En this version You're going to encounter profound changes in security, storage, networking, virtualization, post-quantum cryptography, containers, and development toolsFurthermore, there are significant updates regarding supported architectures (including RISC-V), the Anaconda installer, and the desktop experience, which now definitively revolves around Wayland. If you're coming from Rocky 10.0, the upgrade is straightforward; if you're coming from Rocky 8 or 9, things change, and you'll need to carefully plan the migration.
Rocky Linux 10.1: what it is and how to update
Rocky Linux 10.1 (RL 10.1) is presented as the latest minor version of the Rocky Linux 10 branchBased on the same code tree as RHEL 10.1, it maintains the Linux 6.12 kernel as its base, inherits all the fixes and stability improvements of Enterprise Linux 10.1, and adds the work of the Rocky community to offer installable images, cloud, containers, and live versions ready for production.
If you're already using Rocky Linux 10.0, the procedure to update the system is straightforward: simply run sudo dnf -y upgrade (o dnf -y upgrade as root) or use graphical tools such as GNOME Software or KDE Discover. The system will update to Rocky Linux 10.1 while preserving your configuration and installed packages.
However, there is no official support for direct jumps from one major version to anotherIf you work with Rocky 8.x or 9.x, the recommendation is clear: perform a clean installation of Rocky Linux 10.1 and restore data and configuration backups. Rocky Linux does not support in-place upgrades between major branches, so you'll need to plan a maintenance window.
Users coming from other Enterprise Linux 10 distributions (e.g., other RHEL 10 compatible variants) can take advantage of the migrate2rocky tools To convert the existing system into a fully functional Rocky Linux 10, always following the official instructions and making prior backups.
Supported architectures and hardware updates
Rocky Linux 10.1 expands and consolidates its support for multiple hardware platforms, maintaining its position as A distribution suitable for servers, mainframes, ARM, and experimental environments such as RISC-V.
Available platforms and architectures
In this release, Rocky Linux 10.1 is officially available for the following 64-bit architectures:
- x86-64-v3 (x86_64) for modern 64-bit AMD/Intel processors that implement at least the v3 microarchitecture level.
- riscv64 for 64-bit RISC-V systems, an expanding architecture that is especially interesting in the educational and research fields.
- aarch64 (64-bit ARMv8.0-A) for servers and modern ARM boards.
- ppc64le for IBM POWER10 and later systems in little endian format.
- s390x for IBM z15 mainframes and higher.
They remain available Installable and live ISOs For x86-64-v3 and aarch64, there are GNOME and KDE Plasma desktops, while the other architectures have installable images geared towards servers and cloud environments. In the specific case of RISC-V, support is still considered secondary in the Rocky Linux ecosystem, but the foundation is already in place.
Specific support for RISC-V
The Rocky Linux Release Engineering team has worked intensively to make Rocky 10 work on a number of systems. concrete implementations of RISC-VIn practice, this translates into support for platforms such as StarFive VisionFive 2 (VF2), virtualized environments with QEMU, and the SiFive HiFive Premier P550 board.
However, there are known issues with kernel 6.12.0-124.8.1 on certain RISC-V systemsFor this reason, Rocky labels RISC-V as a secondary architecture and advises against updating the kernel on production machines yet. The recommendation is to update the rest of the system using, for example, the command dnf upgrade --exclude='kernel*' --exclude='kmod*' to avoid kernel jumps until the problems are resolved.
x86-64-v3 Microarchitecture Levels
Rocky Linux 10 establishes the minimum base in x86 as x86-64-v3 microarchitectureThis standard uses the instruction set available in Intel Haswell and later processors as a reference. This means that some older processors will no longer be supported.
On the Intel side, only certain generations of Intel Atom (such as the Gracemont family) They manage to implement x86-64-v3; other models, for example Atom Parker Ridge or Atom x6416RE from the Elkhart Lake series, do not meet this requirement and are therefore not compatible with Rocky Linux 10.
As for AMD, the adoption of x86-64-v3 was introduced with the Excavator microarchitectureThis means that CPUs older than Excavator may not function correctly with Rocky Linux 10 due to a lack of certain necessary CPU extensions. If in doubt, it's a good idea to check the instructions supported by your processor before deploying Rocky Linux 10.1 to production.
Changes to the installer, images, and system creation
The installation experience also takes a step forward with a Anaconda revamped on Rocky Linux 10, which introduces security changes, in remote access and in the way of managing additional repositories during installation.
Anaconda: a safer and more modern installation
One of the most visible changes is that the The root account is disabled by default.During installation, Anaconda encourages you to create an administrative user with full sudo privileges to manage the system. If you choose to set a password for root, you can create standard user accounts without privileges. This approach aligns with current security best practices.
Another important change is that, for remote graphical access during installation, RDP (Remote Desktop Protocol) replaces VNCThis affects both kernel boot options and the tools used to install Rocky unattended or remotely.
Furthermore, Anaconda's graphical interface no longer allows Add third-party repositories during installation through the GUI itself. If needed additional repos From the beginning, you have to use the startup option inst.addrepo or Kickstart files, which reinforces a clearer and more reproducible control of the installation.
Image Builder: New WSL2 and Vagrant Images
The component ImageBuilder It has been updated to generate images designed to integrate Rocky Linux into new scenarios. It is now possible to create images prepared for WSL2 (Windows Subsystem for Linux) and for environments Vagrant with libvirt backendThis opens the door to more agile workflows in development, testing, and training.
Kernel and internal system changes
Rocky Linux 10.1 maintains the version as its default kernel 6.12.0inheriting fixes and performance improvements, but also introducing important decisions about features that are considered obsolete, insecure or unmaintainable.
Certain kernel features have disabled by default when marked as obsolete or unsafeIn very specific cases where they are still needed, it is possible to reactivate them by adding the startup argument. rh_waived on the kernel command line, although this is not recommended for new deployments.
In terms of process scheduling, the Rocky Linux 10 kernel adopts the scheduler EEVDF (Earliest Eligible Virtual Deadline First) replacing CFS. EEVDF is designed to improve the responsiveness of latency-sensitive tasks, providing shorter time slices for interactive processes and offering a smoother experience in mixed loads (services, desktop, containers, etc.).
Network, DHCP, and interface aggregation
The network stack is significantly revamped in Rocky Linux 10, and 10.1 inherits all these changes, consolidating the transition towards NetworkManager as the central component of network configuration.
NetworkManager permanently replaces the ifcfg scripts
Old network scripts ifcfg-rhFeatures that were maintained for compatibility in versions 9.x disappear completely in Rocky Linux 10. From this version onwards, NetworkManager is the only supported path to manage the system's network configuration.
This implies practical consequences:
- Files with a prefix ifcfg- located in
/etc/sysconfig/network-scripts/They cease to be supported. - The commands Ifup y ifdown are no longer available.
- Legacy scripts such as ifup-local or other old hooks stop working.
- The network configuration files are now stored under
/etc/NetworkManager/system-connections/, in formats consumed directly by NetworkManager.
The recommended tool for managing the network is, therefore, NetworkManager along with its nmcli, nmtui, and nmstate interfaces, both for console environments and for automated and orchestration integrations.
DHCP client and server
With Rocky Linux 10, the traditional DHCP client also gives way to more integrated solutions. DHCP client implementation becomes part of an internal subsystem of NetworkManagerThe old package dhcp-client It is being discontinued and no longer receives upstream support, so its return should not be expected.
On the server side, the veteran ISC DHCP solution, already declared end-of-life, is replaced by Kea DHCPKea offers a modular design, higher performance, and a more modern configuration model, making it the recommended option in Rocky Linux 10 for deploying DHCP services in corporate networks.
Bonding versus NIC teaming
The functionality of NIC teamingThe feature, which was already marked as obsolete in previous versions, is completely removed in Rocky Linux 10. Instead, it is recommended to use interface bonding To add network links with redundancy or higher bandwidth. This may require reviewing older configurations and migrating them to the bonding syntax supported by NetworkManager.
Storage and improvements in XFS
In the area of ​​storage, Rocky Linux 10.1 includes updates, additions, and removals of various storage device drivers, aligning with the current state of kernel 6.12 and the drivers supported by the enterprise community.
The file system XFS He is one of the biggest beneficiaries of this release. Now it's possible Analyze and debug mounted XFS systems using the xfs_scrub toolThis is especially useful for detecting inconsistencies and internal problems without having to dismantle critical volumes.
Furthermore, in certain scenarios, XFS now allows reduce file system size with xfs_growfsTraditionally, XFS was associated only with volume expansions, but these new features provide more flexibility when managing large volumes of data in environments where disk space and layout change over time.
Security enhancements and post-quantum cryptography
Rocky Linux 10.1 is making a strong bet on the long-term security and preparedness against future threats, following in the footsteps of Enterprise Linux 10.0 but going one step further.
System cryptographic policies
Global cryptographic policies (crypto-policies) have been updated to include Post-quantum cryptography (PQC) algorithms enabled by default in all policiesThis means that, whenever possible, the system prioritizes algorithms that are resilient against potential attacks from quantum computers.
In OpenSSL, Rocky Linux 10.1 prioritizes post-quantum algorithms over classical ones When the context allows, these algorithms have also been enabled in more libraries and policies, including GnuTLS. In this way, communications and data protected today will be better prepared against future threats where traditional cryptography may prove insufficient.
New signature and hardening tools
Support is added for Sequoia PGP as an RPM package signing toolproviding a modern and flexible alternative when managing the trust chain of installed software.
In the SSH environment, the following are restored stricter permissions for host keysswitching to a 0600 mode instead of the 0640 seen in previous configurations. This hardening reduces the attack surface in case of untrusted local users.
In addition, the default password hashing algorithm for new users becomes yescryptYescrypt replaces older algorithms and is designed to be secure against brute-force attacks by leveraging GPUs and specialized hardware, while also strengthening local password storage.
Soft reboots: production-oriented rapid reboots
One of the most striking new features of Rocky Linux 10.1 is the introduction of the soft reboots based on systemdwhich allow restricted restarts to the userspace without needing to completely shut down the machine.
With this functionality, it is possible Applying many patches and configuration changes by restarting only user services and processesThis keeps the kernel loaded. This significantly reduces downtime, which is especially valuable on servers that need to be available virtually 24/7.
The functionality is documented in the manual page systemd-soft-reboot.service, where their limitations and recommended scenariosBefore using it in production, it is advisable to carefully review this documentation, as not all updates can be resolved with a soft reboot and, in some cases, a full reboot will still be necessary.
Virtualization: new daemon model and changes in tools
The virtualization subsystem also receives important adjustments which affect both the way hypervisors are managed and the virtual machine management tools.
The classic monolithic daemon libvirtd becomes deprecated in Rocky Linux 10. Instead, it is recommended to use the set of libvirt modular daemons and socketsThese features separate functionalities and improve security and scalability. The upstream documentation explains the differences in detail and how to migrate from the old model to the new one.
It is also marked as The i440fx type virtual machine is obsolete., directing users towards other more modern and supported types of virtual machine, such as Q35.
Finally, the well-known graphics tool Virtual Machine Manager (virt-manager) It is also listed as deprecated, and Rocky Linux points to Cockpit as a natural replacement for the graphical administration of virtual machines and services, integrating everything into a single web console.
Containers and Podman 5
In the area of ​​containers, Rocky Linux 10 incorporates Podman 5 with a series of changes aimed at improving performance, compatibility and efficiency in multi-architecture environments.
The most notable change is that the default container runtime is now crun, replacing runcCrun is lighter and faster, and is better suited to systems with Control Groups v2 (cgroup v2), which is the default version of cgroups in Rocky Linux 10.
Within Podman 5, the use of network mode is discouraged. slirp4netnswhich is marked as deprecated, and options are added for Configure retries and delays in image push and pull operationsThis is very useful when working with unreliable remote logs or unstable connections.
Support is also being strengthened for multi-architecture imagesallowing for easier management of deployments that combine x86, ARM and other architectures from the same image manifests.
Likewise, Podman 5 maintains and consolidates support for Quadlets, a feature introduced in Podman 4.4 that allows managing containers using declarative systemd unitsThis makes it easier for containers to behave like system services, with automatic startup, restarts, dependencies, etc.
Package, language, and server management
The software and development side is also evolving, with a balance between stability and updates of key versions.
DNF and modularity
In Rocky Linux 10.1, the DNF modularity functionality declares itself as deprecatedAlthough it is still present for now, the intention is to remove it in a future major version of Rocky Linux, so it is advisable to avoid configurations that are too dependent on modules and plan alternatives, especially in internal repositories.
Dynamic languages ​​and servers
In the area of ​​dynamic languages, Rocky Linux 10.1 includes new versions such as Node.js 24, aligned with current backend and frontend development needs.
Regarding web and application servers, the following are updated, among others: Apache HTTP server version 2.4.63It incorporates security fixes and improvements to modules widely used in production. Combined with new cryptographic policies and PQC support, this makes it a solid foundation for mission-critical sites and APIs.
Furthermore, in the broader realm of server software and languages, Rocky Linux 10.1 brings recent versions of .NET 10, OpenJDK 25, Valkey 8 and other key components, as well as toolchain updates for languages ​​such as Rust and Go, which are detailed in the compilers section.
Compilers, toolchains, and development tools
For developers and continuous integration teams, Rocky Linux 10.1 comes loaded with Updates to compilers and performance analysis and debugging tools.
System Toolchain
The system toolchain in Rocky Linux 10.1 consists of, among other things, key components:
- GCC 14.3 as the default C/C++ compiler.
- glibc 2.39 as the system's standard C library.
- Annobin 12.99 for compilation annotations that aid in security auditing.
- binutils 2.41 with classic binary linking and manipulation tools.
Additionally, as selectable toolsetsRocky Linux 10.1 integrates even more recent versions for certain stacks:
- GCC 15 as an advanced compiler suite for those who need the latest compiler features.
- GoToolset 1.24 for developments in Go.
- LLVM Toolset 20 with clang and other components of the LLVM ecosystem.
- Rust Toolset 1.88 for projects written in Rust that require a modern version.
In summary, a balance is offered between stable toolchain and cutting-edge options without breaking the binary compatibility of the base distribution.
Performance and debugging tools
Rocky Linux 10.1 incorporates updated versions of several tools geared towards diagnosis, debugging and performance analysis:
- GDB 16.3, the reference debugger for C/C++ applications and other languages.
- Valgrind 3.25.1, ideal for detecting memory leaks and access errors.
- System Tap 5.3 for dynamic kernel instrumentation and applications.
- Dyninst 13.0.0 for dynamic analysis and modification of binaries.
- elfutils 0.193 to work with ELF formats.
- libabigail 2.8 for binary compatibility analysis of interfaces (ABI).
Desktop environment and graphical experience
At the desktop level, Rocky Linux 10 consolidates the ecosystem's move towards Wayland. In this branch, Wayland replaces the X.Org graphics server as the main technology for graphic sessions.
Applications that still rely on X11 can continue to function thanks to XwaylandA compatibility layer allows most X11 clients to run without a traditional X server. However, some applications and desktop components have been replaced or adjusted since Rocky Linux 10.0, so it's recommended to review the 10.0 release notes for a complete list of desktop application changes.
RL Web Console (Cockpit) and web administration
Cockpit, the Rocky Linux web administration consoleIt also receives some love in this version. The interface is updated with a visual style based on PatternFly 6which provides a cleaner and more consistent experience with the rest of the modern administration tools.
With Cockpit it's possible manage services, virtual machines, storage, users, and basic system monitoring from the browser, making it the preferred option for graphical administration in Rocky Linux 10 environments. This fits with the deprecation of tools like Virtual Machine Manager, centralizing administration in a single console.
Quality, testing, and known issues
As usual, Rocky Linux 10.1 has gone through a intensive testing processThis version combines manual validation and automated testing across a wide range of hardware configurations and use cases. Before its general availability, the testing community validated this version for approximately two weeks.
The project maintains specific documentation with the Rocky Release (v10.1) PlaybookThis is where testing artifacts, internal discussions, and the release checklist are collected. Anyone interested in participating in these tests for future versions can join the ~Testing channel on Rocky Linux's Mattermost, where much of the QA activity is coordinated.
Regarding known issuesThe testing team indicates that no critical issues of a general nature have been detected for this version. However, there are reported problems in the upstream of Enterprise Linux, as well as the one already mentioned. Incident with kernel 6.12.0-124.8.1 on certain RISC-V platformsFor these architectures, the recommendation to avoid kernel updates in production environments for the time being remains in place.
Rocky Linux 10.1 establishes itself as a key upgrade for those requiring a reliable and modern enterprise platform, with Soft reboots to reduce downtime, improved XFS, post-quantum cryptography, a modern network stack, revamped virtualization tools, Podman 5, updated toolchains, and broad architecture supportAll of this, backed by an active community, a decade-long support cycle, and a clear commitment to binary compatibility with RHEL, makes it a very serious option for both new deployments and migrations from other Enterprise Linux distributions.
