1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-21 05:25:38 +00:00
nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md
Niklas Hambüchen a48fea4c5e sshd service: Default to INFO logLevel (upstream default).
The previous justification for using "VERBOSE" is incorrect,
because OpenSSH does use level INFO to log "which key was used
to log in" for sccessful logins, see:
6247812c76/auth.c (L323-L328)

Also update description to the wording of the sshd_config man page.

`fail2ban` needs, sshd to be "VERBOSE" to work well, thus
the `fail2ban` module sets it to "VERBOSE" if enabled.

The docs are updated accordingly.
2021-06-23 01:49:11 +02:00

3.2 KiB

Release 21.11 (“?”, 2021.11/??)

In addition to numerous new and upgraded packages, this release has the following highlights:

  • Support is planned until the end of April 2022, handing over to 22.05.

Highlights

  • PHP now defaults to PHP 8.0, updated from 7.4.

New Services

Backward Incompatibilities

  • The staticjinja package has been upgraded from 1.0.4 to 2.0.0

  • services.geoip-updater was broken and has been replaced by services.geoipupdate.

  • PHP 7.3 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 21.11 release.

  • Those making use of buildBazelPackage will need to regenerate the fetch hashes (preferred), or set fetchConfigured = false;.

  • fsharp41 has been removed in preference to use the latest dotnet-sdk

  • The following F#-related packages have been removed for being unmaintaned. Please use fetchNuGet for specific packages.

    • ExtCore
    • Fake
    • Fantomas
    • FsCheck
    • FsCheck262
    • FsCheckNunit
    • FSharpAutoComplete
    • FSharpCompilerCodeDom
    • FSharpCompilerService
    • FSharpCompilerTools
    • FSharpCore302
    • FSharpCore3125
    • FSharpCore4001
    • FSharpCore4117
    • FSharpData
    • FSharpData225
    • FSharpDataSQLProvider
    • FSharpFormatting
    • FsLexYacc
    • FsLexYacc706
    • FsLexYaccRuntime
    • FsPickler
    • FsUnit
    • Projekt
    • Suave
    • UnionArgParser
    • ExcelDnaRegistration
    • MathNetNumerics
  • programs.x2goserver is now services.x2goserver

  • The following dotnet-related packages have been removed for being unmaintaned. Please use fetchNuGet for specific packages.

    • Autofac
    • SystemValueTuple
    • MicrosoftDiaSymReader
    • MicrosoftDiaSymReaderPortablePdb
    • SystemCollectionsImmutable
    • SystemCollectionsImmutable131
    • SystemReflectionMetadata
    • NUnit350
    • Deedle
    • ExcelDna
    • GitVersionTree
    • NDeskOptions
  • The antlr package now defaults to the 4.x release instead of the old 2.7.7 version.

Other Notable Changes

  • The setting services.openssh.logLevel "VERBOSE" "INFO". This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets.

    However, if services.fail2ban.enable is true, the fail2ban will override the verbosity to "VERBOSE", so that fail2ban can observe the failed login attempts from the SSH logs.