Some release notes updates

1 files changed, 64 insertions, 35 deletions

diff --git a/nixos/doc/manual/release-notes/rl-1609.xml b/nixos/doc/manual/release-notes/rl-1609.xml
index c884eaa3ec2..994764e188e 100644
--- a/nixos/doc/manual/release-notes/rl-1609.xml
+++ b/nixos/doc/manual/release-notes/rl-1609.xml
@@ -4,7 +4,7 @@
          version="5.0"
          xml:id="sec-release-16.09">
 
-<title>Release 16.09 (“Flounder”, 2016/09/??)</title>
+<title>Release 16.09 (“Flounder”, 2016/09/31)</title>
 
 <para>In addition to numerous new and upgraded packages, this release
 has the following highlights: </para>
@@ -12,22 +12,45 @@ has the following highlights: </para>
 <itemizedlist>
 
   <listitem>
-    <para>PXE "netboot" media has landed in <link xlink:href="https://github.com/NixOS/nixpkgs/pull/14740" />.
-    See <xref linkend="sec-booting-from-pxe" /> for documentation.</para>
+    <para>Many NixOS configurations and Nix packages now use
+    significantly less disk space, thanks to the <link
+    xlink:href="https://github.com/NixOS/nixpkgs/issues/7117">extensive
+    work on closure size reduction</link>. For example, the closure
+    size of a minimal NixOS container went down from ~424 MiB in 16.03
+    to ~212 MiB in 16.09, while the closure size of Firefox went from
+    ~651 MiB to ~259 MiB.</para>
   </listitem>
 
   <listitem>
-    <para>Xorg-server-1.18.*. If you choose <literal>"ati_unfree"</literal> driver,
-    1.17.* is still used due to ABI incompatibility.</para>
+    <para>To improve security, packages are now <link
+    xlink:href="https://github.com/NixOS/nixpkgs/pull/12895">built
+    using various hardening features</link>. See the Nixpkgs manual
+    for more information.</para>
   </listitem>
+
+  <listitem>
+    <para>Support for PXE netboot.  See <xref
+    linkend="sec-booting-from-pxe" /> for documentation.</para>
+  </listitem>
+
+  <listitem>
+    <para>X.org server 1.18. If you use the
+    <literal>ati_unfree</literal> driver, 1.17 is still used due to an
+    ABI incompatibility.</para>
+  </listitem>
+
+  <listitem>
+    <para>This release is based on Glibc 2.24, GCC 5.4.0 and systemd
+    231. The default Linux kernel remains 4.4.</para>
+  </listitem>
+
 </itemizedlist>
 
 <para>The following new services were added since the last release:</para>
 
-  <itemizedlist>
-    <listitem><para><literal>(this will get automatically generated at release time)</literal></para></listitem>
-  </itemizedlist>
-
+<itemizedlist>
+  <listitem><para><literal>(this will get automatically generated at release time)</literal></para></listitem>
+</itemizedlist>
 
 <para>When upgrading from a previous release, please be aware of the
 following incompatible changes:</para>
@@ -36,7 +59,8 @@ following incompatible changes:</para>
 
   <listitem>
     <para>A large number of packages have been converted to use the multiple outputs feature
-      of Nix to greatly reduce the amount of required disk space. This may require changes
+      of Nix to greatly reduce the amount of required disk space, as
+      mentioned above. This may require changes
       to any custom packages to make them build again; see the relevant chapter in the
       Nixpkgs manual for more information. (Additional caveat to packagers: some packaging conventions
       related to multiple-output packages
@@ -58,16 +82,12 @@ following incompatible changes:</para>
   </listitem>
 
   <listitem>
-    <para>/var/setuid-wrappers/
-      <link xlink:href="https://github.com/NixOS/nixpkgs/pull/18124">is now a symlink so
-      it can be atomically updated</link>
-      and it's not mounted as tmpfs anymore since setuid binaries are located on /run/ as tmpfs.
-    </para>
-  </listitem>
-
-  <listitem>
-    <para>Gitlab's maintainence script gitlab-runner was removed and split up into the more clearer
-      gitlab-run and gitlab-rake scripts because gitlab-runner is a component of Gitlab CI.</para>
+    <para>Gitlab's maintainance script
+    <command>gitlab-runner</command> was removed and split up into the
+    more clearer <command>gitlab-run</command> and
+    <command>gitlab-rake</command> scripts, because
+    <command>gitlab-runner</command> is a component of Gitlab
+    CI.</para>
   </listitem>
 
   <listitem>
@@ -80,14 +100,14 @@ following incompatible changes:</para>
   <listitem>
     <para><literal>fonts.fontconfig.ultimate.rendering</literal> was removed
     because our presets were obsolete for some time. New presets are hardcoded
-    into freetype; one selects a preset via <literal>fonts.fontconfig.ultimate.preset</literal>.
+    into FreeType; you can select a preset via <literal>fonts.fontconfig.ultimate.preset</literal>.
     You can customize those presets via ordinary environment variables, using
     <literal>environment.variables</literal>.</para>
   </listitem>
 
   <listitem>
     <para>The <literal>audit</literal> service is no longer enabled by default.
-    Use <literal>security.audit.enable = true;</literal> to explicitly enable it.</para>
+    Use <literal>security.audit.enable = true</literal> to explicitly enable it.</para>
   </listitem>
 
   <listitem>
@@ -100,10 +120,11 @@ following incompatible changes:</para>
   </listitem>
 
   <listitem>
-    <para><literal>goPackages</literal> was replaced with separated Go applications
-    in appropriate <literal>nixpkgs</literal> categories. Each Go package uses its own
-    dependency set defined in nix. There's also a new <literal>go2nix</literal>
-    tool introduced to generate Go package definition from its Go source automatically.</para>
+    <para><literal>goPackages</literal> was replaced with separated Go
+    applications in appropriate <literal>nixpkgs</literal>
+    categories. Each Go package uses its own dependency set. There's
+    also a new <literal>go2nix</literal> tool introduced to generate a
+    Go package definition from its Go source automatically.</para>
   </listitem>
 
   <listitem>
@@ -127,10 +148,11 @@ following incompatible changes:</para>
   </para></listitem>
 
   <listitem><para>Special filesystems, like <literal>/proc</literal>,
-  <literal>/run</literal> and others, now have the same mount options as
-  recommended by systemd. They are now unified across different places in NixOS.
-  Options are also updated on the system switch if possible. One benefit from
-  this is improved security -- most such filesystems are now mounted with
+  <literal>/run</literal> and others, now have the same mount options
+  as recommended by systemd and are unified across different places in
+  NixOS.  Mount options are updated during <command>nixos-rebuild
+  switch</command> if possible. One benefit from this is improved
+  security — most such filesystems are now mounted with
   <literal>noexec</literal>, <literal>nodev</literal> and/or
   <literal>nosuid</literal> options.</para></listitem>
 
@@ -141,11 +163,18 @@ following incompatible changes:</para>
   debugging.</para></listitem>
 
   <listitem><para>Containers configuration within
-  <literal>containers.&lt;name&gt;.config</literal> is now properly
-  typed and checked. In particular, partial configurations are merged
-  correctly.
-  (<link xlink:href="https://github.com/NixOS/nixpkgs/pull/17365">#17365</link>)
-  </para></listitem>
+  <literal>containers.&lt;name&gt;.config</literal> is <link
+  xlink:href="https://github.com/NixOS/nixpkgs/pull/17365">now
+  properly typed and checked</link>. In particular, partial
+  configurations are merged correctly.</para></listitem>
+
+  <listitem>
+    <para>The directory container setuid wrapper programs,
+    <filename>/var/setuid-wrappers</filename>, <link
+    xlink:href="https://github.com/NixOS/nixpkgs/pull/18124">is now
+    updated atomically to prevent failures if the switch to a new
+    configuration is interrupted.</link></para>
+  </listitem>
 
 </itemizedlist>