How To Upgrade to Oracle Linux 9 from Oracle Linux 8

  • Blog
  • How To Upgrade to Oracle Linux 9 from Oracle Linux 8

Oracle Linux is an open-source distribution package that is freely distributed by Oracle licensed under GNU General Public License. The software was initially released in 2006; 16 years ago. Oracle Linux is an RHEL-based Operating system built and compiled from RedHat Enterprise Linux source code with the idea of replacing RedHat branding with Oracle’s. Oracle started exploring Linux in 1998 by offering commercial support to Oracle Database on Linux. Later on 25th October 2006, they announced their intention to offer Linux based system.

With continuous growth and development in the tech space, Oracle has been part to try and support the latest technologies. The latest version was officially released in 20 November 2024. In this guide, we are going to discuss how to Upgrade from Oracle Linux 8 to Oracle Linux 9. This new version of Oracle Linux is supported on the following architecture; Intel-64/AMD-64 (x86_64) and Arm (aarch64).

Oracle Linux 9 comes with new features which intend to improve the user experience with the system. These features include;

  • Security feature updates
  • Networking
  • High availability
  • File system improvements
  • Enhanced developer tools
  • Compilers
  • Scripting language support

Therefore, it is highly advisable for users running Oracle Linux 8 and earlier versions to upgrade to the new Oracle 9 Linux. This is because some features in those versions are deprecated and no longer supported by Oracle. This is also due to enhanced security amongst new features included in Oracle Linux 9.

Step by Step Upgrade to Oracle Linux 9 From Oracle Linux 8

In this, we are systematically going to take you through how you can successfully migrate from Oracle Linux 8 to Oracle Linux 9.

1: Upgrade Pre-requisites 

Set up means of access to your server. You opt to use SSH of Virtual Network Computing (VNC).

Migrate network-scripts if your current version was upgraded from Oracle Linux 8 and scripts were retained as well.

Confirm that indeed your system is Oracle Linux 8:

$ cat /etc/os-release 
NAME="Oracle Linux Server"
VERSION="8.10"
ID="ol"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="8.10"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Oracle Linux Server 8.10"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:oracle:linux:8:10:server"
HOME_URL="https://linux.oracle.com/"
BUG_REPORT_URL="https://github.com/oracle/oracle-linux"

ORACLE_BUGZILLA_PRODUCT="Oracle Linux 8"
ORACLE_BUGZILLA_PRODUCT_VERSION=8.10
ORACLE_SUPPORT_PRODUCT="Oracle Linux"
ORACLE_SUPPORT_PRODUCT_VERSION=8.10

Gracefully shut down any services running on the server and take a backup of your current server to create a restore point. 

2: Disable Secure boot and set Locale

Disable secure boot if it is enabled. Check the below command to check the status of a secure boot if you are not sure. 

sudo bootctl status
sudo mokutil --sb-state

Ensure that locale is set.

$ cat /etc/locale.conf 
LANG="en_US.UTF-8"

If not use the below command to set it.

sudo localectl set-locale LANG=en_US.UTF-8

Disable AllowZoneDrifting in the firewall configuration file to prevent leapp from being blocked. 

sed -i "s/^AllowZoneDrifting=.*/AllowZoneDrifting=no/" /etc/firewalld/firewalld.conf

3. Disable SELinux

You can temporarily disable SELinux (until the next reboot) by running:

sudo vim /etc/selinux/config
SELINUX=disabled

You can also:

  • Disable OS Management Service (OSMS) if your server is running on OCI and is using it. 
  • Unmount any network-mounted filesystems and hash out the same in /etc/fstab file. 

4: Yum / DNF / KVM configurations

If your server is running behind the proxy then configure the same in /etc/yum.conf file. Replace proxy-url with actual URL/IP of your proxy server and port with your proxy server port. 

$ sudo vim /etc/yum.conf
proxy=proxy-url:port

Clear any packages with lock versions if you installed the yum-plugin-versionlock

sudo dnf version lock clear

Ensure that all your system packages are up to date. 

sudo yum update -y

If you are upgrading from Oracle Linux 8 KVM hosts, shutdown all the VMs first. To list VMs in the host using virsh command. 

sudo virsh list --all

Now you can stop a specific VM by singling it out as below. 

sudo virsh shutdown <vm-name>

If your system is registered with ULN or ULN mirror, unregister the system. You can refer here or here to achieve this

Now reboot your Oracle Linux 8 system to apply changes. 

sudo reboot

4: Install Leapp in Oracle Linux 8

Install leapp utility and enable necessary repositories. 

sudo yum install -y leapp-upgrade

5: Upgrading Oracle Linux 8 to Oracle Linux 9 

Run pre-upgrade processes to ensure and confirm that your Oracle Linux 8 is indeed ready for the upgrade. This step is very important as it helps you clear any pending issue that might hinder the upgrade process. 

If you are using proxy server add its configuration in every repository in /etc/yum.repos.d/leapp-upgrade-repos-ol9.repo file. 

sudo sed -i '/^enabled=0.*/a proxy=http://proxy-host:proxy-port' /etc/yum.repos.d/leapp-upgrade-repos-ol9.repo

Run preupgrade to determine if the system is ready for the upgrade and do necessary fixing where necessary. 

sudo leapp preupgrade --enablerepo 'ol9_baseos_latest' --enablerepo 'ol9_appstream' --enablerepo 'ol9_UEKR7'

You will be provided with a report at the end as shown below.

To get details and how to resolve issues, especially inhibitors, access /var/log/leapp/leapp-report.txt file to read more.

 $ cat /var/log/leapp/leapp-report.txt
Risk Factor: high (inhibitor)
Title: Possible problems with remote login using root account
Summary: OpenSSH configuration file will get updated to OL9 version, no longer allowing root login with password. It is a good practice to use non-root administrative user and non-password authentications, but if you rely on the remote root login, this change can lock you out of this system.
Remediation: [hint] If you depend on remote root logins using passwords, consider setting up a different user for remote administration or adding a comment into the sshd_config next to the "PermitRootLogin yes" directive to prevent rpm replacing it during the upgrade.
Key: 3d21e8cc9e1c09dc60429de7716165787e99515f
----------------------------------------
Risk Factor: high 
Title: Remote root logins globally allowed using password
Summary: OL9 no longer allows remote root logins, but the server configuration explicitly overrides this default. The configuration file will not be updated and root is still going to be allowed to login with password. This is not recommended and considered as a security risk.
Remediation: [hint] If you depend on remote root logins using passwords, consider setting up a different user for remote administration. Otherwise you can ignore this message.
Key: e738f78bc8f3a84411a4210e3b609057139d1855
----------------------------------------
Risk Factor: high 
Title: GRUB2 core will be automatically updated during the upgrade
Summary: On legacy (BIOS) systems, GRUB2 core (located in the gap between the MBR and the first partition) cannot be updated during the rpm transaction and Leapp has to initiate the update running "grub2-install" after the transaction. No action is needed before the upgrade. After the upgrade, it is recommended to check the GRUB configuration.
Key: ac7030e05d2ee248d34f08a9fa040b352bc410a3
----------------------------------------
Risk Factor: medium 
Title: Default Boot Kernel
Summary: Setting default boot kernel in OL9 to UEK
Key: 536a8dee211d9f0998aa21f8e5bcd9f3beaf022d
----------------------------------------
Risk Factor: info 
Title: Excluded target system repositories
Summary: The following repositories are not supported by Oracle and are excluded from the list of repositories used during the upgrade.
- ol9_codeready_builder
Remediation: [hint] If some of excluded repositories are still required to be used during the upgrade, execute leapp with the --enablerepo option with the repoid of the repository required to be enabled as an argument (the option can be used multiple times).
Key: 1b9132cb2362ae7830e48eee7811be9527747de8
----------------------------------------
Risk Factor: info 
Title: LEAPP detected SELinux disabled in "/etc/selinux/config"
Summary: On OL 9, disabling SELinux in "/etc/selinux/config" is no longer possible. This way, the system starts with SELinux enabled but with no policy loaded. LEAPP will automatically disable SELinux using "SELINUX=0" kernel command line parameter. However, Oracle strongly recommends to have SELinux enabled
Related links:
    - Disabling SELinux: https://docs.oracle.com/en/operating-systems/oracle-linux/9/relnotes9.0/
Key: a32598d132c02dc20fd3daf631e85770623d3f8e
----------------------------------------
Risk Factor: info 
Title: SElinux disabled
Summary: SElinux disabled, continuing...
Key: 4f25fea9b15b9d1d07d52cc1de02073f295dac3d
----------------------------------------

In my case, the only critical issue is the inhibitor, to resolve this, I disable SSH root Login. Navigated to /etc/ssh/sshd_config and commented out the following line:

$ sudo vim /ect/ssh/sshd_config
#PermitRootLogin yes

Rerun a preupgrade command again. The report generated now should show no upgrade inhibitors. 

$ sudo leapp preupgrade --enablerepo 'ol9_baseos_latest' --enablerepo 'ol9_appstream' --enablerepo 'ol9_UEKR7'

Sample Output:

For GPK key issue, run the below command in your terminal, and if the output return only public key gpg-pubkey-ad986da3-5cabf60d then ignore the warning.

$ sudo rpm -qa | grep gpg-pubkey
Gpg-pubkey-ad986da3-5cabf60d

Provide Information to Leapp Answerfile. 

When the report file is generated also leapp answerfile is generated. This file should not be left blank as it may halt the upgrade process. Is an important file as it consists of specific verification checks that leapp performs on a system. 

A leapp answerfile may include information like the one shown below. 

[remove_pam_pkcs11_module_check]
# Title:                 None
# Reason:                Confirmation
# =================== remove_pam_pkcs11_module_check.confirm ==================
# Label:                 Disable pam_pkcs11 module in PAM configuration? If no, the upgrade  
#                         process will be interrupted.
# Description:           PAM module pam_pkcs11 is no longer available in RHEL-8 since it was 
#                         replaced by SSSD.
# Type:                  bool
# Default:               None
# Available choices: True/False
# Unanswered question. Uncomment the following line with your answer
# confirm =

Above is a sample of your answer file that the upgrade process will use for validation. To edit this file to allow confirmation of verification of  PAM module enables by running the below command.

sudo leapp answer --section remove_pam_pkcs11_module_check.confirm=True

Optionally, you can manually edit the file, under [remove_pam_pkcs11_module_check] section unhash confirm option and set it to True.

confirm = True

Run Upgrade on Oracle Linux 8

Now use leapp command to start the upgrade of Oracle Linux 8 to Oracle Linux 9

sudo leapp upgrade --oraclelinux

This may take sometime but is worth it

On completion, you will see the below message at the bottom of your screen. 

From the report, you are advised to reboot your system in order to complete the upgrade and boot on new Oracle Linux 9 Operating System.

sudo reboot

Now login to your server and confirm the current version. 

$ cat /etc/os-release 
NAME="Oracle Linux Server"
VERSION="9.5"
ID="ol"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="9.5"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Oracle Linux Server 9.5"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:oracle:linux:9:5:server"
HOME_URL="https://linux.oracle.com/"
BUG_REPORT_URL="https://github.com/oracle/oracle-linux"

ORACLE_BUGZILLA_PRODUCT="Oracle Linux 9"
ORACLE_BUGZILLA_PRODUCT_VERSION=9.5
ORACLE_SUPPORT_PRODUCT="Oracle Linux"
ORACLE_SUPPORT_PRODUCT_VERSION=9.5

Cheers!! We have successfully migrated from Oracle Linux 8 to Oracle Linux 9.

Conclusion

In this walkthrough, we have managed to upgrade from Oracle Linux 8 to Oracle Linux 9 which is the most recent version of the Oracle Linux distribution. Users can now benefit more with new features included in the new version as solutions to some bugs in previous versions. Don’t hesitate, upgrade to stay safe and up to date.

Similar articles:

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

  • Learn at your own pace
  • Access expert-led premium content
  • Gain in-demand IT certification tips and practice questions
  • Master essential skills: Linux, Scripting and Automation, Kubernetes, Cloud, IaC, GitOps, DevOps, Cybersecurity, and more.

Be the first to know when we launch! Join our waitlist now.

Join Waiting List
Twitter Facebook Linkedin Whatsapp Reddit

Join our Linux and open source community. Subscribe to our newsletter for tips, tricks, and collaboration opportunities!

Recent Post

Categories

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Post

Install Nextcloud on Oracle Linux 9 | AlmaLinux 9

Nextcloud is a free and open-source syncing and file sharing server. It is self-hosted and allows companies to have a […]

  • NO COMMENTS
  • January 30, 2025
Count Lines of Source Code on Linux Using Tokei

What is Tokei and how is it useful to developers? Tokei is a very powerful program that is used to […]

  • NO COMMENTS
  • January 30, 2025
Install and Use aaPanel on Rocky Linux 9 | AlmaLinux 9

The aaPanel is a free and open-source control panel used to manage hosting services such as websites, databases, Docker containers, […]

  • NO COMMENTS
  • January 30, 2025

You can connect with CloudSpinx using the following channels

Hosting Services  
Consultancy Services
Development Services
Networking Services
  • Structured Cabling
  • Firewall solutions
  • Smart Home Solutions
  • Internet filtering
  • Surveillance
  • Communication
Storage & Backup
  • NAS / SAN Storage
  • Software-defined storage (SDS)
  • OS / Apps Backups
  • CCTV Backups
  • Data Recovery
Office Services
Business Applications
  • ERP
  • CRM
  • POS
  • Project Management
  • Communication
  • Communication & Collaboration
  • Accounting & Finance
  • Asset Management
  • E-commerce Platforms
  • Business intelligence
Latest Articles
Newsletter
Follow Us
X-twitter Linkedin Facebook-f Github
Contact US
© Copyright 2025 CloudSpinx Limited
Download CloudSpinx Profile!

Cancellation Policy

Refund Policy

TOS

Let's Connect

Unleash the full potential of your business with CloudSpinx. Our expert solutions specialists are standing by to answer your questions and tailor a plan that perfectly aligns with your unique needs.
You will get a response from our solutions specialist within 12 hours
We understand emergencies can be stressful. For immediate assistance, chat with us now

Contact CloudSpinx today!

Download CloudSpinx Profile

Discover the full spectrum of our expertise and services by downloading our detailed Company Profile. Simply enter your first name, last name, and email address.