Chapter 1. Overview

1.1. Major changes in RHEL 9.4

Installer and image creation

Key highlights for RHEL image builder:

  • From the RHEL 9.4 release distribution and onwards, you can specify arbitrary custom mount points, except for specific paths that are reserved for the operating system.
  • You can create different partitioning modes, such as auto-lvm, lvm, and raw.
  • You can customize tailoring options for a profile and add it to your blueprint customizations by using selected and unselected options, to add and remove rules.

For more information, see New features - Installer and image creation.

RHEL for Edge

Key highlights for RHEL for Edge:

  • You can now create FIPS compliant RHEL for Edge images.
  • With this Technology Preview, you can now use the FDO onboarding process by storing and querying Owner Vouchers from the Sqlite or Postgresql databases.

For more information, see New features - RHEL for Edge.

Security

The SELinux userspace release 3.6 introduces deny rules for further customizing SELinux policies.

The Keylime server components, the verifier and registrar, are available as containers.

The Rsyslog log processing system introduces customizable TLS/SSL encryption settings and additional options that relate to capability dropping.

The OpenSSL TLS toolkit adds a drop-in directory for provider-specific configuration files.

The Linux kernel cryptographic API (libkcapi) 1.4.0 introduces new tools and options. Notably, with the new -T option, you can specify target file names in hash-sum calculations.

The stunnel TLS/SSL tunneling service 5.71 changes the behavior of OpenSSL 1.1 and later versions in FIPS mode. Besides this change, version 5.71 provides many new features such as support for modern PostgreSQL clients.

See New features - Security for more information.

Dynamic programming languages, web and database servers

Later versions of the following Application Streams are now available:

  • Python 3.12
  • Ruby 3.3
  • PHP 8.2
  • nginx 1.24
  • MariaDB 10.11
  • PostgreSQL 16

The following components have been upgraded:

  • Git to version 2.43.0
  • Git LFS to version 3.4.1

See New features - Dynamic programming languages, web and database servers for more information.

Compilers and development tools

Updated performance tools and debuggers

The following performance tools and debuggers have been updated in RHEL 9.4:

  • Valgrind 3.22
  • SystemTap 5.0
  • elfutils 0.190
Updated performance monitoring tools

The following performance monitoring tools have been updated in RHEL 9.4:

  • PCP 6.2.0
Updated compiler toolsets

The following compiler toolsets have been updated in RHEL 9.4:

  • GCC Toolset 13
  • LLVM Toolset 17.0.6
  • Rust Toolset 1.75.1
  • Go Toolset 1.21.7

For detailed changes, see New features - Compilers and development tools.

Identity Management

Key highlights for Identity Management:

  • You can enable and configure passwordless authentication in SSSD to use a biometric device that is compatible with the FIDO2 specification, for example a YubiKey.

See New Features - Identity Management for more information.

Virtualization

RHEL 9.4 introduces full support for KVM virtual machines on the 64-bit ARM architecture.

In addition, external snapshot for virtual machines are now fully supported and have become the default mechanism for a number of snapshot operations.

For more information about virtualization features introduced in this release, see New features - Virtualization.

Containers

Notable changes include:

  • The podman farm build command for creating multi-architecture container images is available as a Technology Preview.
  • Podman now supports containers.conf modules to load a predetermined set of configurations.
  • The Container Tools packages have been updated.
  • Podman v4.9 RESTful API now displays data of progress when you pull or push an image to the registry.
  • SQLite is now fully supported as a default database backend for Podman.
  • Containerfile now supports multi-line HereDoc instructions.
  • pasta as a network name has been deprecated.
  • The BoltDB database backend has been deprecated.
  • The container-tools:4.0 module has been deprecated.
  • The Container Network Interface (CNI) network stack is deprecated and will be removed in a future release.

See New features - Containers for more information.

1.2. In-place upgrade

In-place upgrade from RHEL 8 to RHEL 9

The supported in-place upgrade paths currently are:

  • From RHEL 8.8 to RHEL 9.2, and RHEL 8.10 to RHEL 9.4 on the following architectures:

    • 64-bit Intel
    • 64-bit AMD
    • 64-bit ARM
    • IBM POWER 9 (little endian) and later
    • IBM Z architectures, excluding z13
  • From RHEL 8.6 to RHEL 9.0 and RHEL 8.8 to RHEL 9.2 on systems with SAP HANA

For more information, see Supported in-place upgrade paths for Red Hat Enterprise Linux.

For instructions on performing an in-place upgrade, see Upgrading from RHEL 8 to RHEL 9.

If you are upgrading to RHEL 9.2 with SAP HANA, ensure that the system is certified for SAP before the upgrade. For instructions on performing an in-place upgrade on systems with SAP environments, see How to in-place upgrade SAP environments from RHEL 8 to RHEL 9.

Notable enhancements include:

  • New logic has been implemented to determine the expected states of the systemd services after the upgrade.
  • Locally stored DNF repositories can now be used for the in-place upgrade.
  • You can now configure DNF to be able to upgrade by using proxy.
  • Issues with performing the in-place upgrade with custom DNF repositories accessed by using HTTPS have been fixed.
  • If the /etc/pki/tls/openssl.cnf configuration file has been modified, the file is now replaced with the target default OpenSSL configuration file during the upgrade to prevent issues after the upgrade. See the pre-upgrade report for more information.

In-place upgrade from RHEL 7 to RHEL 9

It is not possible to perform an in-place upgrade directly from RHEL 7 to RHEL 9. However, you can perform an in-place upgrade from RHEL 7 to RHEL 8 and then perform a second in-place upgrade to RHEL 9. For more information, see Upgrading from RHEL 7 to RHEL 8.

1.3. Red Hat Customer Portal Labs

Red Hat Customer Portal Labs is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are:

1.4. Additional resources

Capabilities and limits of Red Hat Enterprise Linux 9 as compared to other versions of the system are available in the Knowledgebase article Red Hat Enterprise Linux technology capabilities and limits.

Information regarding the Red Hat Enterprise Linux life cycle is provided in the Red Hat Enterprise Linux Life Cycle document.

The Package manifest document provides a package listing for RHEL 9, including licenses and application compatibility levels.

Application compatibility levels are explained in the Red Hat Enterprise Linux 9: Application Compatibility Guide document.

Major differences between RHEL 8 and RHEL 9, including removed functionality, are documented in Considerations in adopting RHEL 9.

Instructions on how to perform an in-place upgrade from RHEL 8 to RHEL 9 are provided by the document Upgrading from RHEL 8 to RHEL 9.

The Red Hat Insights service, which enables you to proactively identify, examine, and resolve known technical issues, is available with all RHEL subscriptions. For instructions on how to install the Red Hat Insights client and register your system to the service, see the Red Hat Insights Get Started page.

Note

Public release notes include links to access the original tracking tickets, but private release notes are not viewable so do not include links.[1]


[1] Public release notes include links to access the original tracking tickets, but private release notes are not viewable so do not include links.