Home Explore Blog Models CI



nixpkgs
3rd chunk of `nixos/doc/manual/release-notes/rl-1903.section.md`
b5fc84e6a8e6737c4f24a62c21b15c863b66821378bf9f790000000100000fc9
- OpenSMTPD has been upgraded to version 6.4.0p1. This release makes backwards-incompatible changes to the configuration file format. See `man smtpd.conf` for more information on the new file format.

- The versioned `postgresql` have been renamed to use underscore number separators. For example, `postgresql96` has been renamed to `postgresql_9_6`.

- Package `consul-ui` and passthrough `consul.ui` have been removed. The package `consul` now uses upstream releases that vendor the UI into the binary. See [\#48714](https://github.com/NixOS/nixpkgs/pull/48714#issuecomment-433454834) for details.

- Slurm introduces the new option `services.slurm.stateSaveLocation`, which is now set to `/var/spool/slurm` by default (instead of `/var/spool`). Make sure to move all files to the new directory or to set the option accordingly.

  The slurmctld now runs as user `slurm` instead of `root`. If you want to keep slurmctld running as `root`, set `services.slurm.user = root`.

  The options `services.slurm.nodeName` and `services.slurm.partitionName` are now sets of strings to correctly reflect that fact that each of these options can occur more than once in the configuration.

- The `solr` package has been upgraded from 4.10.3 to 7.5.0 and has undergone some major changes. The `services.solr` module has been updated to reflect these changes. Please review http://lucene.apache.org/solr/ carefully before upgrading.

- Package `ckb` is renamed to `ckb-next`, and options `hardware.ckb.*` are renamed to `hardware.ckb-next.*`.

- The option `services.xserver.displayManager.job.logToFile` which was previously set to `true` when using the display managers `lightdm`, `sddm` or `xpra` has been reset to the default value (`false`).

- Network interface indiscriminate NixOS firewall options (`networking.firewall.allow*`) are now preserved when also setting interface specific rules such as `networking.firewall.interfaces.en0.allow*`. These rules continue to use the pseudo device "default" (`networking.firewall.interfaces.default.*`), and assigning to this pseudo device will override the (`networking.firewall.allow*`) options.

- The `nscd` service now disables all caching of `passwd` and `group` databases by default. This was interfering with the correct functioning of the `libnss_systemd.so` module which is used by `systemd` to manage uids and usernames in the presence of `DynamicUser=` in systemd services. This was already the default behaviour in presence of `services.sssd.enable = true` because nscd caching would interfere with `sssd` in unpredictable ways as well. Because we're using nscd not for caching, but for convincing glibc to find NSS modules in the nix store instead of an absolute path, we have decided to disable caching globally now, as it's usually not the behaviour the user wants and can lead to surprising behaviour. Furthermore, negative caching of host lookups is also disabled now by default. This should fix the issue of dns lookups failing in the presence of an unreliable network.

  If the old behaviour is desired, this can be restored by setting the `services.nscd.config` option with the desired caching parameters.

  ```nix
  {
    services.nscd.config = ''
      server-user             nscd
      threads                 1
      paranoia                no
      debug-level             0

      enable-cache            passwd          yes
      positive-time-to-live   passwd          600
      negative-time-to-live   passwd          20
      suggested-size          passwd          211
      check-files             passwd          yes
      persistent              passwd          no
      shared                  passwd          yes

      enable-cache            group           yes
      positive-time-to-live   group           3600
      negative-time-to-live   group           60
      suggested-size          group           211
      check-files             group           yes
      persistent              group           no
      shared                  group           yes
Title: Major Package Upgrades and Configuration Adjustments
Summary
This document details major updates and configuration changes across several system components. OpenSMTPD upgrades to 6.4.0p1, introducing backward-incompatible config changes. PostgreSQL versioned packages are renamed (e.g., `postgresql_9_6`). `consul-ui` is removed, with UI now bundled in `consul`. Slurm introduces `stateSaveLocation` (`/var/spool/slurm`), `slurmctld` runs as `slurm` user by default, and `nodeName`/`partitionName` are now string sets. Solr is upgraded from 4.10.3 to 7.5.0, requiring user review. `ckb` is renamed `ckb-next`, affecting related options. XServer's `displayManager.job.logToFile` default is reset to `false` for certain managers. NixOS firewall now preserves general `allow*` rules alongside interface-specific ones. Finally, the `nscd` service disables caching for `passwd`, `group`, and negative host lookups by default to prevent conflicts, with options to restore previous behavior.