distribution. In most cases, you can obtain these applications from upstream sources or as Flatpaks on Flathub.
Removed Applications¶
| Removed | Substitution |
|---|---|
| LibreOffice office productivity software suite | Officially provided as Flatpak on Flathub, or you can download upstream packages from https://www.libreoffice.org/. |
| Evolution personal information manager and email client | Thunderbird is provided via the Appstream repository. You can also obtain a Flatpak or package from upstream or through Flathub. |
| Inkscape Vector Graphics Editor | There is no vector graphics editor included in RL 10, but you can find a Flatpak on Flathub. |
| Totem (GNOME Videos) media player | There is no default desktop media player shipped in RL 10. The web browser can still play web-based media. Alternatively, you can choose a different media player from third-party repositories or as a Flatpak from Flathub. |
TigerVNC is removed from RL 10. For VNC client functionality, use the Connections application. There is no VNC server provided.
gnome-remote-desktop, using RDP, replaces TigerVNC for desktop sharing, remote login, and headless sessions. This is built into GNOME and you can configure it in the Settings application.
The Motif X11 desktop environment and toolkit are also removed from RL 10.
Infrastructure Services¶
Replacement or removal of some of the services and packages in RL 10 include the following infrastructure services.
| Removed | Replacement |
|---|---|
| power-profiles-daemon CPU throttle | tuned-ppd translation layer that supports applications written for the power-profiles-daemon |
| redis in-memory key-value database | valkey (a fork of redis) in-memory key-value database ^1 |
| sendmail mail transfer agent | Rocky Linux recommends migrating to the Postfix mail transfer agent. |
| spamassassin email spam filter | The spamassassin email spam filter is now found in the EPEL repository. |
1 In addition to valkey, the valkey-compat-redis package is in the Plus repository.
Dynamic Programming Languages¶
There are updates to recent versions of several popular programming languages:
- Python 3.12
- Ruby 3.3
- Node.js 22.13
- Perl 5.40
- PHP 8.3
Web Servers and Database Servers¶
There are updates to many popular server daemons to more recent versions:
Web servers¶
- Apache HTTP Server 2.4.63
- nginx 1.26
Proxy caching servers¶
- Varnish Cache 7.6
- Squid 6.10
Database servers¶
- MariaDB 10.11
- MySQL 8.4
- PostgreSQL 16.8
- Valkey 8.0
RL Web Console (Cockpit)¶
Cockpit is a web-based interface for managing and monitoring your local system. A graphical file manager and text editor are now available in the web console if you install the cockpit-files RPM package.
The host switcher, which enabled the simultaneous management of multiple systems, is deprecated and disabled by default due to security reasons.
Cockpit now supports configuring Stratis file-system size limits.
Known Issues¶
SELinux issue on virtual hosts¶
When using a virtual host with a passt backend enabled and memfd type for memory, the interface will fail to start if SELinux is enabled. See this upstream issue for more information.
Grey screen after bootup of installation media¶
In specific hardware configurations, such as virtualized environments with 3D graphics enabled, you may experience Anaconda hanging before the setup wizard is displayed. This issue should be resolvable by switching away from tty6 to another tty and then back to tty6. For example, switch to tty1 and back to tty6 with: Ctrl+Alt+F1 and then Ctrl+Alt+F6.
Participating and reporting bugs¶
Please report any bugs you encounter to the Rocky Linux Bug Tracker. We also welcome you to join our community in any way you wish be it on our Forums, Mattermost, IRC on Libera.Chat, Reddit, Mailing Lists, or any other way you wish to participate!