Home Explore Blog Models CI



nixpkgs
14th chunk of `nixos/doc/manual/release-notes/rl-2009.section.md`
2a9eac0e2545e42fc3450dc74c966d3338f2575c70b923ff0000000100000fc4
- Device tree overlay support was improved in [\#79370](https://github.com/NixOS/nixpkgs/pull/79370) and now uses [hardware.deviceTree.kernelPackage](options.html#opt-hardware.deviceTree.kernelPackage) instead of `hardware.deviceTree.base`. [hardware.deviceTree.overlays](options.html#opt-hardware.deviceTree.overlays) configuration was extended to support `.dts` files with symbols. Device trees can now be filtered by setting [hardware.deviceTree.filter](options.html#opt-hardware.deviceTree.filter) option.

- The default output of `buildGoPackage` is now `$out` instead of `$bin`.

- `buildGoModule` `doCheck` now defaults to `true`.

- Packages built using `buildRustPackage` now use `release` mode for the `checkPhase` by default.

  Please note that Rust packages utilizing a custom build/install procedure (e.g. by using a `Makefile`) or test suites that rely on the structure of the `target/` directory may break due to those assumptions. For further information, please read the Rust section in the Nixpkgs manual.

- The cc- and binutils-wrapper's "infix salt" and `_BUILD_` and `_TARGET_` user infixes have been replaced with with a "suffix salt" and suffixes and `_FOR_BUILD` and `_FOR_TARGET`. This matches the autotools convention for env vars which standard for these things, making interfacing with other tools easier.

- Additional Git documentation (HTML and text files) is now available via the `git-doc` package.

- Default algorithm for ZRAM swap was changed to `zstd`.

- The installer now enables sshd by default. This improves installation on headless machines especially ARM single-board-computer. To login through ssh, either a password or an ssh key must be set for the root user or the nixos user.

- The scripted networking system now uses `.link` files in `/etc/systemd/network` to configure mac address and link MTU, instead of the sometimes buggy `network-link-*` units, which have been removed. Bringing the interface up has been moved to the beginning of the `network-addresses-*` unit. Note this doesn't require `systemd-networkd` - it's udev that parses `.link` files. Extra care needs to be taken in the presence of [legacy udev rules](https://wiki.debian.org/NetworkInterfaceNames#THE_.22PERSISTENT_NAMES.22_SCHEME) to rename interfaces, as MAC Address and MTU defined in these options can only match on the original link name. In such cases, you most likely want to create a `10-*.link` file through [systemd.network.links](options.html#opt-systemd.network.links) and set both name and MAC Address / MTU there.

- Grafana received a major update to version 7.x. A plugin is now needed for image rendering support, and plugins must now be signed by default. More information can be found [in the Grafana documentation](https://grafana.com/docs/grafana/latest/installation/upgrading/#upgrading-to-v7-0).

- The `hardware.u2f` module, which was installing udev rules was removed, as udev gained native support to handle FIDO security tokens.

- The `services.transmission` module was enhanced with the new options: [services.transmission.credentialsFile](options.html#opt-services.transmission.credentialsFile), [services.transmission.openFirewall](options.html#opt-services.transmission.openFirewall), and [services.transmission.performanceNetParameters](options.html#opt-services.transmission.performanceNetParameters).

  `transmission-daemon` is now started with additional systemd sandbox/hardening options for better security. Please [report](https://github.com/NixOS/nixpkgs/issues) any use case where this is not working well. In particular, the `RootDirectory` option newly set forbids uploading or downloading a torrent outside of the default directory configured at [settings.download-dir](options.html#opt-services.transmission.settings). If you really need Transmission to access other directories, you must include those directories into the `BindPaths` of the service:

  ```nix
  {
    systemd.services.transmission.serviceConfig.BindPaths = [ "/path/to/alternative/download-dir" ];
Title: NixOS Updates: Build System, Networking, and Service Enhancements
Summary
NixOS updates include improved device tree overlay support, with new options and `.dts` file compatibility. The Go build system now defaults `buildGoPackage` output to `$out` and `buildGoModule`'s `doCheck` to `true`. Rust packages use `release` mode for `checkPhase` by default, potentially impacting custom builds. CC/binutils wrappers updated for autotools compatibility. `git-doc` package now provides additional Git documentation. ZRAM swap defaults to `zstd`. The installer enables `sshd` by default. Scripted networking refactored to use `.link` files for MAC/MTU config, replacing `network-link-*` units, with a note on legacy udev rules. Grafana updated to v7.x, requiring rendering plugins and signed plugins. The `hardware.u2f` module is removed due to native udev FIDO token support. `services.transmission` module gains new options and enhanced security, requiring `BindPaths` for non-default download directories.