mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-21 13:44:50 +00:00
a48fea4c5e
The previous justification for using "VERBOSE" is incorrect,
because OpenSSH does use level INFO to log "which key was used
to log in" for sccessful logins, see:
6247812c76/auth.c (L323-L328)
Also update description to the wording of the sshd_config man page.
`fail2ban` needs, sshd to be "VERBOSE" to work well, thus
the `fail2ban` module sets it to "VERBOSE" if enabled.
The docs are updated accordingly.
86 lines
3.2 KiB
Markdown
86 lines
3.2 KiB
Markdown
# Release 21.11 (“?”, 2021.11/??) {#sec-release-21.11}
|
|
|
|
In addition to numerous new and upgraded packages, this release has the following highlights:
|
|
|
|
- Support is planned until the end of April 2022, handing over to 22.05.
|
|
|
|
## Highlights {#sec-release-21.11-highlights}
|
|
|
|
- PHP now defaults to PHP 8.0, updated from 7.4.
|
|
|
|
## New Services {#sec-release-21.11-new-services}
|
|
|
|
- [geoipupdate](https://github.com/maxmind/geoipupdate), a GeoIP database updater from MaxMind. Available as [services.geoipupdate](options.html#opt-services.geoipupdate.enable).
|
|
|
|
- [sourcehut](https://sr.ht), a collection of tools useful for software development. Available as [services.sourcehut](options.html#opt-services.sourcehut.enable).
|
|
|
|
- [ucarp](https://download.pureftpd.org/pub/ucarp/README), an userspace implementation of the Common Address Redundancy Protocol (CARP). Available as [networking.ucarp](options.html#opt-networking.ucarp.enable).
|
|
|
|
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}
|
|
|
|
- The `staticjinja` package has been upgraded from 1.0.4 to 2.0.0
|
|
|
|
- `services.geoip-updater` was broken and has been replaced by [services.geoipupdate](options.html#opt-services.geoipupdate.enable).
|
|
|
|
- PHP 7.3 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 21.11 release.
|
|
|
|
- Those making use of `buildBazelPackage` will need to regenerate the fetch hashes (preferred), or set `fetchConfigured = false;`.
|
|
|
|
- fsharp41 has been removed in preference to use the latest dotnet-sdk
|
|
|
|
- The following F#-related packages have been removed for being unmaintaned. Please use `fetchNuGet` for specific packages.
|
|
|
|
- ExtCore
|
|
- Fake
|
|
- Fantomas
|
|
- FsCheck
|
|
- FsCheck262
|
|
- FsCheckNunit
|
|
- FSharpAutoComplete
|
|
- FSharpCompilerCodeDom
|
|
- FSharpCompilerService
|
|
- FSharpCompilerTools
|
|
- FSharpCore302
|
|
- FSharpCore3125
|
|
- FSharpCore4001
|
|
- FSharpCore4117
|
|
- FSharpData
|
|
- FSharpData225
|
|
- FSharpDataSQLProvider
|
|
- FSharpFormatting
|
|
- FsLexYacc
|
|
- FsLexYacc706
|
|
- FsLexYaccRuntime
|
|
- FsPickler
|
|
- FsUnit
|
|
- Projekt
|
|
- Suave
|
|
- UnionArgParser
|
|
- ExcelDnaRegistration
|
|
- MathNetNumerics
|
|
|
|
- `programs.x2goserver` is now `services.x2goserver`
|
|
|
|
- The following dotnet-related packages have been removed for being unmaintaned. Please use `fetchNuGet` for specific packages.
|
|
- Autofac
|
|
- SystemValueTuple
|
|
- MicrosoftDiaSymReader
|
|
- MicrosoftDiaSymReaderPortablePdb
|
|
- SystemCollectionsImmutable
|
|
- SystemCollectionsImmutable131
|
|
- SystemReflectionMetadata
|
|
- NUnit350
|
|
- Deedle
|
|
- ExcelDna
|
|
- GitVersionTree
|
|
- NDeskOptions
|
|
|
|
* The `antlr` package now defaults to the 4.x release instead of the
|
|
old 2.7.7 version.
|
|
|
|
## Other Notable Changes {#sec-release-21.11-notable-changes}
|
|
|
|
- The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets.
|
|
|
|
However, if [`services.fail2ban.enable`](options.html#opt-services.fail2ban.enable) is `true`, the `fail2ban` will override the verbosity to `"VERBOSE"`, so that `fail2ban` can observe the failed login attempts from the SSH logs.
|