diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1709.xml')
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-1709.xml | 899 |
1 files changed, 0 insertions, 899 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1709.xml b/nixos/doc/manual/release-notes/rl-1709.xml deleted file mode 100644 index 795c51d2923..00000000000 --- a/nixos/doc/manual/release-notes/rl-1709.xml +++ /dev/null @@ -1,899 +0,0 @@ -<section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-17.09"> - <title>Release 17.09 (“Hummingbird”, 2017/09/??)</title> - - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-17.09-highlights"> - <title>Highlights</title> - - <para> - In addition to numerous new and upgraded packages, this release has the - following highlights: - </para> - - <itemizedlist> - <listitem> - <para> - The GNOME version is now 3.24. KDE Plasma was upgraded to 5.10, KDE - Applications to 17.08.1 and KDE Frameworks to 5.37. - </para> - </listitem> - <listitem> - <para> - The user handling now keeps track of deallocated UIDs/GIDs. When a user or - group is revived, this allows it to be allocated the UID/GID it had - before. A consequence is that UIDs and GIDs are no longer reused. - </para> - </listitem> - <listitem> - <para> - The module option <option>services.xserver.xrandrHeads</option> now causes - the first head specified in this list to be set as the primary head. Apart - from that, it's now possible to also set additional options by using an - attribute set, for example: -<programlisting> -{ services.xserver.xrandrHeads = [ - "HDMI-0" - { - output = "DVI-0"; - primary = true; - monitorConfig = '' - Option "Rotate" "right" - ''; - } - ]; -} -</programlisting> - This will set the <literal>DVI-0</literal> output to be the primary head, - even though <literal>HDMI-0</literal> is the first head in the list. - </para> - </listitem> - <listitem> - <para> - The handling of SSL in the <literal>services.nginx</literal> module has - been cleaned up, renaming the misnamed <literal>enableSSL</literal> to - <literal>onlySSL</literal> which reflects its original intention. This is - not to be used with the already existing <literal>forceSSL</literal> which - creates a second non-SSL virtual host redirecting to the SSL virtual host. - This by chance had worked earlier due to specific implementation details. - In case you had specified both please remove the - <literal>enableSSL</literal> option to keep the previous behaviour. - </para> - <para> - Another <literal>addSSL</literal> option has been introduced to configure - both a non-SSL virtual host and an SSL virtual host with the same - configuration. - </para> - <para> - Options to configure <literal>resolver</literal> options and - <literal>upstream</literal> blocks have been introduced. See their - information for further details. - </para> - <para> - The <literal>port</literal> option has been replaced by a more generic - <literal>listen</literal> option which makes it possible to specify - multiple addresses, ports and SSL configs dependant on the new SSL - handling mentioned above. - </para> - </listitem> - </itemizedlist> - </section> - - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-17.09-new-services"> - <title>New Services</title> - - <para> - The following new services were added since the last release: - </para> - - <itemizedlist> - <listitem> - <para> - <literal>config/fonts/fontconfig-penultimate.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>config/fonts/fontconfig-ultimate.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>config/terminfo.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>hardware/sensor/iio.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>hardware/nitrokey.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>hardware/raid/hpsa.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>programs/browserpass.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>programs/gnupg.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>programs/qt5ct.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>programs/slock.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>programs/thefuck.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>security/auditd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>security/lock-kernel-modules.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>service-managers/docker.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>service-managers/trivial.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/admin/salt/master.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/admin/salt/minion.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/audio/slimserver.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/cluster/kubernetes/default.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/cluster/kubernetes/dns.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/cluster/kubernetes/dashboard.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/continuous-integration/hail.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/databases/clickhouse.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/databases/postage.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/desktops/gnome3/gnome-disks.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/desktops/gnome3/gpaste.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/logging/SystemdJournal2Gelf.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/logging/heartbeat.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/logging/journalwatch.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/logging/syslogd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/mail/mailhog.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/mail/nullmailer.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/airsonic.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/autorandr.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/exhibitor.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/fstrim.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/gollum.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/irkerd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/jackett.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/radarr.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/misc/snapper.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/monitoring/osquery.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/monitoring/prometheus/collectd-exporter.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/monitoring/prometheus/fritzbox-exporter.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/network-filesystems/kbfs.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/dnscache.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/fireqos.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/iwd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/keepalived/default.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/keybase.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/lldpd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/matterbridge.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/squid.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/tinydns.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/networking/xrdp.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/shibboleth-sp.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/sks.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/sshguard.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/torify.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/usbguard.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/security/vault.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/system/earlyoom.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/system/saslauthd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/web-apps/nexus.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/web-apps/pgpkeyserver-lite.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/web-apps/piwik.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/web-servers/lighttpd/collectd.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/web-servers/minio.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/x11/display-managers/xpra.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>services/x11/xautolock.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>tasks/filesystems/bcachefs.nix</literal> - </para> - </listitem> - <listitem> - <para> - <literal>tasks/powertop.nix</literal> - </para> - </listitem> - </itemizedlist> - </section> - - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-17.09-incompatibilities"> - <title>Backward Incompatibilities</title> - - <para> - When upgrading from a previous release, please be aware of the following - incompatible changes: - </para> - - <itemizedlist> - <listitem> - <para> - <emphasis role="strong"> In an Qemu-based virtualization environment, the - network interface names changed from i.e. <literal>enp0s3</literal> to - <literal>ens3</literal>. </emphasis> - </para> - <para> - This is due to a kernel configuration change. The new naming is consistent - with those of other Linux distributions with systemd. See - <link xlink:href="https://github.com/NixOS/nixpkgs/issues/29197">#29197</link> - for more information. - </para> - <para> - A machine is affected if the <literal>virt-what</literal> tool either - returns <literal>qemu</literal> or <literal>kvm</literal> - <emphasis>and</emphasis> has interface names used in any part of its NixOS - configuration, in particular if a static network configuration with - <literal>networking.interfaces</literal> is used. - </para> - <para> - Before rebooting affected machines, please ensure: - <itemizedlist> - <listitem> - <para> - Change the interface names in your NixOS configuration. The first - interface will be called <literal>ens3</literal>, the second one - <literal>ens8</literal> and starting from there incremented by 1. - </para> - </listitem> - <listitem> - <para> - After changing the interface names, rebuild your system with - <literal>nixos-rebuild boot</literal> to activate the new configuration - after a reboot. If you switch to the new configuration right away you - might lose network connectivity! If using <literal>nixops</literal>, - deploy with <literal>nixops deploy --force-reboot</literal>. - </para> - </listitem> - </itemizedlist> - </para> - </listitem> - <listitem> - <para> - The following changes apply if the <literal>stateVersion</literal> is - changed to 17.09 or higher. For <literal>stateVersion = "17.03"</literal> - or lower the old behavior is preserved. - </para> - <itemizedlist> - <listitem> - <para> - The <literal>postgres</literal> default version was changed from 9.5 to - 9.6. - </para> - </listitem> - <listitem> - <para> - The <literal>postgres</literal> superuser name has changed from - <literal>root</literal> to <literal>postgres</literal> to more closely - follow what other Linux distributions are doing. - </para> - </listitem> - <listitem> - <para> - The <literal>postgres</literal> default <literal>dataDir</literal> has - changed from <literal>/var/db/postgres</literal> to - <literal>/var/lib/postgresql/$psqlSchema</literal> where $psqlSchema is - 9.6 for example. - </para> - </listitem> - <listitem> - <para> - The <literal>mysql</literal> default <literal>dataDir</literal> has - changed from <literal>/var/mysql</literal> to - <literal>/var/lib/mysql</literal>. - </para> - </listitem> - <listitem> - <para> - Radicale's default package has changed from 1.x to 2.x. Instructions to - migrate can be found <link xlink:href="http://radicale.org/1to2/"> here - </link>. It is also possible to use the newer version by setting the - <literal>package</literal> to <literal>radicale2</literal>, which is - done automatically when <literal>stateVersion</literal> is 17.09 or - higher. The <literal>extraArgs</literal> option has been added to allow - passing the data migration arguments specified in the instructions; see - the - <filename xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/radicale.nix">radicale.nix</filename> - NixOS test for an example migration. - </para> - </listitem> - </itemizedlist> - </listitem> - <listitem> - <para> - The <literal>aiccu</literal> package was removed. This is due to SixXS - <link xlink:href="https://www.sixxs.net/main/"> sunsetting</link> its IPv6 - tunnel. - </para> - </listitem> - <listitem> - <para> - The <literal>fanctl</literal> package and <literal>fan</literal> module - have been removed due to the developers not upstreaming their iproute2 - patches and lagging with compatibility to recent iproute2 versions. - </para> - </listitem> - <listitem> - <para> - Top-level <literal>idea</literal> package collection was renamed. All - JetBrains IDEs are now at <literal>jetbrains</literal>. - </para> - </listitem> - <listitem> - <para> - <literal>flexget</literal>'s state database cannot be upgraded to its new - internal format, requiring removal of any existing - <literal>db-config.sqlite</literal> which will be automatically recreated. - </para> - </listitem> - <listitem> - <para> - The <literal>ipfs</literal> service now doesn't ignore the - <literal>dataDir</literal> option anymore. If you've ever set this option - to anything other than the default you'll have to either unset it (so the - default gets used) or migrate the old data manually with -<programlisting> -dataDir=<valueOfDataDir> -mv /var/lib/ipfs/.ipfs/* $dataDir -rmdir /var/lib/ipfs/.ipfs -</programlisting> - </para> - </listitem> - <listitem> - <para> - The <literal>caddy</literal> service was previously using an extra - <literal>.caddy</literal> directory in the data directory specified with - the <literal>dataDir</literal> option. The contents of the - <literal>.caddy</literal> directory are now expected to be in the - <literal>dataDir</literal>. - </para> - </listitem> - <listitem> - <para> - The <literal>ssh-agent</literal> user service is not started by default - anymore. Use <literal>programs.ssh.startAgent</literal> to enable it if - needed. There is also a new <literal>programs.gnupg.agent</literal> module - that creates a <literal>gpg-agent</literal> user service. It can also - serve as a SSH agent if <literal>enableSSHSupport</literal> is set. - </para> - </listitem> - <listitem> - <para> - The <literal>services.tinc.networks.<name>.listenAddress</literal> - option had a misleading name that did not correspond to its behavior. It - now correctly defines the ip to listen for incoming connections on. To - keep the previous behaviour, use - <literal>services.tinc.networks.<name>.bindToAddress</literal> - instead. Refer to the description of the options for more details. - </para> - </listitem> - <listitem> - <para> - <literal>tlsdate</literal> package and module were removed. This is due to - the project being dead and not building with openssl 1.1. - </para> - </listitem> - <listitem> - <para> - <literal>wvdial</literal> package and module were removed. This is due to - the project being dead and not building with openssl 1.1. - </para> - </listitem> - <listitem> - <para> - <literal>cc-wrapper</literal>'s setup-hook now exports a number of - environment variables corresponding to binutils binaries, (e.g. - <envar>LD</envar>, <envar>STRIP</envar>, <envar>RANLIB</envar>, etc). This - is done to prevent packages' build systems guessing, which is harder to - predict, especially when cross-compiling. However, some packages have - broken due to this—their build systems either not supporting, or - claiming to support without adequate testing, taking such environment - variables as parameters. - </para> - </listitem> - <listitem> - <para> - <literal>services.firefox.syncserver</literal> now runs by default as a - non-root user. To accomodate this change, the default sqlite database - location has also been changed. Migration should work automatically. Refer - to the description of the options for more details. - </para> - </listitem> - <listitem> - <para> - The <literal>compiz</literal> window manager and package was removed. The - system support had been broken for several years. - </para> - </listitem> - <listitem> - <para> - Touchpad support should now be enabled through <literal>libinput</literal> - as <literal>synaptics</literal> is now deprecated. See the option - <literal>services.xserver.libinput.enable</literal>. - </para> - </listitem> - <listitem> - <para> - grsecurity/PaX support has been dropped, following upstream's decision to - cease free support. See - <link xlink:href="https://grsecurity.net/passing_the_baton.php"> - upstream's announcement</link> for more information. No complete - replacement for grsecurity/PaX is available presently. - </para> - </listitem> - <listitem> - <para> - <literal>services.mysql</literal> now has declarative configuration of - databases and users with the <literal>ensureDatabases</literal> and - <literal>ensureUsers</literal> options. - </para> - <para> - These options will never delete existing databases and users, especially - not when the value of the options are changed. - </para> - <para> - The MySQL users will be identified using - <link xlink:href="https://mariadb.com/kb/en/library/authentication-plugin-unix-socket/"> - Unix socket authentication</link>. This authenticates the Unix user with - the same name only, and that without the need for a password. - </para> - <para> - If you have previously created a MySQL <literal>root</literal> user - <emphasis>with a password</emphasis>, you will need to add - <literal>root</literal> user for unix socket authentication before using - the new options. This can be done by running the following SQL script: -<programlisting language="sql"> -CREATE USER 'root'@'%' IDENTIFIED BY ''; -GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION; -FLUSH PRIVILEGES; - --- Optionally, delete the password-authenticated user: --- DROP USER 'root'@'localhost'; -</programlisting> - </para> - </listitem> - <listitem> - <para> - <literal>services.mysqlBackup</literal> now works by default without any - user setup, including for users other than <literal>mysql</literal>. - </para> - <para> - By default, the <literal>mysql</literal> user is no longer the user which - performs the backup. Instead a system account - <literal>mysqlbackup</literal> is used. - </para> - <para> - The <literal>mysqlBackup</literal> service is also now using systemd - timers instead of <literal>cron</literal>. - </para> - <para> - Therefore, the <literal>services.mysqlBackup.period</literal> option no - longer exists, and has been replaced with - <literal>services.mysqlBackup.calendar</literal>, which is in the format - of - <link - xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events">systemd.time(7)</link>. - </para> - <para> - If you expect to be sent an e-mail when the backup fails, consider using a - script which monitors the systemd journal for errors. Regretfully, at - present there is no built-in functionality for this. - </para> - <para> - You can check that backups still work by running <command>systemctl start - mysql-backup</command> then <command>systemctl status - mysql-backup</command>. - </para> - </listitem> - <listitem> - <para> - Templated systemd services e.g <literal>container@name</literal> are now - handled currectly when switching to a new configuration, resulting in them - being reloaded. - </para> - </listitem> - <listitem> - <para> - Steam: the <literal>newStdcpp</literal> parameter was removed and should - not be needed anymore. - </para> - </listitem> - <listitem> - <para> - Redis has been updated to version 4 which mandates a cluster mass-restart, - due to changes in the network handling, in order to ensure compatibility - with networks NATing traffic. - </para> - </listitem> - </itemizedlist> - </section> - - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-17.09-notable-changes"> - <title>Other Notable Changes</title> - - <itemizedlist> - <listitem> - <para> - Modules can now be disabled by using - <link - xlink:href="https://nixos.org/nixpkgs/manual/#sec-replace-modules"> - disabledModules</link>, allowing another to take it's place. This can be - used to import a set of modules from another channel while keeping the - rest of the system on a stable release. - </para> - </listitem> - <listitem> - <para> - Updated to FreeType 2.7.1, including a new TrueType engine. The new engine - replaces the Infinality engine which was the default in NixOS. The default - font rendering settings are now provided by fontconfig-penultimate, - replacing fontconfig-ultimate; the new defaults are less invasive and - provide rendering that is more consistent with other systems and hopefully - with each font designer's intent. Some system-wide configuration has been - removed from the Fontconfig NixOS module where user Fontconfig settings - are available. - </para> - </listitem> - <listitem> - <para> - ZFS/SPL have been updated to 0.7.0, <literal>zfsUnstable, - splUnstable</literal> have therefore been removed. - </para> - </listitem> - <listitem> - <para> - The <option>time.timeZone</option> option now allows the value - <literal>null</literal> in addition to timezone strings. This value allows - changing the timezone of a system imperatively using <command>timedatectl - set-timezone</command>. The default timezone is still UTC. - </para> - </listitem> - <listitem> - <para> - Nixpkgs overlays may now be specified with a file as well as a directory. - The value of <literal><nixpkgs-overlays></literal> may be a file, and - <filename>~/.config/nixpkgs/overlays.nix</filename> can be used instead of - the <filename>~/.config/nixpkgs/overlays</filename> directory. - </para> - <para> - See the overlays chapter of the Nixpkgs manual for more details. - </para> - </listitem> - <listitem> - <para> - Definitions for <filename>/etc/hosts</filename> can now be specified - declaratively with <literal>networking.hosts</literal>. - </para> - </listitem> - <listitem> - <para> - Two new options have been added to the installer loader, in addition to - the default having changed. The kernel log verbosity has been lowered to - the upstream default for the default options, in order to not spam the - console when e.g. joining a network. - </para> - <para> - This therefore leads to adding a new <literal>debug</literal> option to - set the log level to the previous verbose mode, to make debugging easier, - but still accessible easily. - </para> - <para> - Additionally a <literal>copytoram</literal> option has been added, which - makes it possible to remove the install medium after booting. This allows - tethering from your phone after booting from it. - </para> - </listitem> - <listitem> - <para> - <literal>services.gitlab-runner.configOptions</literal> has been added to - specify the configuration of gitlab-runners declaratively. - </para> - </listitem> - <listitem> - <para> - <literal>services.jenkins.plugins</literal> has been added to install - plugins easily, this can be generated with jenkinsPlugins2nix. - </para> - </listitem> - <listitem> - <para> - <literal>services.postfix.config</literal> has been added to specify the - main.cf with NixOS options. Additionally other options have been added to - the postfix module and has been improved further. - </para> - </listitem> - <listitem> - <para> - The GitLab package and module have been updated to the latest 10.0 - release. - </para> - </listitem> - <listitem> - <para> - The <literal>systemd-boot</literal> boot loader now lists the NixOS - version, kernel version and build date of all bootable generations. - </para> - </listitem> - <listitem> - <para> - The dnscrypt-proxy service now defaults to using a random upstream - resolver, selected from the list of public non-logging resolvers with - DNSSEC support. Existing configurations can be migrated to this mode of - operation by omitting the - <option>services.dnscrypt-proxy.resolverName</option> option or setting it - to <literal>"random"</literal>. - </para> - </listitem> - </itemizedlist> - </section> -</section> |