Gå till innehållet

Release Notes For Rocky Linux 9.0

Major Changes

For a complete list of major changes, please see the upstream listing here.

Please Check CPU Compatibility

With Rocky Linux 9.0, some older CPUs will not work well, or perhaps at all. The following architectures are considered minimum requirements for a successful install:

For more information on supported architectures and the risks of using those that are unsupported, see the upstream release note on the subject here.

Some highlights from this release are detailed next.

New Build system (Peridot)

Rocky Linux 9 was lovingly built with our in-house developed and open-source Cloud Native build system called Peridot. Peridot was used to build Rocky Linux 9 for the - x86_64, aarch64, s390x, and ppc64le architectures.

Amongst other things, this release represents our standing promise and commitment to the community to ensure the longevity of the Rocky Linux project by enabling users to build, enhance or reproduce Rocky Linux from scratch independently. The source code for the build system is available here

Security

  • Using SHA-1 message digest for cryptographic purposes has been deprecated. The cryptographic hash functions produced by SHA-1 are no longer considered secure. There are some exceptions, which are detailed in the upstream link above.
  • OpenSSL is now version 3.0.1 with many improvements, including provider concept, new versioning scheme, an improved HTTP(S) client, support for new protocols, formats, and algorithms, and more.
  • OpenSSH is now version 8.7p1 with many improvements, most notably the replacement of the SCP/RCP protocol with the SFTP protocol which offers more predictable filename handling.
  • SELinux performance, memory overhead, time to load, and more have been substantially improved. There are a whole host of changes with more details in the upstream release notes.
  • Rocky Linux 9 supports automatically configuring security compliance settings for PCI-DSS, HIPAA, DISA, and many others directly through the Anaconda installer, saving time and effort to meet the complicated requirements in the quickly evolving security landscape.

Networking

The main networking related changes are listed below. For detailed coverage of these changes as well as other network related changes please visit the upstream link here.

  • mptcpd or MultiPath TCP Daemon, can be used instead of iproute2 to configure MultiPath TCP endpoints.
  • NetworkManager now uses key files to store new connection profiles as a default, but still supports the use of ifcfg.
  • iptables-nft and ipset are now deprecated which included the utilities, iptables, ip6tables, ebtables, and arptables. These are all replaced by the nftables framework.
  • network-scripts package has been removed. Use NetworkManager to configure network connections.

Web and Programming

Several dynamic programming, version control and web related application suites listed next have been updated to newer versions in Rocky Linux 9.0. For a complete list of changes and descriptions, please see this upstream link.

Dynamic Programming

  • Node.js 16
  • Perl 5.32
  • PHP 8.0
  • Python 3.9
  • Ruby 3.0

Version Control

  • Git 2.31
  • Subversion 1.14

Web Servers

  • Apache HTTP Server 2.4.51
  • nginx 1.20

Proxy Caching Servers

  • Varnish Cache 6.6
  • Squid 5.2

Database Servers

  • MariaDB 10.5
  • MySQL 8.0
  • PostgreSQL 13
  • Redis 6.2

Compilers and Development Tools

For a complete detailed list of changes, please see this upstream link. The highlights are below.

System Toolchain

  • GCC 11.2.1
  • glibc 2.34
  • binutils 2.35.2

Performance and Debugging Tools

  • GDB 10.2
  • Valgrind 3.18.1
  • SystemTap 4.6
  • Dyninst 11.0.0
  • elfutils 0.186

Performance Monitoring Tools

  • PCP 5.3.5
  • Grafana 7.5.11

Compiler Toolsets

  • LLVM Toolset 13.0.1
  • Rust Toolset 1.58.1
  • Go Toolset 1.17.7

Java Implementation

The following Java Runtime Environments and Java Development Kits are provided:

  • java-17-openjdk
  • java-11-openjdk
  • java-1.8.0-openjdk

The following Java tools are provided:

  • Maven 3.6
  • Ant 1.10

Virtualization

For a complete list of changes and enhancements in Virtualization, please see this upstream link.

Key highlights are:

  • QEMU is now built using the CLANG compiler which allows the KVM Hypervisor to use a number of advanced security and debugging features.
  • vTPM (Virtual Trusted Platform Module) is now fully supported.
  • virtiofs feature has been implemented, which you can use to more efficiently share files between a Rocky Linux host and its VMs.
  • cgroup-v2 which implements a single hierarchy model, is now the default Linux control group in 9.0. This will have some ramifications for those using container-based systems (Docker, Kubernetes, etc.) More information is available in the link above.

Upgrading

The Rocky Linux team does not recommend upgrades from one major version to the next (in this case 8.6 to 9.0). While it is technically possible to upgrade between major versions, we instead recommend a fresh install of the desired latest major version.

Installing

To install Rocky Linux 9.0, head to the download page and download the version you need for your architecture. A complete installation walk-through for Rocky Linux 9.0 is available on the Rocky Linux documentation website here.

While this is covered in the installation walk-through (above), it is important that you verify your download against the CHECKSUM for that file to make sure there is no corruption or tampering. You can do this with the following steps assuming that you've downloaded the file on another machine using Linux:

  • In the directory where you've downloaded the ISO image for your target architecture, download the CHECKSUM file as well. Example:
curl https://download.rockylinux.org/pub/rocky/9/isos/x86_64/CHECKSUM -o CHECKSUM
  • Then issue the command:
sha256sum -c CHECKSUM --ignore-missing
  • If you get back the following on the command line, your file has been verified. Note we are assuming the minimal ISO below, but it may be the DVD ISO as well:
Rocky-9.0-x86_64-minimal.iso: OK

Optionally, you can get access to any of the Rocky Linux release version checksums, by going to the github repository here.

Known Issues

As with any release, there are issues that are already known. You can see the current listing of issues from the upstream here.

  • Limitation to using the Minimal ISO installation - Most of the security related packages will not work. If you need security/SCAP profiles and packages at the time of install, please use the DVD ISO.

Reporting Bugs

Please report any bugs you encounter to the Rocky Linux Bug Tracker. We also welcome you to join our community in any way you wish be it on our Forums, Mattermost, IRC on Libera.Chat, Reddit, Mailing Lists, or any other way you wish to participate!