Launch of Rocky Linux 9 including all tools, infrastructure needed for anyone to replicate, extend the project, independently

Rocky Linux 9 was built with an open-source, community-developed, cloud-native build system called Peridot… A primary goal in developing the new build system was to ensure that new versions of Rocky could be released. within a week after each Red Hat Enterprise release of the new version of Linux.

Rocky Linux 9 arrives today, delivering a host of new security, application, and networking features. But the capability of version 9 that takes center stage is the availability of all the build chain infrastructure tools that developers would need to choose Rocky Linux to extend or replicate the operating system. they want to do something independent of the community or any upstream support. organization. As a result, Rocky Linux v9 provides a supported enterprise Linux platform for the next decade.

Rocky Linux uses only open source tools to deliver a fully reproducible operating system ensuring there is no repeat of CentOS end-of-life issues.

“When we release a version of Rocky Linux, it’s more than a collection of binaries, package repositories, and installers,” said Gregory Kurtzer, CEO of CIQ and founder of the Rocky Enterprise Software Foundation (RESF ), the entity behind Rocky. Linux. “With Rocky version 8, we used Koji, Fedora’s build system. But, with version 9, CIQ created a completely cloud-native build stack called Peridot that we donated to RESF and released as open source to the world. Peridot allows anyone to recreate, build, improve and manage Rocky Linux like we do. Plus, every release of Rocky Linux is 100% built in the open, by the community, for the community. They come with all of our infrastructure and secure hardware like keys and secure boot wedges managed by the RESF. It’s our commitment to our users and our community from day one, ensuring that Rocky Linux is always freely available and community-controlled.

Increased use of Rocky Linux

Data made available by Fedora from the Additional Packages for Enterprise Linux (EPEL) usage metrics indicate a rapid increase in Rocky Linux usage among those with EPEL enabled. Specifically, the data shows that Rocky Linux usage exceeds that of CentOS Stream, AlmaLinux, and even RHEL. This is depicted graphically, courtesy of Michael Larabel of Photonix, where the data shows that usage figures continue to rise, outpacing all other Enterprise Linux variants. (Learn more about EPEL)

Build system details

Rocky Linux 9 was built with a community-developed, open-source, cloud-native build system called Peridot, built in Golang. Peridot was used to build Rocky Linux 9 for x86_64, aarch64, s390x, and ppc64le architectures. One of the main goals of developing the new build system was to ensure that new versions of Rocky could be released within a week of each new release of Red Hat Enterprise Linux. The source code for the build system is available here https://github.com/rocky-linux/peridot-releng, and soon it will be easily installable via Helm Charts for anyone to take advantage of.

Security enhancements

Security advancements in Rocky 9 include:

  • The use of SHA-1 message digest for cryptographic purposes is deprecated, as the cryptographic hash functions produced by SHA-1 are no longer considered secure.
  • OpenSSL is now version 3.0.1 with many improvements including provider concept, new version scheme, improved HTTP(S) client, support for new protocols, formats and algorithms, and more.
  • OpenSSH is now version 8.7p1 with many improvements, including replacing the SCP/RCP protocol with the SFTP protocol which provides more predictable filename handling.
  • SELinux performance, memory overhead, load time, etc. have been significantly improved.
  • Rocky Linux 9 supports automatic configuration of security compliance settings for PCI-DSS, HIPAA, DISA, and others directly through the Anaconda installer, saving time and effort in responding to complex requirements.

New Networking Features

Key networking changes in Rocky 9 include:

  • mptcpd or MultiPath TCP Daemon, can be used instead of iproute2 to configure MultiPath TCP endpoints.
  • NetworkManager now uses keyfiles to store new connection profiles by default, but still supports the use of ifcfg.
  • iptables-nft and ipset are now deprecated, which includes the utilities, iptables, ip6tables, ebtables, and arptables. These are all replaced by the nftables framework.
  • The network-scripts package has been removed. Use NetworkManager to configure network connections.

For detailed information on network-related changes, please visit the upstream link. The full Rocky 9 release notes are available here.

About Rocky Linux

Rocky Linux is an open source enterprise operating system designed to be 100% bug-for-bug compatible with Red Hat Enterprise Linux®. It was created by one of the original founders of CentOS, Gregory Kurtzer, to fulfill the original goals of CentOS as a production-ready downstream version of Red Hat Enterprise Linux. It is hosted by the Rocky Enterprise Software Foundation (RESF).

The RESF does not spend donations or sponsorship funds on marketing, so this press release is sponsored by CIQ. CIQ is the founding support and services partner of Rocky Linux and drives software infrastructure optimizations for enterprise, cloud, hyperscale and HPC.

Share the article on social networks or by e-mail: