Unable to Downgrade Packages, only Newest Kernel Available?

I just spun up an instance of Rocky 9 in AWS. I was super excited to give it a try. Our policy dictates that we install CrowdStrike Falcon on our instances. For this, I need to make sure that we keep to specific kernel versions. After spinning it up, I’m only seeing an update to the most recent kernel version available (5.14.0-70.30.1.el9_0.x86_64).

I thought this was a little weird, as there are multiple versions in between the image and 70.30.1.

I put in some test configurations for some basic things, updated, and my nginx configuration stopped working. I attempted to downgrade nginx, and received the message:

Package nginx of lowest version already installed, cannot downgrade it.

A quick search of the forums returned this post.

Am I to understand that older packages are not kept in the repos? If something breaks or I need to install an intermediate version, is my only option to build the lower package from source? Or is there a better way?

Older packages are not kept in the repositories for Rocky Linux 9 at this time. There is a way to pull older artifacts from the build system, but unfortunately it is complex to do so.

Rocky Linux Version Policy
Peridot Issue 18

@mustafa would have a better answer for you.

The dnf seeks BaseOS/$basearch/os that has the latest version,
but there is BaseOS/$basearch/kickstart that has the first version of the point update.

Is there a way to redirect dnf other than edit of *.repo -files?

Obviously, if one needs some interim version, then that does not help. Nor if security is important.

@benjoshyo Can you spun up clones of instance that has the “correct version”?