aboutsummaryrefslogtreecommitdiff
path: root/nixos/doc/manual/release-notes/rl-2103.xml
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2103.xml')
-rw-r--r--nixos/doc/manual/release-notes/rl-2103.xml135
1 files changed, 135 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml
index 8c804ce0470d..ffb00aa0362e 100644
--- a/nixos/doc/manual/release-notes/rl-2103.xml
+++ b/nixos/doc/manual/release-notes/rl-2103.xml
@@ -23,6 +23,22 @@
Support is planned until the end of October 2021, handing over to 21.09.
</para>
</listitem>
+ <listitem>
+ <para>GNOME desktop environment was upgraded to 3.38, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.38/">release notes</link>.</para>
+ </listitem>
+ <listitem>
+ <para>
+ <link xlink:href="https://www.gnuradio.org/">GNURadio</link> 3.8 was
+ <link xlink:href="https://github.com/NixOS/nixpkgs/issues/82263">finnally</link>
+ packaged, along with a rewrite to the Nix expressions, allowing users to
+ override the features upstream supports selecting to compile or not to.
+ Additionally, the attribute <code>gnuradio</code> and <code>gnuradio3_7</code>
+ now point to an externally wrapped by default derivations, that allow you to
+ also add `extraPythonPackages` to the Python interpreter used by GNURadio.
+ Missing environmental variables needed for operational GUI were also added
+ (<link xlink:href="https://github.com/NixOS/nixpkgs/issues/75478">#7547</link>).
+ </para>
+ </listitem>
</itemizedlist>
</section>
@@ -53,6 +69,11 @@
section of the NixOS manual</link> for more information.
</para>
</listitem>
+ <listitem>
+ <para>
+ <xref linkend="opt-services.samba-wsdd.enable" /> Web Services Dynamic Discovery host daemon
+ </para>
+ </listitem>
</itemizedlist>
</section>
@@ -87,6 +108,25 @@
</para>
</listitem>
<listitem>
+ <para>
+ <literal>rubyMinimal</literal> was removed due to being unused and
+ unusable. The default ruby interpreter includes JIT support, which makes
+ it reference it's compiler. Since JIT support is probably needed by some
+ Gems, it was decided to enable this feature with all cc references by
+ default, and allow to build a Ruby derivation without references to cc,
+ by setting <literal>jitSupport = false;</literal> in an overlay. See
+ <link xlink:href="https://github.com/NixOS/nixpkgs/pull/90151">#90151</link>
+ for more info.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Setting <option>services.openssh.authorizedKeysFiles</option> now also affects which keys <option>security.pam.enableSSHAgentAuth</option> will use.
+
+ WARNING: If you are using these options in combination do make sure that any key paths you use are present in <option>services.openssh.authorizedKeysFiles</option>!
+ </para>
+ </listitem>
+ <listitem>
<para>
The option <option>fonts.enableFontDir</option> has been renamed to
<xref linkend="opt-fonts.fontDir.enable"/>. The path of font directory
@@ -113,6 +153,13 @@
</listitem>
<listitem>
<para>
+ Paperwork was updated to version 2. The on-disk format slightly changed,
+ and it is not possible to downgrade from Paperwork 2 back to Paperwork
+ 1.3. Back your documents up before upgrading. See <link xlink:href="https://forum.openpaper.work/t/paperwork-2-0/112/5">this thread</link> for more details.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
PowerDNS has been updated from <literal>4.2.x</literal> to <literal>4.3.x</literal>. Please
be sure to review the <link xlink:href="https://doc.powerdns.com/authoritative/upgrading.html#x-to-4-3-0">Upgrade Notes</link>
provided by upstream before upgrading. Worth specifically noting is that the service now runs
@@ -128,6 +175,11 @@
</listitem>
<listitem>
<para>
+ <package>cpp_ethereum</package> (aleth) has been abandoned upstream, and removed.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
<package>riak-cs</package> package removed along with <varname>services.riak-cs</varname> module.
</para>
</listitem>
@@ -143,6 +195,76 @@
<link xlink:href="http://www.mutt.org/relnotes/2.0/">release notes for Mutt 2.0</link>.
</para>
</listitem>
+ <listitem>
+ <para>
+ <literal>vim</literal> switched to Python 3, dropping all Python 2 support.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <link linkend="opt-boot.zfs.forceImportAll">boot.zfs.forceImportAll</link>
+ previously did nothing, but has been fixed. However its default has been
+ changed to <literal>false</literal> to preserve the existing default
+ behaviour. If you have this explicitly set to <literal>true</literal>,
+ please note that your non-root pools will now be forcibly imported.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <package>openafs</package> now points to <package>openafs_1_8</package>,
+ which is the new stable release. OpenAFS 1.6 was removed.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The <literal>openldap</literal> module now has support for OLC-style
+ configuration, users of the <literal>configDir</literal> option may wish
+ to migrate. If you continue to use <literal>configDir</literal>, ensure that
+ <literal>olcPidFile</literal> is set to <literal>/run/slapd/slapd.pid</literal>.
+ </para>
+ <para>
+ As a result, <literal>extraConfig</literal> and <literal>extraDatabaseConfig</literal>
+ are removed. To help with migration, you can convert your <literal>slapd.conf</literal>
+ file to OLC configuration with the following script (find the location of this
+ configuration file by running <literal>systemctl status openldap</literal>, it is the
+ <literal>-f</literal> option.
+ </para>
+ <programlisting>
+ TMPDIR=$(mktemp -d)
+ slaptest -f /path/to/slapd.conf $TMPDIR
+ slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))'
+ </programlisting>
+ <para>
+ This will dump your current configuration in LDIF format, which should be
+ straightforward to convert into Nix settings. This does not show your schema
+ configuration, as this is unnecessarily verbose for users of the default schemas
+ and <literal>slaptest</literal> is buggy with schemas directly in the config file.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Amazon EC2 and OpenStack Compute (nova) images now re-fetch instance meta data and user data from the instance
+ metadata service (IMDS) on each boot. For example: stopping an EC2 instance, changing its user data, and
+ restarting the instance will now cause it to fetch and apply the new user data.
+ </para>
+ <warning>
+ <para>
+ Specifically, <literal>/etc/ec2-metadata</literal> is re-populated on each boot. Some NixOS scripts that read
+ from this directory are guarded to only run if the files they want to manipulate do not already exist, and so
+ will not re-apply their changes if the IMDS response changes. Examples: <literal>root</literal>'s SSH key is
+ only added if <literal>/root/.ssh/authorized_keys</literal> does not exist, and SSH host keys are only set from
+ user data if they do not exist in <literal>/etc/ssh</literal>.
+ </para>
+ </warning>
+ </listitem>
+ <listitem>
+ <para>
+ The <literal>rspamd</literal> services is now sandboxed. It is run as
+ a dynamic user instead of root, so secrets and other files may have to
+ be moved or their permissions may have to be fixed. The sockets are now
+ located in <literal>/run/rspamd</literal> instead of <literal>/run</literal>.
+ </para>
+ </listitem>
</itemizedlist>
</section>
@@ -235,6 +357,19 @@
<literal>unbound-control</literal> without passing a custom configuration location.
</para>
</listitem>
+ <listitem>
+ <para>
+ NixOS now defaults to the unified cgroup hierarchy (cgroupsv2).
+ See the <link xlink:href="https://www.redhat.com/sysadmin/fedora-31-control-group-v2">Fedora Article for 31</link>
+ for details on why this is desirable, and how it impacts containers.
+ </para>
+ <para>
+ If you want to run containers with a runtime that does not yet support cgroupsv2,
+ you can switch back to the old behaviour by setting
+ <xref linkend="opt-systemd.enableUnifiedCgroupHierarchy"/> = <literal>false</literal>;
+ and rebooting.
+ </para>
+ </listitem>
</itemizedlist>
</section>
</section>