Rocky Linux 9.0 is generally available for download now, with important security improvements and an updated package base.
After Red Hat released a stable version of its enterprise Linux distribution RHEL 9.0 two months ago, the business Linux market expected it to be followed by releases from the other “big three” players – AlmaLinux, Rocky Linux, and Oracle Linux.
All three distributions are based on Red Hat Enterprise Linux and provide 1:1 binary compatibility with it. Recently, AlmaLinux 9.0 and Oracle Linux 9.0 have already released their RHEL 9-based versions, and today Rocky Linux 9.0 completes the cycle. So let’s see what it brings us.
Rocky Linux 9 (Blue Onyx)
Rocky Linux 9.0, codenamed “Blue Onyx,” focuses on security. The SHA-1 message digest for cryptographic purposes has been deprecated. Because of numerous known successful attacks based on identifying hash collisions, the digest produced by SHA-1 is not considered secure.
OpenSSL 3.0.1 is now available, including a provider concept, a new versioning method, an enhanced HTTP(S) client, support for additional protocols, formats, algorithms, and many other enhancements.
On top of that, OpenSSH is distributed in version 8.7p1, which has numerous advancements, bug fixes, and security improvements. Furthermore, Rocky Linux 9.0 prohibits users from logging in as root via SSH with a password to avoid brute force attacks on passwords.
Apart from those mentioned above, SELinux performance has been improved, including the time it takes to load SELinux policy into the kernel, memory overhead, and other parameters.
But now it’s time to address something that stood out to us and on which we want to focus our readers’ attention.
It’s about Peridot, the new build system utilized in Rocky Linux 9. Until the 9.0 release, Rocky Linux was built with the Koji build tool, which the Fedora Project initially developed. However, it was developed for physical hardware rather than cloud-native systems.
As we all know, cloud computing is one of the major driving forces in the IT sector these days, and Rocky Linux 9.0 bets wisely on it. Anyone can use Peridot to recreate the exact steps taken by Rocky Linux engineers during the distribution building process.
If you’re wondering what this means in practice, let us give you an example right away. Companies that rely on enterprise Linux distros can rebuild Rocky Linux 9.0 but include additional packages to give specific cloud functionality that is needed but not provided by default in the distribution.
As a result, the flexibility and adaptability of the distro in a cloud environment rise significantly, and we can only admire Rocky Linux’s intelligent approach in this case.
Under the hood, Rocky Linux 9.0 comes with Linux kernel 5.14 and systemd 250-6. In addition, XFS now enables Direct Access (DAX) operations, which provide direct access to byte-addressable persistent memory while avoiding the latency associated with typical block I/O conventions.
It’s worth noting that the official announcement also highlights the desktop side of things. This is interesting given that this distro mainly focused on the server Linux market. So, if you plan to use Rocky Linux 9.0 as a desktop system, you get GNOME 40, which runs on Wayland by default, and the availability of the Pipewire audio server.
Last, we will not overlook one of the most key aspects for developers and system administrators – the language runtimes and tools.
They will not be disappointed because they will find plenty of application updates, including Node.js 16, Perl 5.32, PHP 8.0, Python 3.9, Ruby 3.0, Git 2.31, Subversion 1.14, Apache 2.4.51, Nginx 1.20, Varnish Cache 6.6, Squid 5.2, MariaDB 10.5, MySQL 8.0, PostgreSQL 13, Redis 6.2, LLVM Toolset 13.0.1, Rust Toolset 1.58.1, Go Toolset 1.17.7, GCC 11.2.1, Grafana 7.5.11, Maven 3.6, and Ant 1.10.
Rocky Linux 9.0 comes with ten years of support until May 2032. You can visit the official announcement or check the release notes for additional information about the latest release.
The distro is available for four architectures, including x86_64, aarch64, ppc64le, and s390x, and can be freely downloaded from the project website.
However, since the full installation DVD file is large, 7.9 GB, the recommended way to download it is to use a tool like wget. So, go right ahead and use it.