1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-14.04">
<title>Release 14.04 (“Baboon”, 2014/04/30)</title>
<para>This is the second stable release branch of NixOS. In addition
to numerous new and upgraded packages and modules, this release has
the following highlights:
<itemizedlist>
<listitem><para>Installation on UEFI systems is now supported. See
<xref linkend="sec-uefi-installation"/> for
details.</para></listitem>
<listitem><para>Systemd has been updated to version 212, which has
<link xlink:href="http://cgit.freedesktop.org/systemd/systemd/plain/NEWS?id=v212">numerous
improvements</link>. NixOS now automatically starts systemd user
instances when you log in. You can define global user units through
the <option>systemd.unit.*</option> options.</para></listitem>
<listitem><para>NixOS is now based on Glibc 2.19 and GCC
4.8.</para></listitem>
<listitem><para>The default Linux kernel has been updated to
3.12.</para></listitem>
<listitem><para>KDE has been updated to 4.12.</para></listitem>
<listitem><para>GNOME 3.10 experimental support has been added.</para></listitem>
<listitem><para>Nix has been updated to 1.7 (<link
xlink:href="http://nixos.org/nix/manual/#ssec-relnotes-1.7">details</link>).</para></listitem>
<listitem><para>NixOS now supports fully declarative management of
users and groups. If you set <option>users.mutableUsers</option> to
<literal>false</literal>, then the contents of
<filename>/etc/passwd</filename> and <filename>/etc/group</filename>
will be <link
xlink:href="https://www.usenix.org/legacy/event/lisa02/tech/full_papers/traugott/traugott_html/">congruent</link>
to your NixOS configuration. For instance, if you remove a user from
<option>users.extraUsers</option> and run
<command>nixos-rebuild</command>, the user account will cease to
exist. Also, imperative commands for managing users and groups, such
as <command>useradd</command>, are no longer available. If
<option>users.mutableUsers</option> is <literal>true</literal> (the
default), then behaviour is unchanged from NixOS
13.10.</para></listitem>
<listitem><para>NixOS now has basic container support, meaning you
can easily run a NixOS instance as a container in a NixOS host
system. These containers are suitable for testing and
experimentation but not production use, since they’re not fully
isolated from the host. See <xref linkend="ch-containers"/> for
details.</para></listitem>
<listitem><para>Systemd units provided by packages can now be
overridden from the NixOS configuration. For instance, if a package
<literal>foo</literal> provides systemd units, you can say:
<programlisting>
systemd.packages = [ pkgs.foo ];
</programlisting>
to enable those units. You can then set or override unit options in
the usual way, e.g.
<programlisting>
systemd.services.foo.wantedBy = [ "multi-user.target" ];
systemd.services.foo.serviceConfig.MemoryLimit = "512M";
</programlisting>
</para></listitem>
</itemizedlist>
</para>
<para>When upgrading from a previous release, please be aware of the
following incompatible changes:
<itemizedlist>
<listitem><para>Nixpkgs no longer exposes unfree packages by
default. If your NixOS configuration requires unfree packages from
Nixpkgs, you need to enable support for them explicitly by setting:
<programlisting>
nixpkgs.config.allowUnfree = true;
</programlisting>
Otherwise, you get an error message such as:
<screen>
error: package ‘nvidia-x11-331.49-3.12.17’ in ‘…/nvidia-x11/default.nix:56’
has an unfree license, refusing to evaluate
</screen>
</para></listitem>
<listitem><para>The Adobe Flash player is no longer enabled by
default in the Firefox and Chromium wrappers. To enable it, you must
set:
<programlisting>
nixpkgs.config.allowUnfree = true;
nixpkgs.config.firefox.enableAdobeFlash = true; # for Firefox
nixpkgs.config.chromium.enableAdobeFlash = true; # for Chromium
</programlisting>
</para></listitem>
<listitem><para>The firewall is now enabled by default. If you don’t
want this, you need to disable it explicitly:
<programlisting>
networking.firewall.enable = false;
</programlisting>
</para></listitem>
<listitem><para>The option
<option>boot.loader.grub.memtest86</option> has been renamed to
<option>boot.loader.grub.memtest86.enable</option>.</para></listitem>
<listitem><para>The <literal>mysql55</literal> service has been
merged into the <literal>mysql</literal> service, which no longer
sets a default for the option
<option>services.mysql.package</option>.</para></listitem>
<listitem><para>Package variants are now differentiated by suffixing
the name, rather than the version. For instance,
<filename>sqlite-3.8.4.3-interactive</filename> is now called
<filename>sqlite-interactive-3.8.4.3</filename>. This ensures that
<literal>nix-env -i sqlite</literal> is unambiguous, and that
<literal>nix-env -u</literal> won’t “upgrade”
<literal>sqlite</literal> to <literal>sqlite-interactive</literal>
or vice versa. Notably, this change affects the Firefox wrapper
(which provides plugins), as it is now called
<literal>firefox-wrapper</literal>. So when using
<command>nix-env</command>, you should do <literal>nix-env -e
firefox; nix-env -i firefox-wrapper</literal> if you want to keep
using the wrapper. This change does not affect declarative package
management, since attribute names like
<literal>pkgs.firefoxWrapper</literal> were already
unambiguous.</para></listitem>
<listitem><para>The symlink <filename>/etc/ca-bundle.crt</filename>
is gone. Programs should instead use the environment variable
<envar>OPENSSL_X509_CERT_FILE</envar> (which points to
<filename>/etc/ssl/certs/ca-bundle.crt</filename>).</para></listitem>
</itemizedlist>
</para>
</chapter>
|