diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d419f347b1..7901c46020 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -306,6 +306,8 @@ jobs:
             version: "9"
           - image: "alpine"
             version: "3.22"
+          #- image: "oraclelinux"
+          #  version: "8"
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Get Secrets from Azure Key Vault
diff --git a/Makefile b/Makefile
index d523ce50f8..b01c24907e 100644
--- a/Makefile
+++ b/Makefile
@@ -91,6 +91,8 @@ endif
 SELECTED_PACKAGE = $(DEB_PACKAGE)
 ifeq ($(OS_RELEASE),redhatenterprise)
 	SELECTED_PACKAGE = $(RPM_PACKAGE)
+else ifeq ($(OS_RELEASE),oraclelinux)
+	SELECTED_PACKAGE = $(RPM_PACKAGE)
 else ifeq ($(OS_RELEASE),alpine)
 	SELECTED_PACKAGE = $(APK_PACKAGE)
 endif
diff --git a/scripts/packages/postinstall.sh b/scripts/packages/postinstall.sh
index 3c2f252b1b..ad2f9eea84 100755
--- a/scripts/packages/postinstall.sh
+++ b/scripts/packages/postinstall.sh
@@ -191,6 +191,42 @@ summary() {
     create_run_dir
     update_user_groups
     update_unit_file
+
+    # If the config file is missing after installation (e.g. removed by package cleanup during upgrade), 
+    # restore the pre-upgrade backup if one exists.
+    PREBACKUP="${AGENT_LIB_DIR}/nginx-agent.conf.preupgrade"
+
+    is_rhel_family() {
+        printf "%s\n" "$ID" "$ID_LIKE" | grep -Eq '\brhel\b|\bcentos\b|\bol\b|\balmalinux\b|\brocky\b|\bamzn\b' 2>/dev/null
+    }
+    
+    is_rpm_based() {
+        printf "%s\n" "$ID" "$ID_LIKE" | grep -Eq '\brhel\b|\bcentos\b|\bol\b|\balmalinux\b|\brocky\b|\bamzn\b|\boraclelinux\b' 2>/dev/null
+    }
+
+    PREV_VER_FILE="${AGENT_LIB_DIR}/nginx-agent.preupgrade.version"
+    PREV_MAJOR=""
+    if [ -f "${PREV_VER_FILE}" ]; then
+        PREV_MAJOR=$(sed -n 's/^.*version v\([0-9]\+\).*$/\1/p' "${PREV_VER_FILE}" || true)
+    fi
+    
+    # Restore config on RPM-based systems for V3→V3 upgrades
+    if is_rpm_based && [ "${PREV_MAJOR}" = "3" ] && [ -f "${PREBACKUP}" ]; then
+        printf "PostInstall: Restoring nginx-agent config from %s (prev major=%s) on RPM system\n" "${PREBACKUP}" "${PREV_MAJOR}"
+        mkdir -p "${AGENT_ETC_DIR}" || true
+        cp -a "${PREBACKUP}" "${AGENT_ETC_DIR}/nginx-agent.conf" || true
+        chown root:${AGENT_GROUP} "${AGENT_ETC_DIR}/nginx-agent.conf" || true
+        chmod 0640 "${AGENT_ETC_DIR}/nginx-agent.conf" || true
+    fi
+    
+    # Restore manifest file
+    MANIFEST_BACKUP="${AGENT_LIB_DIR}/manifest.json.preupgrade"
+    if is_rpm_based && [ "${PREV_MAJOR}" = "3" ] && [ -f "${MANIFEST_BACKUP}" ]; then
+        printf "PostInstall: Restoring manifest from %s (prev major=%s) on RPM system\n" "${MANIFEST_BACKUP}" "${PREV_MAJOR}"
+        mkdir -p "${AGENT_LIB_DIR}" || true
+        cp -a "${MANIFEST_BACKUP}" "${AGENT_LIB_DIR}/manifest.json" || true
+    fi
+
     restart_agent_if_required
     summary
 }
diff --git a/scripts/packages/postremove.sh b/scripts/packages/postremove.sh
index 14f93b8d25..117e123d60 100755
--- a/scripts/packages/postremove.sh
+++ b/scripts/packages/postremove.sh
@@ -32,6 +32,34 @@ full_cleanup() {
     rm -rf "/var/lib/nginx-agent"
 }
 
+is_agent_installed() {
+    # Check if nginx-agent binary still exists
+    if [ -f "/usr/bin/nginx-agent" ]; then
+        return 0  # Agent is installed
+    else
+        return 1  # Agent is not installed
+    fi
+}
+
+is_package_installed() {
+    # Check if nginx-agent package is still installed using package manager
+    case "$ID" in
+        debian|ubuntu)
+            dpkg -l | grep -q '^ii.*nginx-agent' && return 0 || return 1
+            ;;
+        rhel|fedora|centos|amzn|almalinux|rocky|ol)
+            rpm -q nginx-agent >/dev/null 2>&1 && return 0 || return 1
+            ;;
+        alpine)
+            apk info nginx-agent >/dev/null 2>&1 && return 0 || return 1
+            ;;
+        *)
+            return 1
+            ;;
+    esac
+}
+
+
 case "$ID" in
     debian|ubuntu)
         case "$1" in
@@ -49,12 +77,26 @@ case "$ID" in
                 ;;
         esac
         ;;
-    rhel|fedora|centos|amzn|almalinux|rocky)
+    rhel|fedora|centos|amzn|almalinux|rocky|ol)
         if [ "$1" = "0" ]; then
+            # Package is being completely removed
+            echo "PostRemove: Package being removed (not upgraded)"
             stop_agent_systemd
             disable_agent_systemd
             systemd_daemon_reload
-            full_cleanup
+                    
+            # Check if agent binary still exists (it shouldn't in a real removal)
+            if ! is_agent_installed; then
+                echo "PostRemove: Agent binary not found, performing full cleanup"
+                full_cleanup
+            else
+                echo "PostRemove: Agent binary still present, performing partial cleanup only"
+                cleanup
+            fi
+        elif [ "$1" = "1" ]; then
+            # Package is being upgraded
+            echo "PostRemove: Agent is being upgraded, performing partial cleanup only"
+            cleanup
         fi
         ;;
     alpine)
diff --git a/scripts/packages/preinstall.sh b/scripts/packages/preinstall.sh
index 530aa27068..33363eb00a 100644
--- a/scripts/packages/preinstall.sh
+++ b/scripts/packages/preinstall.sh
@@ -149,5 +149,39 @@ command:
 {
     title
     ensure_sudo
+
+    # Preserve existing config before upgrade on RHEL-family systems and only for V3->V3 upgrades.
+    is_rhel_family() {
+        printf "%s\n" "$ID" "$ID_LIKE" | grep -Eq '\brhel\b|\bcentos\b|\bol\b|\balmalinux\b|\brocky\b|\bamzn\b' 2>/dev/null
+    }
+
+    INSTALLED_VERSION=""
+    INSTALLED_MAJOR=""
+    if command -v nginx-agent >/dev/null 2>&1; then
+        INSTALLED_VERSION=$(nginx-agent -v 2>/dev/null || true)
+        INSTALLED_MAJOR=$(printf "%s" "$INSTALLED_VERSION" | sed -n 's/^.*version v\([0-9]\+\).*$/\1/p' || true)
+    fi
+
+    AGENT_LIB_DIR=${AGENT_LIB_DIR:-"/var/lib/nginx-agent"}
+    AGENT_CONFIG_BACKUP="${AGENT_LIB_DIR}/nginx-agent.conf.preupgrade"
+
+    if is_rhel_family && [ -n "${INSTALLED_MAJOR}" ] && [ "${INSTALLED_MAJOR}" -eq 3 ] && [ -f "${AGENT_CONFIG_FILE}" ]; then
+        mkdir -p "${AGENT_LIB_DIR}" || true
+        if [ ! -f "${AGENT_CONFIG_BACKUP}" ]; then
+            echo "Backing up existing config to ${AGENT_CONFIG_BACKUP}"
+            cp -a "${AGENT_CONFIG_FILE}" "${AGENT_CONFIG_BACKUP}" || true
+        fi
+        
+        # Also backup the manifest file
+        MANIFEST_BACKUP="${AGENT_LIB_DIR}/manifest.json.preupgrade"
+        if [ ! -f "${MANIFEST_BACKUP}" ] && [ -f "${AGENT_LIB_DIR}/manifest.json" ]; then
+            echo "Backing up existing manifest to ${MANIFEST_BACKUP}"
+            cp -a "${AGENT_LIB_DIR}/manifest.json" "${MANIFEST_BACKUP}" || true
+        fi
+        
+        printf "%s" "${INSTALLED_VERSION}" > "${AGENT_LIB_DIR}/nginx-agent.preupgrade.version" 2>/dev/null || true
+    fi
+
+
     update_config_file
 }
diff --git a/test/docker/nginx-oss/rpm/Dockerfile b/test/docker/nginx-oss/rpm/Dockerfile
index af6568422c..8db9618c0b 100644
--- a/test/docker/nginx-oss/rpm/Dockerfile
+++ b/test/docker/nginx-oss/rpm/Dockerfile
@@ -38,10 +38,10 @@ enabled=1" > /etc/yum.repos.d/nginx.repo; \
 
 
 RUN set -x \
-    && groupadd --system --gid 101 nginx \
-    && adduser -g nginx --system --no-create-home --home /nonexistent --shell /bin/false --uid 101 nginx \
-    && usermod -s /sbin/nologin nginx \
-    && usermod -L nginx \
+    && groupadd --system --gid 101 nginx 2>/dev/null || groupadd --system nginx \
+    && adduser -g nginx --system --no-create-home --home /nonexistent --shell /bin/false --uid 101 nginx 2>/dev/null || true \
+    && usermod -s /sbin/nologin nginx 2>/dev/null || true \
+    && usermod -L nginx 2>/dev/null || true \
     && yum install -y git \
                       wget \
                       procps \