diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1609.xml')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1609.xml | 277 |
1 files changed, 0 insertions, 277 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1609.xml b/nixos/doc/manual/release-notes/rl-1609.xml deleted file mode 100644 index 4a2343edc9702..0000000000000 --- a/nixos/doc/manual/release-notes/rl-1609.xml +++ /dev/null @@ -1,277 +0,0 @@ -<section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-16.09"> - <title>Release 16.09 (“Flounder”, 2016/09/30)</title> - - <para> - In addition to numerous new and upgraded packages, this release has the - following highlights: - </para> - - <itemizedlist> - <listitem> - <para> - Many NixOS configurations and Nix packages now use significantly less disk - space, thanks to the - <link - xlink:href="https://github.com/NixOS/nixpkgs/issues/7117">extensive - work on closure size reduction</link>. For example, the closure size of a - minimal NixOS container went down from ~424 MiB in 16.03 to ~212 MiB in - 16.09, while the closure size of Firefox went from ~651 MiB to ~259 MiB. - </para> - </listitem> - <listitem> - <para> - To improve security, packages are now - <link - xlink:href="https://github.com/NixOS/nixpkgs/pull/12895">built - using various hardening features</link>. See the Nixpkgs manual for more - information. - </para> - </listitem> - <listitem> - <para> - Support for PXE netboot. See <xref - linkend="sec-booting-from-pxe" /> - for documentation. - </para> - </listitem> - <listitem> - <para> - X.org server 1.18. If you use the <literal>ati_unfree</literal> driver, - 1.17 is still used due to an ABI incompatibility. - </para> - </listitem> - <listitem> - <para> - This release is based on Glibc 2.24, GCC 5.4.0 and systemd 231. The default - Linux kernel remains 4.4. - </para> - </listitem> - </itemizedlist> - - <para> - The following new services were added since the last release: - </para> - - <itemizedlist> - <listitem> - <para> - <literal>(this will get automatically generated at release time)</literal> - </para> - </listitem> - </itemizedlist> - - <para> - When upgrading from a previous release, please be aware of the following - incompatible changes: - </para> - - <itemizedlist> - <listitem> - <para> - A large number of packages have been converted to use the multiple outputs - feature of Nix to greatly reduce the amount of required disk space, as - mentioned above. This may require changes to any custom packages to make - them build again; see the relevant chapter in the Nixpkgs manual for more - information. (Additional caveat to packagers: some packaging conventions - related to multiple-output packages - <link xlink:href="https://github.com/NixOS/nixpkgs/pull/14766">were - changed</link> late (August 2016) in the release cycle and differ from the - initial introduction of multiple outputs.) - </para> - </listitem> - <listitem> - <para> - Previous versions of Nixpkgs had support for all versions of the LTS - Haskell package set. That support has been dropped. The previously provided - <literal>haskell.packages.lts-x_y</literal> package sets still exist in - name to aviod breaking user code, but these package sets don't actually - contain the versions mandated by the corresponding LTS release. Instead, - our package set it loosely based on the latest available LTS release, i.e. - LTS 7.x at the time of this writing. New releases of NixOS and Nixpkgs will - drop those old names entirely. - <link - xlink:href="https://nixos.org/nix-dev/2016-June/020585.html">The - motivation for this change</link> has been discussed at length on the - <literal>nix-dev</literal> mailing list and in - <link - xlink:href="https://github.com/NixOS/nixpkgs/issues/14897">Github - issue #14897</link>. Development strategies for Haskell hackers who want to - rely on Nix and NixOS have been described in - <link - xlink:href="https://nixos.org/nix-dev/2016-June/020642.html">another - nix-dev article</link>. - </para> - </listitem> - <listitem> - <para> - Shell aliases for systemd sub-commands - <link xlink:href="https://github.com/NixOS/nixpkgs/pull/15598">were - dropped</link>: <command>start</command>, <command>stop</command>, - <command>restart</command>, <command>status</command>. - </para> - </listitem> - <listitem> - <para> - Redis now binds to 127.0.0.1 only instead of listening to all network - interfaces. This is the default behavior of Redis 3.2 - </para> - </listitem> - <listitem> - <para> - <literal>/var/empty</literal> is now immutable. Activation script runs - <command>chattr +i</command> to forbid any modifications inside the folder. - See <link xlink:href="https://github.com/NixOS/nixpkgs/pull/18365"> the - pull request</link> for what bugs this caused. - </para> - </listitem> - <listitem> - <para> - Gitlab's maintainance script <command>gitlab-runner</command> was removed - and split up into the more clearer <command>gitlab-run</command> and - <command>gitlab-rake</command> scripts, because - <command>gitlab-runner</command> is a component of Gitlab CI. - </para> - </listitem> - <listitem> - <para> - <literal>services.xserver.libinput.accelProfile</literal> default changed - from <literal>flat</literal> to <literal>adaptive</literal>, as per - <link xlink:href="https://wayland.freedesktop.org/libinput/doc/latest/group__config.html#gad63796972347f318b180e322e35cee79"> - official documentation</link>. - </para> - </listitem> - <listitem> - <para> - <literal>fonts.fontconfig.ultimate.rendering</literal> was removed because - our presets were obsolete for some time. New presets are hardcoded into - FreeType; you can select a preset via - <literal>fonts.fontconfig.ultimate.preset</literal>. You can customize - those presets via ordinary environment variables, using - <literal>environment.variables</literal>. - </para> - </listitem> - <listitem> - <para> - The <literal>audit</literal> service is no longer enabled by default. Use - <literal>security.audit.enable = true</literal> to explicitly enable it. - </para> - </listitem> - <listitem> - <para> - <literal>pkgs.linuxPackages.virtualbox</literal> now contains only the - kernel modules instead of the VirtualBox user space binaries. If you want - to reference the user space binaries, you have to use the new - <literal>pkgs.virtualbox</literal> instead. - </para> - </listitem> - <listitem> - <para> - <literal>goPackages</literal> was replaced with separated Go applications - in appropriate <literal>nixpkgs</literal> categories. Each Go package uses - its own dependency set. There's also a new <literal>go2nix</literal> tool - introduced to generate a Go package definition from its Go source - automatically. - </para> - </listitem> - <listitem> - <para> - <literal>services.mongodb.extraConfig</literal> configuration format was - changed to YAML. - </para> - </listitem> - <listitem> - <para> - PHP has been upgraded to 7.0 - </para> - </listitem> - </itemizedlist> - - <para> - Other notable improvements: - </para> - - <itemizedlist> - <listitem> - <para> - Revamped grsecurity/PaX support. There is now only a single general-purpose - distribution kernel and the configuration interface has been streamlined. - Desktop users should be able to simply set -<programlisting>security.grsecurity.enable = true</programlisting> - to get a reasonably secure system without having to sacrifice too much - functionality. - </para> - </listitem> - <listitem> - <para> - Special filesystems, like <literal>/proc</literal>, <literal>/run</literal> - and others, now have the same mount options as recommended by systemd and - are unified across different places in NixOS. Mount options are updated - during <command>nixos-rebuild switch</command> if possible. One benefit - from this is improved security — most such filesystems are now mounted - with <literal>noexec</literal>, <literal>nodev</literal> and/or - <literal>nosuid</literal> options. - </para> - </listitem> - <listitem> - <para> - The reverse path filter was interfering with DHCPv4 server operation in the - past. An exception for DHCPv4 and a new option to log packets that were - dropped due to the reverse path filter was added - (<literal>networking.firewall.logReversePathDrops</literal>) for easier - debugging. - </para> - </listitem> - <listitem> - <para> - Containers configuration within - <literal>containers.<name>.config</literal> is - <link - xlink:href="https://github.com/NixOS/nixpkgs/pull/17365">now - properly typed and checked</link>. In particular, partial configurations - are merged correctly. - </para> - </listitem> - <listitem> - <para> - The directory container setuid wrapper programs, - <filename>/var/setuid-wrappers</filename>, - <link - xlink:href="https://github.com/NixOS/nixpkgs/pull/18124">is now - updated atomically to prevent failures if the switch to a new configuration - is interrupted.</link> - </para> - </listitem> - <listitem> - <para> - <literal>services.xserver.startGnuPGAgent</literal> has been removed due to - GnuPG 2.1.x bump. See - <link - xlink:href="https://github.com/NixOS/nixpkgs/commit/5391882ebd781149e213e8817fba6ac3c503740c"> - how to achieve similar behavior</link>. You might need to <literal>pkill - gpg-agent</literal> after the upgrade to prevent a stale agent being in the - way. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://github.com/NixOS/nixpkgs/commit/e561edc322d275c3687fec431935095cfc717147"> - Declarative users could share the uid due to the bug in the script handling - conflict resolution. </link> - </para> - </listitem> - <listitem> - <para> - Gummi boot has been replaced using systemd-boot. - </para> - </listitem> - <listitem> - <para> - Hydra package and NixOS module were added for convenience. - </para> - </listitem> - </itemizedlist> -</section> |