1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-14.04">
<title>Release 14.04 (“Baboon”, 2014/04/30)</title>
<para>
This is the second stable release branch of NixOS. In addition to numerous
new and upgraded packages and modules, this release has the following
highlights:
<itemizedlist>
<listitem>
<para>
Installation on UEFI systems is now supported. See
<xref linkend="sec-installation"/> for details.
</para>
</listitem>
<listitem>
<para>
Systemd has been updated to version 212, which has
<link xlink:href="http://cgit.freedesktop.org/systemd/systemd/plain/NEWS?id=v212">numerous
improvements</link>. NixOS now automatically starts systemd user instances
when you log in. You can define global user units through the
<option>systemd.unit.*</option> options.
</para>
</listitem>
<listitem>
<para>
NixOS is now based on Glibc 2.19 and GCC 4.8.
</para>
</listitem>
<listitem>
<para>
The default Linux kernel has been updated to 3.12.
</para>
</listitem>
<listitem>
<para>
KDE has been updated to 4.12.
</para>
</listitem>
<listitem>
<para>
GNOME 3.10 experimental support has been added.
</para>
</listitem>
<listitem>
<para>
Nix has been updated to 1.7
(<link
xlink:href="http://nixos.org/nix/manual/#ssec-relnotes-1.7">details</link>).
</para>
</listitem>
<listitem>
<para>
NixOS now supports fully declarative management of users and groups. If
you set <option>users.mutableUsers</option> to <literal>false</literal>,
then the contents of <filename>/etc/passwd</filename> and
<filename>/etc/group</filename> will be
<link
xlink:href="https://www.usenix.org/legacy/event/lisa02/tech/full_papers/traugott/traugott_html/">congruent</link>
to your NixOS configuration. For instance, if you remove a user from
<option>users.extraUsers</option> and run
<command>nixos-rebuild</command>, the user account will cease to exist.
Also, imperative commands for managing users and groups, such as
<command>useradd</command>, are no longer available. If
<option>users.mutableUsers</option> is <literal>true</literal> (the
default), then behaviour is unchanged from NixOS 13.10.
</para>
</listitem>
<listitem>
<para>
NixOS now has basic container support, meaning you can easily run a NixOS
instance as a container in a NixOS host system. These containers are
suitable for testing and experimentation but not production use, since
they’re not fully isolated from the host. See
<xref linkend="ch-containers"/> for details.
</para>
</listitem>
<listitem>
<para>
Systemd units provided by packages can now be overridden from the NixOS
configuration. For instance, if a package <literal>foo</literal> provides
systemd units, you can say:
<programlisting>
systemd.packages = [ pkgs.foo ];
</programlisting>
to enable those units. You can then set or override unit options in the
usual way, e.g.
<programlisting>
systemd.services.foo.wantedBy = [ "multi-user.target" ];
systemd.services.foo.serviceConfig.MemoryLimit = "512M";
</programlisting>
</para>
</listitem>
</itemizedlist>
</para>
<para>
When upgrading from a previous release, please be aware of the following
incompatible changes:
<itemizedlist>
<listitem>
<para>
Nixpkgs no longer exposes unfree packages by default. If your NixOS
configuration requires unfree packages from Nixpkgs, you need to enable
support for them explicitly by setting:
<programlisting>
nixpkgs.config.allowUnfree = true;
</programlisting>
Otherwise, you get an error message such as:
<screen>
error: package ‘nvidia-x11-331.49-3.12.17’ in ‘…/nvidia-x11/default.nix:56’
has an unfree license, refusing to evaluate
</screen>
</para>
</listitem>
<listitem>
<para>
The Adobe Flash player is no longer enabled by default in the Firefox and
Chromium wrappers. To enable it, you must set:
<programlisting>
nixpkgs.config.allowUnfree = true;
nixpkgs.config.firefox.enableAdobeFlash = true; # for Firefox
nixpkgs.config.chromium.enableAdobeFlash = true; # for Chromium
</programlisting>
</para>
</listitem>
<listitem>
<para>
The firewall is now enabled by default. If you don’t want this, you need
to disable it explicitly:
<programlisting>
networking.firewall.enable = false;
</programlisting>
</para>
</listitem>
<listitem>
<para>
The option <option>boot.loader.grub.memtest86</option> has been renamed to
<option>boot.loader.grub.memtest86.enable</option>.
</para>
</listitem>
<listitem>
<para>
The <literal>mysql55</literal> service has been merged into the
<literal>mysql</literal> service, which no longer sets a default for the
option <option>services.mysql.package</option>.
</para>
</listitem>
<listitem>
<para>
Package variants are now differentiated by suffixing the name, rather than
the version. For instance, <filename>sqlite-3.8.4.3-interactive</filename>
is now called <filename>sqlite-interactive-3.8.4.3</filename>. This
ensures that <literal>nix-env -i sqlite</literal> is unambiguous, and that
<literal>nix-env -u</literal> won’t “upgrade”
<literal>sqlite</literal> to <literal>sqlite-interactive</literal> or vice
versa. Notably, this change affects the Firefox wrapper (which provides
plugins), as it is now called <literal>firefox-wrapper</literal>. So when
using <command>nix-env</command>, you should do <literal>nix-env -e
firefox; nix-env -i firefox-wrapper</literal> if you want to keep using
the wrapper. This change does not affect declarative package management,
since attribute names like <literal>pkgs.firefoxWrapper</literal> were
already unambiguous.
</para>
</listitem>
<listitem>
<para>
The symlink <filename>/etc/ca-bundle.crt</filename> is gone. Programs
should instead use the environment variable
<envar>OPENSSL_X509_CERT_FILE</envar> (which points to
<filename>/etc/ssl/certs/ca-bundle.crt</filename>).
</para>
</listitem>
</itemizedlist>
</para>
</section>
|