<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-14.04">
<title>Release 14.04 (<quote>Baboon</quote>, 2014/04/30)</title>
<para>
This is the second stable release branch of NixOS. In addition to
numerous new and upgraded packages and modules, this release has the
following highlights:
</para>
<itemizedlist>
<listitem>
<para>
Installation on UEFI systems is now supported. See
<xref linkend="sec-installation" /> for details.
</para>
</listitem>
<listitem>
<para>
Systemd has been updated to version 212, which has
<link xlink:href="http://cgit.freedesktop.org/systemd/systemd/plain/NEWS?id=v212">numerous
improvements</link>. NixOS now automatically starts systemd user
instances when you log in. You can define global user units
through the <literal>systemd.unit.*</literal> options.
</para>
</listitem>
<listitem>
<para>
NixOS is now based on Glibc 2.19 and GCC 4.8.
</para>
</listitem>
<listitem>
<para>
The default Linux kernel has been updated to 3.12.
</para>
</listitem>
<listitem>
<para>
KDE has been updated to 4.12.
</para>
</listitem>
<listitem>
<para>
GNOME 3.10 experimental support has been added.
</para>
</listitem>
<listitem>
<para>
Nix has been updated to 1.7
(<link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-1.7">details</link>).
</para>
</listitem>
<listitem>
<para>
NixOS now supports fully declarative management of users and
groups. If you set <literal>users.mutableUsers</literal> to
<literal>false</literal>, then the contents of
<literal>/etc/passwd</literal> and <literal>/etc/group</literal>
will be
<link xlink:href="https://www.usenix.org/legacy/event/lisa02/tech/full_papers/traugott/traugott_html/">congruent</link>
to your NixOS configuration. For instance, if you remove a user
from <literal>users.extraUsers</literal> and run
<literal>nixos-rebuild</literal>, the user account will cease to
exist. Also, imperative commands for managing users and groups,
such as <literal>useradd</literal>, are no longer available. If
<literal>users.mutableUsers</literal> is <literal>true</literal>
(the default), then behaviour is unchanged from NixOS 13.10.
</para>
</listitem>
<listitem>
<para>
NixOS now has basic container support, meaning you can easily
run a NixOS instance as a container in a NixOS host system.
These containers are suitable for testing and experimentation
but not production use, since they’re not fully isolated from
the host. See <xref linkend="ch-containers" /> for details.
</para>
</listitem>
<listitem>
<para>
Systemd units provided by packages can now be overridden from
the NixOS configuration. For instance, if a package
<literal>foo</literal> provides systemd units, you can say:
</para>
<programlisting language="bash">
{
systemd.packages = [ pkgs.foo ];
}
</programlisting>
<para>
to enable those units. You can then set or override unit options
in the usual way, e.g.
</para>
<programlisting language="bash">
{
systemd.services.foo.wantedBy = [ "multi-user.target" ];
systemd.services.foo.serviceConfig.MemoryLimit = "512M";
}
</programlisting>
<para>
When upgrading from a previous release, please be aware of the
following incompatible changes:
</para>
</listitem>
<listitem>
<para>
Nixpkgs no longer exposes unfree packages by default. If your
NixOS configuration requires unfree packages from Nixpkgs, you
need to enable support for them explicitly by setting:
</para>
<programlisting language="bash">
{
nixpkgs.config.allowUnfree = true;
}
</programlisting>
<para>
Otherwise, you get an error message such as:
</para>
<programlisting>
error: package ‘nvidia-x11-331.49-3.12.17’ in ‘…/nvidia-x11/default.nix:56’
has an unfree license, refusing to evaluate
</programlisting>
</listitem>
<listitem>
<para>
The Adobe Flash player is no longer enabled by default in the
Firefox and Chromium wrappers. To enable it, you must set:
</para>
<programlisting language="bash">
{
nixpkgs.config.allowUnfree = true;
nixpkgs.config.firefox.enableAdobeFlash = true; # for Firefox
nixpkgs.config.chromium.enableAdobeFlash = true; # for Chromium
}
</programlisting>
</listitem>
<listitem>
<para>
The firewall is now enabled by default. If you don’t want this,
you need to disable it explicitly:
</para>
<programlisting language="bash">
{
networking.firewall.enable = false;
}
</programlisting>
</listitem>
<listitem>
<para>
The option <literal>boot.loader.grub.memtest86</literal> has
been renamed to
<literal>boot.loader.grub.memtest86.enable</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>mysql55</literal> service has been merged into the
<literal>mysql</literal> service, which no longer sets a default
for the option <literal>services.mysql.package</literal>.
</para>
</listitem>
<listitem>
<para>
Package variants are now differentiated by suffixing the name,
rather than the version. For instance,
<literal>sqlite-3.8.4.3-interactive</literal> is now called
<literal>sqlite-interactive-3.8.4.3</literal>. This ensures that
<literal>nix-env -i sqlite</literal> is unambiguous, and that
<literal>nix-env -u</literal> won’t <quote>upgrade</quote>
<literal>sqlite</literal> to
<literal>sqlite-interactive</literal> or vice versa. Notably,
this change affects the Firefox wrapper (which provides
plugins), as it is now called
<literal>firefox-wrapper</literal>. So when using
<literal>nix-env</literal>, you should do
<literal>nix-env -e firefox; nix-env -i firefox-wrapper</literal>
if you want to keep using the wrapper. This change does not
affect declarative package management, since attribute names
like <literal>pkgs.firefoxWrapper</literal> were already
unambiguous.
</para>
</listitem>
<listitem>
<para>
The symlink <literal>/etc/ca-bundle.crt</literal> is gone.
Programs should instead use the environment variable
<literal>OPENSSL_X509_CERT_FILE</literal> (which points to
<literal>/etc/ssl/certs/ca-bundle.crt</literal>).
</para>
</listitem>
</itemizedlist>
</section>