Learn how to upgrade Rocky Linux 9 to 10 step-by-step using Leapp. Ensure a smooth, secure, and efficient transition with our comprehensive guide covering preparation, execution, troubleshooting, and post-upgrade optimization. #centlinux #linux
Table of Contents
Introduction
If you’re running Rocky Linux 9, you might be wondering whether it’s the right time to upgrade to version 10. With the release of Rocky Linux 10, users gain access to the latest innovations in performance, security, and stability—all critical for enterprise and server environments. Whether you’re a seasoned system administrator or a curious enthusiast, this guide will help you navigate the upgrade process smoothly, securely, and confidently.
Rocky Linux, a community-driven fork of Red Hat Enterprise Linux (RHEL), is trusted by countless organizations for its reliability and open-source principles. With each new major version, the team brings significant enhancements, such as improved kernel versions, updated toolchains, security modules, and hardware support.
Upgrading an OS is not just about getting the latest features—it’s about ensuring long-term support, staying secure, and maintaining compatibility with new applications and services. And while Rocky Linux 10 doesn’t reinvent the wheel, it does polish it with efficiency improvements, better container support, and tighter SELinux integrations.
In this article, we’ll go step by step through the upgrade process—from initial preparation to post-upgrade optimization. Whether you’re upgrading a single development machine or managing a fleet of servers, these instructions will help ensure a smooth transition.

Preparing for the Upgrade
Check System Requirements
Before jumping into the upgrade, you must ensure that your hardware is compatible with Rocky Linux 10. While Rocky Linux maintains backward compatibility with most RHEL-supported hardware, it’s still crucial to check requirements, especially for older machines.
Minimum system requirements for Rocky Linux 10:
Component | Minimum Requirement |
---|---|
CPU | 64-bit x86_64 processor |
RAM | 2 GB (4 GB recommended) |
Disk Space | 20 GB (40 GB recommended) |
Network Adapter | Ethernet or Wi-Fi |
BIOS/UEFI | UEFI preferred for modern security features |
It’s also wise to ensure you’re using supported file systems like XFS or ext4. If your system runs on something more exotic or outdated, compatibility issues might arise during or after the upgrade.
Also, check the installed software stack. Custom kernel modules, drivers, or third-party applications may not be fully compatible with Rocky Linux 10. Take note of mission-critical tools and investigate whether updates or alternatives exist.
Lastly, verify that your system is currently running the latest minor version of Rocky Linux 9 (e.g., 9.4) before proceeding. This ensures a smoother, more supported upgrade path.
Apple 2025 MacBook Air 13-inch Laptop with M4 chip: Built for Apple Intelligence, 13.6-inch Liquid Retina Display, 16GB Unified Memory, 256GB SSD Storage, 12MP Center Stage Camera, Touch ID; Sky Blue
$849.00 (as of July 3, 2025 20:40 GMT +00:00 – More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)Backup Your Data
There’s an old saying in IT: “If you don’t back it up, you don’t need it.” Nothing could be more true when performing a major system upgrade.
Even though most upgrades proceed without data loss, it’s risky to assume everything will go perfectly. A single misstep, power outage, or corrupted package can leave your system inoperable. That’s why backing up your files, databases, and system configurations is an absolute must.
What to back up:
- Home directories and user data
- Web server and database files (e.g., /var/www/, MySQL/MariaDB data)
- Configuration files from
/etc/
- Custom scripts or cron jobs
- SSH keys and access configurations
Recommended backup tools:
- rsync – Perfect for copying files between servers or to a backup directory.
- tar – Archive entire directories with
tar -czvf backup.tar.gz /your/directory
- Timeshift – Great for desktop environments.
- Clonezilla – Ideal for full disk imaging.
- Bacula or Duplicity – Enterprise-level backup solutions.
Store your backups on external drives, another server, or in cloud storage. Don’t keep them on the same system you’re upgrading—if the upgrade fails catastrophically, your backups should still be safe.
Take a snapshot if you’re using a virtual machine. That way, you can roll back instantly if things go south.
Update the Current System
Before launching the upgrade process, make sure your Rocky Linux 9 system is up to date. An outdated system is more prone to compatibility problems, broken dependencies, and failed upgrades.
Run the following commands:
sudo dnf update -y
This ensures all packages are at their latest versions and reduces the likelihood of running into upgrade blockers.
Next, remove unnecessary packages and clean up:
sudo dnf autoremove -y
sudo dnf clean all
Doing this not only clears space but also minimizes conflicts during the upgrade. Check if any held or manually installed packages might interfere with the process, especially if you’ve used custom repositories.
Also, verify that the kernel in use is up to date. You can check with:
uname -r
rpm -q kernel
If the running kernel is not the latest one installed, reboot into the newer one before proceeding. This is crucial as some upgrade steps depend on the active kernel version.
Understanding the Upgrade Process
In-Place vs Fresh Install
When planning to move from Rocky Linux 9 to 10, you’ll face a key decision: perform an in-place upgrade or go for a fresh installation. Both approaches come with advantages and trade-offs, and choosing the right one depends on your system usage, customization level, and downtime tolerance.
In-Place Upgrade
This method upgrades your existing operating system without wiping any data, settings, or applications. It preserves your current configurations and files, making it ideal for servers or machines with heavy customization.
Pros:
- Retains user data and configurations
- No need to reinstall apps or reconfigure settings
- Quicker than a full reinstall
Cons:
- Risk of leftover junk files or broken dependencies
- Some custom packages might break
- May carry over issues from the old system
Fresh Install
A clean installation erases your current OS and installs Rocky Linux 10 from scratch. While this ensures a “clean slate,” it does require backing up and manually restoring data and settings.
Pros:
- Guaranteed clean system
- Better performance and fewer bugs
- Ideal for systems that were previously unstable
Cons:
- Time-consuming
- All apps and settings must be reconfigured
- Higher risk of forgetting critical data
Which should you choose?
If you run critical infrastructure or heavily customized servers, an in-place upgrade using Leapp is typically the better route. For older machines, desktops, or systems with persistent issues, a fresh install may provide a more stable long-term solution.
Whichever method you pick, ensure thorough backups are in place and test the upgrade process in a staging environment if possible.
Risks and Considerations
Every major upgrade comes with a few potential pitfalls. Being aware of them ahead of time can save you headaches, especially in production environments.
1. Software Compatibility
Some third-party or custom-built software might not be compatible with Rocky Linux 10. Ensure your mission-critical tools support the newer libraries and kernel. Run test builds or consult vendors to confirm support.
2. SELinux Policies
Rocky Linux 10 may enforce stricter SELinux policies. If your services previously relied on permissive settings or outdated rules, they might fail to start post-upgrade. Check audit logs and prepare to re-label or modify rules as needed.
3. Deprecated Packages
Some tools or libraries available in Rocky Linux 9 may be deprecated in version 10. Use dnf repoquery
to check availability in the new version or search for replacements in EPEL or other community repositories.
4. System Downtime
Even with the fastest SSD and a fiber connection, upgrades can take time. Plan for at least 30–90 minutes of downtime depending on your setup, and notify users in advance if the server hosts public-facing services.
5. Disk Space Requirements
Ensure you have enough free disk space before beginning. Leapp creates snapshots and backup copies that can eat up several gigabytes.
Suggested checks:
df -h /
You should have at least 5–10 GB of free space on the root partition for a smooth upgrade.
6. Data Integrity
Use checksums or hashes to verify backups and critical files post-upgrade. If possible, test restore procedures before upgrading the live system.
In short, treat the upgrade like surgery—take the right precautions, prepare recovery tools, and test everything in a safe environment beforehand.
Setting Up Repositories
Enable Rocky Linux 10 Repositories
For an in-place upgrade to work properly, your system must fetch packages from the new Rocky Linux 10 repositories. This involves configuring the appropriate .repo
files and verifying GPG keys to maintain package authenticity.
Steps:
Install the Leapp upgrade tool:
sudo dnf install leapp-upgrade leapp-data-rocky -y
Set up Rocky Linux 10 repositories (this is usually handled automatically by Leapp during the upgrade). However, you can pre-configure for testing or troubleshooting:
sudo nano /etc/yum.repos.d/rocky.repo
Add the following example repository configuration for Rocky Linux 10:
[baseos]
name=Rocky Linux 10 - BaseOS mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-10
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
Import the correct GPG key:
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
Clear cache and verify the repo setup:
sudo dnf clean all
sudo dnf repolist
Ensure you see Rocky Linux 10 repositories listed and ready before running any upgrade commands.
Corsair Void v2 Wireless Gaming Headset with Bluetooth for PC, PS5, PS4, Switch, Mobile – Dolby Atmos, 70 Hr Battery, Dual Wireless, Lightweight, Fast Charging – Carbon
$89.99 (as of July 3, 2025 19:53 GMT +00:00 – More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)Disable Third-Party Repositories
Third-party repositories like EPEL, Remi, RPMFusion, or custom-made ones can break the upgrade process. These repositories may host packages that are incompatible with Rocky Linux 10 or override base system packages.
Why disable them?
- Prevent conflicts during dependency resolution
- Avoid installing outdated or unsupported packages
- Reduce the chance of broken upgrades
To disable all non-standard repos temporarily:
sudo sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/*.repo
You can re-enable them after the upgrade is complete and test package compatibility in the new environment.
Tip: Backup your current repo configuration:
cp -r /etc/yum.repos.d /etc/yum.repos.d.backup
This way, if anything goes wrong or you need to revert settings, your original configurations are still intact.
Performing the Upgrade
Using the Leapp Utility
Leapp is the official upgrade tool recommended by Rocky Linux for migrating from one major version to another. It handles dependency resolution, performs pre-upgrade checks, generates reports, and manages the entire upgrade process securely.
Install Leapp with:
sudo dnf install leapp leapp-upgrade leapp-data-rocky -y
Leapp requires Python 3, which is already included in most Rocky Linux installations. Once installed, it integrates into your system and allows safe execution of upgrades from command line.
Verify the Leapp version:
leapp version
This ensures you’re using a supported and up-to-date release of the tool.
Leapp also uses plugins to scan for known issues, block unsupported upgrades, and guide users through fixes. This proactive approach prevents failed boots and system crashes.
Running the Pre-upgrade Check
Before actually running the upgrade, execute a dry run to identify potential blockers:
sudo leapp preupgrade
This scan will take a few minutes and generate a report at:
/var/log/leapp/leapp-report.txt
What to look for:
- Unsupported drivers
- Incompatible Python modules
- Conflicting system services
- Custom kernels
- Deprecated packages
The report is human-readable and provides suggestions or commands to resolve issues. You must resolve all red (inhibitor) messages before you can proceed with the upgrade.
If needed, use the Leapp answer file to automate responses to prompts during upgrade:
sudo leapp answer --section remove_pam_pkcs11_module_check.confirm=True
After addressing all warnings and inhibitors, re-run the pre-upgrade to ensure a clean report.
Executing the Upgrade
Once your system passes the pre-upgrade checks and all repositories are correctly configured, it’s time to perform the actual upgrade using Leapp.
Step-by-step commands to start the upgrade:
- Run the upgrade:
sudo leapp upgrade
This command initiates the upgrade process. It will start downloading necessary packages, create a system snapshot, and prepare everything for the switch to Rocky Linux 10. - Reboot into the upgrade environment:
After the upgrade command completes, you’ll see a message prompting you to reboot. This step boots the system into a special Leapp environment that handles the core upgrade.sudo reboot
- Monitor the upgrade:
During the reboot, Leapp takes over. You’ll see a series of steps being executed in a non-interactive shell. This includes updating packages, adjusting configurations, and migrating services. It can take between 15–60 minutes depending on system specs and installed packages. - System reboots into Rocky Linux 10:
After the upgrade completes, the system will automatically reboot into the new OS.
Important Notes:
- Do not interrupt the process after rebooting.
- Ensure the machine is plugged into a power source if it’s a laptop.
- Avoid running heavy tasks during the upgrade as it may cause conflicts or performance issues.
After reboot, the upgrade should be done. But your job isn’t finished yet—now comes verification and cleanup.
Post-Upgrade Tasks
Verify the Upgrade
After rebooting into the upgraded system, the first task is to confirm that the upgrade actually succeeded and the OS version is indeed Rocky Linux 10.
Check the OS version:
cat /etc/os-release
You should see output similar to:
NAME="Rocky Linux"
VERSION="10 (Green Obsidian)"
Check the kernel version:
uname -r
Ensure the system is running a kernel that aligns with Rocky Linux 10 standards.
Review system logs:
Use journalctl
and dmesg
to inspect any warning or error messages:
sudo journalctl -p err -b
Test core services:
If you’re running web servers, databases, file sharing services, or VPNs, check their status:
sudo systemctl status nginx
sudo systemctl status mariadb
Make sure all essential daemons start properly and there are no service failures.
Re-enable Repositories and Services
If you disabled third-party repositories before the upgrade, you can now safely re-enable them. Make sure to only re-enable repositories that are compatible with Rocky Linux 10.
Steps:
Edit the .repo
files or restore the backup:
sudo cp -r /etc/yum.repos.d.backup/* /etc/yum.repos.d/
Re-enable and update third-party apps:
sudo dnf update -y
Check for package updates specific to those repos.
Also, validate firewall and network settings:
sudo firewall-cmd --list-all
ip a
Restart any services that rely on network connections and ensure SELinux rules are applied properly.
Finally, test SSH and remote access configurations, especially if you manage the system remotely.
Clean Up the System
Post-upgrade, your system may have leftover packages, old kernels, or temporary files that should be cleaned up to optimize performance and free up space.
Remove orphaned packages:
sudo dnf autoremove -y
Clean DNF cache:
sudo dnf clean all
Remove old kernels:
You can list kernels with:
rpm -q kernel
Remove outdated ones using:
sudo dnf remove kernel-oldversion
Update configuration files:
Check if any configuration files have .rpmnew
or .rpmsave
suffixes:
sudo find /etc -name "*.rpmnew"
sudo find /etc -name "*.rpmsave"
Manually compare and merge changes using tools like diff
, vimdiff
, or meld
.
Doing this ensures your system runs clean, fast, and stable with all settings in sync.
Bash Shell Scripting for Pentesters: Master the art of command-line exploitation and enhance your penetration testing workflows
$35.99 (as of July 3, 2025 20:40 GMT +00:00 – More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)Troubleshooting Common Issues
Boot Failures
One of the most nerve-racking problems after an upgrade is a failed boot. It could be due to kernel misconfiguration, driver issues, or incomplete upgrades.
Steps to fix:
Boot into the previous kernel using GRUB (press Esc
or Shift
during boot)
Use rescue mode:
sudo leapp rescue
Check /var/log/leapp/leapp-upgrade.log
for detailed errors
Reinstall the latest kernel:
sudo dnf reinstall kernel
If all else fails, restore from your backup or snapshot.
Network or Service Errors
It’s common for networking or certain services to misbehave after a major upgrade.
Symptoms:
- No IP address assigned
- Services not reachable
- Firewall rules missing
Fixes:
- Restart NetworkManager:
sudo systemctl restart NetworkManager
- Verify interface names (they might change):
ip link show
- Reapply custom firewall rules
- Disable and re-enable problematic services
Package Conflicts
Occasionally, two packages may require incompatible versions of a shared dependency. This results in DNF errors.
How to fix:
- Use
dnf repoquery
to identify conflicts - Remove conflicting packages manually
- Rebuild broken packages:
sudo dnf reinstall <package-name>
Check dnf history
to rollback the last few operations if needed.
Security and Performance Optimization
Applying Latest Patches
After a successful upgrade to Rocky Linux 10, it’s vital to immediately check for and apply the latest security patches. Even with a fresh system, vulnerabilities can exist if you haven’t pulled down the newest updates.
Run a full system update:
sudo dnf update -y
This ensures you’re patched against recent CVEs and bug fixes. It’s good practice to configure automatic security updates, especially for production servers.
Enable automatic updates:
Install the DNF automatic tool:
sudo dnf install dnf-automatic -y
Enable and start the service:
sudo systemctl enable --now dnf-automatic.timer
Customize the config file:
sudo nano /etc/dnf/automatic.conf
Set:
apply_updates = yes
emit_via = motd
Security isn’t just about patching. Revisit your firewall rules, disable unused services, and consider enabling two-factor SSH authentication or tools like Fail2Ban and auditd to harden your system.
Performance Tuning
After upgrading, performance tuning helps you get the most out of Rocky Linux 10. It ensures your system runs efficiently, especially under load.
Tips for better performance:
Disable unnecessary services:
systemctl list-unit-files | grep enabled
Turn off what you don’t use:
sudo systemctl disable bluetooth.service
Tune system I/O and CPU:
Use tuned
to apply performance profiles:
sudo dnf install tuned -y
sudo tuned-adm profile throughput-performance
Optimize filesystem:
Run regular filesystem checks and trim SSDs:
sudo fstrim -v /
Monitor with performance tools:
top
, htop
, iotop
, nmon
– for real-time analysis
systemd-analyze
– for boot performance
glances
– for a comprehensive overview
If you’re running web servers, databases, or virtual machines, tweak their configs for optimal RAM and CPU usage.
If you are looking for a Fresh Rocky Linux 10 installation. Then you can follow our detailed video tutorial to perform minimal installation of Rocky Linux 10.
Final Thoughts on Upgrading Rocky Linux
Is Rocky Linux 10 Worth the Upgrade?
Absolutely. Rocky Linux 10 builds on the robust foundation of version 9 but improves almost every aspect—security, performance, and modern tooling. It’s not just a cosmetic update. It brings support for the latest CPUs, containers, software libraries, and more streamlined system services.
Here’s a recap of key benefits:
- Updated kernel for better hardware compatibility
- Improved SELinux policies and security modules
- Systemd enhancements for faster boot and better logging
- Refined dnf package manager with performance boosts
- Enhanced container support (Podman, cgroups v2)
Upgrading isn’t a light task, especially in production environments, but it’s well worth the effort. With careful preparation, backups, and the use of tools like Leapp, the process becomes manageable and safe.
Rocky Linux 10 is a smart choice for anyone who values long-term stability, open-source support, and a RHEL-compatible enterprise system without licensing headaches.
Conclusion
Upgrading from Rocky Linux 9 to 10 is a significant yet rewarding journey. This comprehensive guide has walked you through every critical step—from pre-upgrade preparation to post-upgrade tuning. By now, you should have a fully functional Rocky Linux 10 system that’s clean, stable, and secure.
Take pride in the fact that you didn’t just install a new OS—you orchestrated a system transformation while preserving critical data and configurations. Whether you’re running a personal workstation or enterprise-grade infrastructure, staying up-to-date ensures maximum performance, better security, and access to the latest software ecosystem.
And remember: test in staging before rolling out to production. Take backups religiously. Keep a cool head when errors appear.
Here’s to your successful upgrade. Welcome to Rocky Linux 10!
Optimize your cloud infrastructure and secure your servers with my AWS and Linux administration services. Let’s ensure your systems run smoothly. Connect with me on Fiverr now!
Frequently Asked Questions (FAQs)
1. Can I downgrade back to Rocky Linux 9 after upgrading?
No, downgrading a major OS version isn’t officially supported. You’d need to reinstall Rocky Linux 9 from scratch and restore from backups.
2. How long does the upgrade process take?
It typically takes 30–90 minutes depending on hardware, internet speed, and package count. The Leapp upgrade phase itself is relatively quick, but the preparation and post-upgrade steps add time.
3. Will my applications still work after upgrading?
Most applications that were compatible with Rocky Linux 9 will work on 10, especially if sourced from EPEL or official repositories. However, custom software may need re-compilation or patches.
4. Do I need to reconfigure my firewall?
Usually no, but it’s smart to double-check firewall and SELinux settings post-upgrade. Some services might fail to start if permissions or policies have changed.
5. Is Leapp the only upgrade tool available?
Leapp is the official and safest tool for in-place upgrades. Other methods like fresh installs are valid but riskier if you’re aiming to retain system state.
Leave a Reply
You must be logged in to post a comment.