nixpkgs/nixos/doc/manual/release-notes/rl-1803.xml
2018-03-04 10:49:25 +01:00

470 lines
18 KiB
XML

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03">
<title>Release 18.03 (“Impala”, 2018/03/??)</title>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-highlights">
<title>Highlights</title>
<para>In addition to numerous new and upgraded packages, this release
has the following highlights: </para>
<itemizedlist>
<listitem>
<para>
Nix now defaults to 2.0; see its
<link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-2.0">release notes</link>.
</para>
</listitem>
<listitem>
<para>
Linux kernel defaults to the 4.14 branch (it was 4.9).
</para>
</listitem>
<listitem>
<para>
GCC defaults to 7.x (it was 6.x).
</para>
</listitem>
<listitem>
<para>
MariaDB 10.2, updated from 10.1, is now the default MySQL implementation. While upgrading a few changes
have been made to the infrastructure involved:
<itemizedlist>
<listitem>
<para>
<literal>libmysql</literal> has been deprecated, please use <literal>mysql.connector-c</literal>
instead, a compatibility passthru has been added to the MySQL packages.
</para>
</listitem>
<listitem>
<para>
The <literal>mysql57</literal> package has a new <literal>static</literal> output containing
the static libraries including <literal>libmysqld.a</literal>
</para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
The GNOME version is now 3.26.
</para>
</listitem>
<listitem>
<para>PHP now defaults to PHP 7.2</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-new-services">
<title>New Services</title>
<para>The following new services were added since the last release:</para>
<itemizedlist>
<listitem>
<para></para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-incompatibilities">
<title>Backward Incompatibilities</title>
<para>When upgrading from a previous release, please be aware of the
following incompatible changes:</para>
<itemizedlist>
<listitem>
<para>
<literal>sound.enable</literal> now defaults to false.
</para>
</listitem>
<listitem>
<para>
Dollar signs in options under <option>services.postfix</option> are
passed verbatim to Postfix, which will interpret them as the beginning of
a parameter expression. This was already true for string-valued options
in the previous release, but not for list-valued options. If you need to
pass literal dollar signs through Postfix, double them.
</para>
</listitem>
<listitem>
<para>
The <literal>postage</literal> package (for web-based PostgreSQL
administration) has been renamed to <literal>pgmanage</literal>. The
corresponding module has also been renamed. To migrate please rename all
<option>services.postage</option> options to
<option>services.pgmanage</option>.
</para>
</listitem>
<listitem>
<para>
Package attributes starting with a digit have been prefixed with an
underscore sign. This is to avoid quoting in the configuration and
other issues with command-line tools like <literal>nix-env</literal>.
The change affects the following packages:
<itemizedlist>
<listitem>
<para><literal>2048-in-terminal</literal><literal>_2048-in-terminal</literal></para>
</listitem>
<listitem>
<para><literal>90secondportraits</literal><literal>_90secondportraits</literal></para>
</listitem>
<listitem>
<para><literal>2bwm</literal><literal>_2bwm</literal></para>
</listitem>
<listitem>
<para><literal>389-ds-base</literal><literal>_389-ds-base</literal></para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
<emphasis role="strong">
The OpenSSH service no longer enables support for DSA keys by default,
which could cause a system lock out. Update your keys or, unfavorably,
re-enable DSA support manually.
</emphasis>
</para>
<para>
DSA support was
<link xlink:href="https://www.openssh.com/legacy.html">deprecated in OpenSSH 7.0</link>,
due to it being too weak. To re-enable support, add
<literal>PubkeyAcceptedKeyTypes +ssh-dss</literal> to the end of your
<option>services.openssh.extraConfig</option>.
</para>
<para>
After updating the keys to be stronger, anyone still on a pre-17.03
version is safe to jump to 17.03, as vetted
<link xlink:href="https://search.nix.gsc.io/?q=stateVersion">here</link>.
</para>
</listitem>
<listitem>
<para>
The <literal>openssh</literal> package
now includes Kerberos support by default;
the <literal>openssh_with_kerberos</literal> package
is now a deprecated alias.
If you do not want Kerberos support,
you can do <literal>openssh.override { withKerboros = false; }</literal>.
Note, this also applies to the <literal>openssh_hpn</literal> package.
</para>
</listitem>
<listitem>
<para>
<literal>cc-wrapper</literal> has been split in two; there is now also a <literal>bintools-wrapper</literal>.
The most commonly used files in <filename>nix-support</filename> are now split between the two wrappers.
Some commonly used ones, like <filename>nix-support/dynamic-linker</filename>, are duplicated for backwards compatability, even though they rightly belong only in <literal>bintools-wrapper</literal>.
Other more obscure ones are just moved.
</para>
</listitem>
<listitem>
<para>
The propagation logic has been changed.
The new logic, along with new types of dependencies that go with, is thoroughly documented in the "Specifying dependencies" section of the "Standard Environment" chapter of the nixpkgs manual.
<!-- That's <xref linkend="ssec-stdenv-attributes"> were we to merge the manuals. -->
The old logic isn't but is easy to describe: dependencies were propagated as the same type of dependency no matter what.
In practice, that means that many <function>propagatedNativeBuildInputs</function> should instead be <function>propagatedBuildInputs</function>.
Thankfully, that was and is the least used type of dependency.
Also, it means that some <function>propagatedBuildInputs</function> should instead be <function>depsTargetTargetPropagated</function>.
Other types dependencies should be unaffected.
</para>
</listitem>
<listitem>
<para>
<literal>lib.addPassthru drv passthru</literal> is removed. Use <literal>lib.extendDerivation true passthru drv</literal> instead.
</para>
</listitem>
<listitem>
<para>
The <literal>memcached</literal> service no longer accept dynamic socket
paths via <option>services.memcached.socket</option>. Unix sockets can be
still enabled by <option>services.memcached.enableUnixSocket</option> and
will be accessible at <literal>/run/memcached/memcached.sock</literal>.
</para>
</listitem>
<listitem>
<para>
The <varname>hardware.amdHybridGraphics.disable</varname> option was removed for lack of a maintainer. If you still need this module, you may wish to include a copy of it from an older version of nixos in your imports.
</para>
</listitem>
<listitem>
<para>
The merging of config options for <varname>services.postfix.config</varname>
was buggy. Previously, if other options in the Postfix module like
<varname>services.postfix.useSrs</varname> were set and the user set config
options that were also set by such options, the resulting config wouldn't
include all options that were needed. They are now merged correctly. If
config options need to be overridden, <literal>lib.mkForce</literal> or
<literal>lib.mkOverride</literal> can be used.
</para>
</listitem>
<listitem>
<para>
The following changes apply if the <literal>stateVersion</literal> is changed to 18.03 or higher.
For <literal>stateVersion = "17.09"</literal> or lower the old behavior is preserved.
</para>
<itemizedlist>
<listitem>
<para>
<literal>matrix-synapse</literal> uses postgresql by default instead of sqlite.
Migration instructions can be found <link xlink:href="https://github.com/matrix-org/synapse/blob/master/docs/postgres.rst#porting-from-sqlite"> here </link>.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
The <literal>jid</literal> package has been removed, due to maintenance
overhead of a go package having non-versioned dependencies.
</para>
</listitem>
<listitem>
<para>
When using <option>services.xserver.libinput</option> (enabled by default in GNOME),
it now handles all input devices, not just touchpads. As a result, you might need to
re-evaluate any custom Xorg configuration. In particular,
<literal>Option "XkbRules" "base"</literal> may result in broken keyboard layout.
</para>
</listitem>
<listitem>
<para>
The <literal>attic</literal> package was removed. A maintained fork called
<link xlink:href="https://www.borgbackup.org/">Borg</link> should be used instead.
Migration instructions can be found
<link xlink:href="http://borgbackup.readthedocs.io/en/stable/usage/upgrade.html#attic-and-borg-0-xx-to-borg-1-x">here</link>.
</para>
</listitem>
<listitem>
<para>
The Piwik analytics software was renamed to Matomo:
<itemizedlist>
<listitem>
<para>The package <literal>pkgs.piwik</literal> was renamed to <literal>pkgs.matomo</literal>.</para>
</listitem>
<listitem>
<para>The service <literal>services.piwik</literal> was renamed to <literal>services.matomo</literal>.</para>
</listitem>
<listitem>
<para>
The data directory <filename>/var/lib/piwik</filename> was renamed to <filename>/var/lib/matomo</filename>.
All files will be moved automatically on first startup, but you might need to adjust your backup scripts.
</para>
</listitem>
<listitem>
<para>
The default <option>serverName</option> for the nginx configuration changed from
<literal>piwik.${config.networking.hostName}</literal> to
<literal>matomo.${config.networking.hostName}.${config.networking.domain}</literal>
if <option>config.networking.domain</option> is set,
<literal>matomo.${config.networking.hostName}</literal> if it is not set.
If you change your <option>serverName</option>, remember you'll need to update the
<literal>trustedHosts[]</literal> array in <filename>/var/lib/matomo/config/config.ini.php</filename>
as well.
</para>
</listitem>
<listitem>
<para>
The <literal>piwik</literal> user was renamed to <literal>matomo</literal>.
The service will adjust ownership automatically for files in the data directory.
If you use unix socket authentication, remember to give the new <literal>matomo</literal> user
access to the database and to change the <literal>username</literal> to <literal>matomo</literal>
in the <literal>[database]</literal> section of <filename>/var/lib/matomo/config/config.ini.php</filename>.
</para>
</listitem>
<listitem>
<para>
If you named your database `piwik`, you might want to rename it to `matomo` to keep things clean,
but this is neither enforced nor required.
</para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
<literal>nodejs-4_x</literal> is end-of-life.
<literal>nodejs-4_x</literal>, <literal>nodejs-slim-4_x</literal> and <literal>nodePackages_4_x</literal> are removed.
</para>
</listitem>
<listitem>
<para>
The <literal>pump.io</literal> NixOS module was removed.
It is now maintained as an
<link xlink:href="https://github.com/rvl/pump.io-nixos">external module</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
<listitem>
<para>
ZNC option <option>services.znc.mutable</option> now defaults to
<literal>true</literal>. That means that old configuration is not
overwritten by default when update to the znc options are made.
</para>
</listitem>
<listitem>
<para>
The option <option>networking.wireless.networks.&lt;name&gt;.auth</option>
has been added for wireless networks with WPA-Enterprise authentication.
There is also a new <option>extraConfig</option> option to directly
configure <literal>wpa_supplicant</literal> and <option>hidden</option>
to connect to hidden networks.
</para>
</listitem>
<listitem>
<para>
In the module <option>networking.interfaces.&lt;name&gt;</option> the
following options have been removed:
<itemizedlist>
<listitem>
<para><option>ipAddress</option></para>
</listitem>
<listitem>
<para><option>ipv6Address</option></para>
</listitem>
<listitem>
<para><option>prefixLength</option></para>
</listitem>
<listitem>
<para><option>ipv6PrefixLength</option></para>
</listitem>
<listitem>
<para><option>subnetMask</option></para>
</listitem>
</itemizedlist>
To assign static addresses to an interface the options
<option>ipv4.addresses</option> and <option>ipv6.addresses</option>
should be used instead.
The options <option>ip4</option> and <option>ip6</option> have been
renamed to <option>ipv4.addresses</option> <option>ipv6.addresses</option>
respectively.
The new options <option>ipv4.routes</option> and <option>ipv6.routes</option>
have been added to set up static routing.
</para>
</listitem>
<listitem>
<para>
The option <option>services.xserver.desktopManager.default</option> is now
<literal>none</literal> by default. An assertion failure is thrown if WM's
and DM's default are <literal>none</literal>.
To explicitly run a plain X session without and DM or WM, the newly
introduced option <option>services.xserver.plainX</option> must be set to true.
</para>
</listitem>
<listitem>
<para>
The option <option>services.logstash.listenAddress</option> is now <literal>127.0.0.1</literal> by default.
Previously the default behaviour was to listen on all interfaces.
</para>
</listitem>
<listitem>
<para>
<literal>services.btrfs.autoScrub</literal> has been added, to
periodically check btrfs filesystems for data corruption.
If there's a correct copy available, it will automatically repair
corrupted blocks.
</para>
</listitem>
<listitem>
<para>
<literal>displayManager.lightdm.greeters.gtk.clock-format.</literal>
has been added, the clock format string (as expected by
strftime, e.g. <literal>%H:%M</literal>) to use with the lightdm
gtk greeter panel.
</para>
<para>
If set to null the default clock format is used.
</para>
</listitem>
<listitem>
<para>
<literal>displayManager.lightdm.greeters.gtk.indicators</literal>
has been added, a list of allowed indicator modules to use with
the lightdm gtk greeter panel.
</para>
<para>
Built-in indicators include <literal>~a11y</literal>,
<literal>~language</literal>, <literal>~session</literal>,
<literal>~power</literal>, <literal>~clock</literal>,
<literal>~host</literal>, <literal>~spacer</literal>. Unity
indicators can be represented by short name
(e.g. <literal>sound</literal>, <literal>power</literal>),
service file name, or absolute path.
</para>
<para>
If set to <literal>null</literal> the default indicators are
used.
</para>
<para>
In order to have the previous default configuration add
<programlisting>
services.xserver.displayManager.lightdm.greeters.gtk.indicators = [
"~host" "~spacer"
"~clock" "~spacer"
"~session"
"~language"
"~a11y"
"~power"
];
</programlisting>
to your <literal>configuration.nix</literal>.
</para>
</listitem>
<listitem>
<para>
The NixOS test driver supports user services declared by <literal>systemd.user.services</literal>.
The methods <literal>waitForUnit</literal>, <literal>getUnitInfo</literal>, <literal>startJob</literal>
and <literal>stopJob</literal> provide an optional <literal>$user</literal> argument for that purpose.
</para>
</listitem>
<listitem>
<para>
Enabling bash completion on NixOS, <literal>programs.bash.enableCompletion</literal>, will now also enable
completion for the Nix command line tools by installing the
<link xlink:href="https://github.com/hedning/nix-bash-completions">nix-bash-completions</link> package.
</para>
</listitem>
</itemizedlist>
</section>
</section>