forked from mirrors/nixpkgs
780 lines
26 KiB
XML
780 lines
26 KiB
XML
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-21.11">
|
||
<title>Release 21.11 (“?”, 2021.11/??)</title>
|
||
<para>
|
||
In addition to numerous new and upgraded packages, this release has
|
||
the following highlights:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Support is planned until the end of June 2022, handing over to
|
||
22.05.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<section xml:id="sec-release-21.11-highlights">
|
||
<title>Highlights</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
PHP now defaults to PHP 8.0, updated from 7.4.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
kOps now defaults to 1.21.0, which uses containerd as the
|
||
default runtime.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>python3</literal> now defaults to Python 3.9, updated
|
||
from Python 3.8.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
PostgreSQL now defaults to major version 13.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-21.11-new-services">
|
||
<title>New Services</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://digint.ch/btrbk/index.html">btrbk</link>,
|
||
a backup tool for btrfs subvolumes, taking advantage of btrfs
|
||
specific capabilities to create atomic snapshots and transfer
|
||
them incrementally to your backup locations. Available as
|
||
<link xlink:href="options.html#opt-services.brtbk.instances">services.btrbk</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/xrelkd/clipcat/">clipcat</link>,
|
||
an X11 clipboard manager written in Rust. Available at
|
||
[services.clipcat](options.html#o pt-services.clipcat.enable).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/maxmind/geoipupdate">geoipupdate</link>,
|
||
a GeoIP database updater from MaxMind. Available as
|
||
<link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.isc.org/kea/">Kea</link>, ISCs
|
||
2nd generation DHCP and DDNS server suite. Available at
|
||
<link xlink:href="options.html#opt-services.kea">services.kea</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://sr.ht">sourcehut</link>, a
|
||
collection of tools useful for software development. Available
|
||
as
|
||
<link xlink:href="options.html#opt-services.sourcehut.enable">services.sourcehut</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://download.pureftpd.org/pub/ucarp/README">ucarp</link>,
|
||
an userspace implementation of the Common Address Redundancy
|
||
Protocol (CARP). Available as
|
||
<link xlink:href="options.html#opt-networking.ucarp.enable">networking.ucarp</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Users of flashrom should migrate to
|
||
<link xlink:href="options.html#opt-programs.flashrom.enable">programs.flashrom.enable</link>
|
||
and add themselves to the <literal>flashrom</literal> group to
|
||
be able to access programmers supported by flashrom.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://vikunja.io">vikunja</link>, a to-do
|
||
list app. Available as
|
||
<link linkend="opt-services.vikunja.enable">services.vikunja</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/evilsocket/opensnitch">opensnitch</link>,
|
||
an application firewall. Available as
|
||
<link linkend="opt-services.opensnitch.enable">services.opensnitch</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.snapraid.it/">snapraid</link>, a
|
||
backup program for disk arrays. Available as
|
||
<link linkend="opt-snapraid.enable">snapraid</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/hockeypuck/hockeypuck">Hockeypuck</link>,
|
||
a OpenPGP Key Server. Available as
|
||
<link linkend="opt-services.hockeypuck.enable">services.hockeypuck</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/buildkite/buildkite-agent-metrics">buildkite-agent-metrics</link>,
|
||
a command-line tool for collecting Buildkite agent metrics,
|
||
now has a Prometheus exporter available as
|
||
<link linkend="opt-services.prometheus.exporters.buildkite-agent.enable">services.prometheus.exporters.buildkite-agent</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/prometheus/influxdb_exporter">influxdb-exporter</link>
|
||
a Prometheus exporter that exports metrics received on an
|
||
InfluxDB compatible endpoint is now available as
|
||
<link linkend="opt-services.prometheus.exporters.influxdb.enable">services.prometheus.exporters.influxdb</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/matrix-discord/mx-puppet-discord">mx-puppet-discord</link>,
|
||
a discord puppeting bridge for matrix. Available as
|
||
<link linkend="opt-services.mx-puppet-discord.enable">services.mx-puppet-discord</link>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-21.11-incompatibilities">
|
||
<title>Backward Incompatibilities</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
The <literal>staticjinja</literal> package has been upgraded
|
||
from 1.0.4 to 3.0.1
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>services.geoip-updater</literal> was broken and has
|
||
been replaced by
|
||
<link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
PHP 7.3 is no longer supported due to upstream not supporting
|
||
this version for the entire lifecycle of the 21.11 release.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Those making use of <literal>buildBazelPackage</literal> will
|
||
need to regenerate the fetch hashes (preferred), or set
|
||
<literal>fetchConfigured = false;</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>consul</literal> was upgraded to a new major release
|
||
with breaking changes, see
|
||
<link xlink:href="https://github.com/hashicorp/consul/releases/tag/v1.10.0">upstream
|
||
changelog</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
fsharp41 has been removed in preference to use the latest
|
||
dotnet-sdk
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The following F#-related packages have been removed for being
|
||
unmaintaned. Please use <literal>fetchNuGet</literal> for
|
||
specific packages.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
ExtCore
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Fake
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Fantomas
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsCheck
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsCheck262
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsCheckNunit
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpAutoComplete
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCompilerCodeDom
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCompilerService
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCompilerTools
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCore302
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCore3125
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCore4001
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpCore4117
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpData
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpData225
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpDataSQLProvider
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FSharpFormatting
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsLexYacc
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsLexYacc706
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsLexYaccRuntime
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsPickler
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
FsUnit
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Projekt
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Suave
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
UnionArgParser
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
ExcelDnaRegistration
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
MathNetNumerics
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>programs.x2goserver</literal> is now
|
||
<literal>services.x2goserver</literal>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The following dotnet-related packages have been removed for
|
||
being unmaintaned. Please use <literal>fetchNuGet</literal>
|
||
for specific packages.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Autofac
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
SystemValueTuple
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
MicrosoftDiaSymReader
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
MicrosoftDiaSymReaderPortablePdb
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
SystemCollectionsImmutable
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
SystemCollectionsImmutable131
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
SystemReflectionMetadata
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
NUnit350
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Deedle
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
ExcelDna
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
GitVersionTree
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
NDeskOptions
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
The <literal>antlr</literal> package now defaults to the 4.x
|
||
release instead of the old 2.7.7 version.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>pulseeffects</literal> package updated to
|
||
<link xlink:href="https://github.com/wwmm/easyeffects/releases/tag/v6.0.0">version
|
||
4.x</link> and renamed to <literal>easyeffects</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>libwnck</literal> package now defaults to the 3.x
|
||
release instead of the old 2.31.0 version.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>bitwarden_rs</literal> packages and modules were
|
||
renamed to <literal>vaultwarden</literal>
|
||
<link xlink:href="https://github.com/dani-garcia/vaultwarden/discussions/1642">following
|
||
upstream</link>. More specifically,
|
||
</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<literal>pkgs.bitwarden_rs</literal>,
|
||
<literal>pkgs.bitwarden_rs-sqlite</literal>,
|
||
<literal>pkgs.bitwarden_rs-mysql</literal> and
|
||
<literal>pkgs.bitwarden_rs-postgresql</literal> were
|
||
renamed to <literal>pkgs.vaultwarden</literal>,
|
||
<literal>pkgs.vaultwarden-sqlite</literal>,
|
||
<literal>pkgs.vaultwarden-mysql</literal> and
|
||
<literal>pkgs.vaultwarden-postgresql</literal>,
|
||
respectively.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Old names are preserved as aliases for backwards
|
||
compatibility, but may be removed in the future.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>bitwarden_rs</literal> executable was
|
||
also renamed to <literal>vaultwarden</literal> in all
|
||
packages.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>pkgs.bitwarden_rs-vault</literal> was renamed to
|
||
<literal>pkgs.vaultwarden-vault</literal>.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<literal>pkgs.bitwarden_rs-vault</literal> is
|
||
preserved as an alias for backwards compatibility, but
|
||
may be removed in the future.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The static files were moved from
|
||
<literal>/usr/share/bitwarden_rs</literal> to
|
||
<literal>/usr/share/vaultwarden</literal>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>services.bitwarden_rs</literal> config module
|
||
was renamed to <literal>services.vaultwarden</literal>.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<literal>services.bitwarden_rs</literal> is preserved
|
||
as an alias for backwards compatibility, but may be
|
||
removed in the future.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>systemd.services.bitwarden_rs</literal>,
|
||
<literal>systemd.services.backup-bitwarden_rs</literal>
|
||
and <literal>systemd.timers.backup-bitwarden_rs</literal>
|
||
were renamed to
|
||
<literal>systemd.services.vaultwarden</literal>,
|
||
<literal>systemd.services.backup-vaultwarden</literal> and
|
||
<literal>systemd.timers.backup-vaultwarden</literal>,
|
||
respectively.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Old names are preserved as aliases for backwards
|
||
compatibility, but may be removed in the future.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>users.users.bitwarden_rs</literal> and
|
||
<literal>users.groups.bitwarden_rs</literal> were renamed
|
||
to <literal>users.users.vaultwarden</literal> and
|
||
<literal>users.groups.vaultwarden</literal>, respectively.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The data directory remains located at
|
||
<literal>/var/lib/bitwarden_rs</literal>, for backwards
|
||
compatibility.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<literal>yggdrasil</literal> was upgraded to a new major
|
||
release with breaking changes, see
|
||
<link xlink:href="https://github.com/yggdrasil-network/yggdrasil-go/releases/tag/v0.4.0">upstream
|
||
changelog</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>icingaweb2</literal> was upgraded to a new release
|
||
which requires a manual database upgrade, see
|
||
<link xlink:href="https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0">upstream
|
||
changelog</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>isabelle</literal> package has been upgraded from
|
||
2020 to 2021
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
the <literal>mingw-64</literal> package has been upgraded from
|
||
6.0.0 to 9.0.0
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>tt-rss</literal> was upgraded to the commit on
|
||
2021-06-21, which has breaking changes. If you use
|
||
<literal>services.tt-rss.extraConfig</literal> you should
|
||
migrate to the <literal>putenv</literal>-style configuration.
|
||
See
|
||
<link xlink:href="https://community.tt-rss.org/t/rip-config-php-hello-classes-config-php/4337">this
|
||
Discourse post</link> in the tt-rss forums for more details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The following Visual Studio Code extensions were renamed to
|
||
keep the naming convention uniform.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<literal>bbenoist.Nix</literal> ->
|
||
<literal>bbenoist.nix</literal>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>CoenraadS.bracket-pair-colorizer</literal> ->
|
||
<literal>coenraads.bracket-pair-colorizer</literal>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>golang.Go</literal> ->
|
||
<literal>golang.go</literal>
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-21.11-notable-changes">
|
||
<title>Other Notable Changes</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
The setting
|
||
<link xlink:href="options.html#opt-services.openssh.logLevel"><literal>services.openssh.logLevel</literal></link>
|
||
<literal>"VERBOSE"</literal>
|
||
<literal>"INFO"</literal>. This brings NixOS in line
|
||
with upstream and other Linux distributions, and reduces log
|
||
spam on servers due to bruteforcing botnets.
|
||
</para>
|
||
<para>
|
||
However, if
|
||
<link xlink:href="options.html#opt-services.fail2ban.enable"><literal>services.fail2ban.enable</literal></link>
|
||
is <literal>true</literal>, the <literal>fail2ban</literal>
|
||
will override the verbosity to
|
||
<literal>"VERBOSE"</literal>, so that
|
||
<literal>fail2ban</literal> can observe the failed login
|
||
attempts from the SSH logs.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Sway: The terminal emulator <literal>rxvt-unicode</literal> is
|
||
no longer installed by default via
|
||
<literal>programs.sway.extraPackages</literal>. The current
|
||
default configuration uses <literal>alacritty</literal> (and
|
||
soon <literal>foot</literal>) so this is only an issue when
|
||
using a customized configuration and not installing
|
||
<literal>rxvt-unicode</literal> explicitly.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>python3</literal> now defaults to Python 3.9. Python
|
||
3.9 introduces many deprecation warnings, please look at the
|
||
<link xlink:href="https://docs.python.org/3/whatsnew/3.9.html">What’s
|
||
New In Python 3.9 post</link> for more information.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>claws-mail</literal> package now references the
|
||
new GTK+ 3 release branch, major version 4. To use the GTK+ 2
|
||
releases, one can install the
|
||
<literal>claws-mail-gtk2</literal> package.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The wordpress module provides a new interface which allows to
|
||
use different webservers with the new option
|
||
<link xlink:href="options.html#opt-services.wordpress.webserver"><literal>services.wordpress.webserver</literal></link>.
|
||
Currently <literal>httpd</literal> and
|
||
<literal>nginx</literal> are supported. The definitions of
|
||
wordpress sites should now be set in
|
||
<link xlink:href="options.html#opt-services.wordpress.sites"><literal>services.wordpress.sites</literal></link>.
|
||
</para>
|
||
<para>
|
||
Sites definitions that use the old interface are automatically
|
||
migrated in the new option. This backward compatibility will
|
||
be removed in 22.05.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The order of NSS (host) modules has been brought in line with
|
||
upstream recommendations:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
The <literal>myhostname</literal> module is placed before
|
||
the <literal>resolve</literal> (optional) and
|
||
<literal>dns</literal> entries, but after
|
||
<literal>file</literal> (to allow overriding via
|
||
<literal>/etc/hosts</literal> /
|
||
<literal>networking.extraHosts</literal>, and prevent ISPs
|
||
with catchall-DNS resolvers from hijacking
|
||
<literal>.localhost</literal> domains)
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>mymachines</literal> module, which provides
|
||
hostname resolution for local containers (registered with
|
||
<literal>systemd-machined</literal>) is placed to the
|
||
front, to make sure its mappings are preferred over other
|
||
resolvers.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
If systemd-networkd is enabled, the
|
||
<literal>resolve</literal> module is placed before
|
||
<literal>files</literal> and
|
||
<literal>myhostname</literal>, as it provides the same
|
||
logic internally, with caching.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>mdns(_minimal)</literal> module has been
|
||
updated to the new priorities.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<para>
|
||
If you use your own NSS host modules, make sure to update your
|
||
priorities according to these rules:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
NSS modules which should be queried before
|
||
<literal>resolved</literal> DNS resolution should use
|
||
mkBefore.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
NSS modules which should be queried after
|
||
<literal>resolved</literal>, <literal>files</literal> and
|
||
<literal>myhostname</literal>, but before
|
||
<literal>dns</literal> should use the default priority
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
NSS modules which should come after <literal>dns</literal>
|
||
should use mkAfter.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link xlink:href="options.html#opt-networking.wireless.iwd.enable">networking.wireless.iwd</link>
|
||
module has a new
|
||
<link xlink:href="options.html#opt-networking.wireless.iwd.settings">networking.wireless.iwd.settings</link>
|
||
option.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link xlink:href="options.html#opt-services.syncoid.enable">services.syncoid.enable</link>
|
||
module now properly drops ZFS permissions after usage. Before
|
||
it delegated permissions to whole pools instead of datasets
|
||
and didn’t clean up after execution. You can manually look
|
||
this up for your pools by running
|
||
<literal>zfs allow your-pool-name</literal> and use
|
||
<literal>zfs unallow syncoid your-pool-name</literal> to clean
|
||
this up.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
</section>
|