diff options
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2003.xml | 58 |
1 files changed, 57 insertions, 1 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index 67e7c861eff..4ee9ebd6a2b 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -25,6 +25,13 @@ </listitem> <listitem> <para> + Linux kernel is updated to branch 5.4 by default (from 4.19). + Users of Intel GPUs may prefer to explicitly set branch to 4.19 to avoid some regressions. + <programlisting>boot.kernelPackages = pkgs.linuxPackages_4_19;</programlisting> + </para> + </listitem> + <listitem> + <para> Postgresql for NixOS service now defaults to v11. </para> </listitem> @@ -126,7 +133,7 @@ services.xserver.displayManager.defaultSession = "xfce+icewm"; <listitem> <para> The <literal>dynamicHosts</literal> option has been removed from the - <link linkend="opt-networking.networkmanager.enable">networkd</link> + <link linkend="opt-networking.networkmanager.enable">NetworkManager</link> module. Allowing (multiple) regular users to override host entries affecting the whole system opens up a huge attack vector. There seem to be very rare cases where this might be useful. @@ -490,6 +497,55 @@ auth required pam_succeed_if.so uid >= 1000 quiet All other display managers in NixOS are configured like this. </para> </listitem> + <listitem> + <para> + There have been lots of improvements to the Mailman module. As + a result, + </para> + <itemizedlist> + <listitem> + <para> + The <option>services.mailman.hyperkittyBaseUrl</option> + option has been renamed to <xref + linkend="opt-services.mailman.hyperkitty.baseUrl"/>. + </para> + </listitem> + <listitem> + <para> + The <option>services.mailman.hyperkittyApiKey</option> + option has been removed. This is because having an option + for the Hyperkitty API key meant that the API key would be + stored in the world-readable Nix store, which was a + security vulnerability. A new Hyperkitty API key will be + generated the first time the new Hyperkitty service is run, + and it will then be persisted outside of the Nix store. To + continue using Hyperkitty, you must set <xref + linkend="opt-services.mailman.hyperkitty.enable"/> to + <literal>true</literal>. + </para> + </listitem> + <listitem> + <para> + Additionally, some Postfix configuration must now be set + manually instead of automatically by the Mailman module: +<programlisting> +<xref linkend="opt-services.postfix.relayDomains"/> = [ "hash:/var/lib/mailman/data/postfix_domains" ]; +<xref linkend="opt-services.postfix.config"/>.transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ]; +<xref linkend="opt-services.postfix.config"/>.local_recipient_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ]; +</programlisting> + This is because some users may want to include other values + in these lists as well, and this was not possible if they + were set automatically by the Mailman module. It would not + have been possible to just concatenate values from multiple + modules each setting the values they needed, because the + order of elements in the list is significant. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para>The LLVM versions 3.5, 3.9 and 4 (including the corresponding CLang versions) have been dropped.</para> + </listitem> </itemizedlist> </section> |