Home Unlabelled NixOS 16.09 "Flounder” has been Released

NixOS 16.09 "Flounder” has been Released

By
Monday, October 03, 2016
Read
Add Comment

NixOS is an independent Linux distribution which features the Nix package manager. Nix provides many special package management features, including declarative statements, snapshots and package rollbacks. The latest version of the distribution, NixOS 16.09, offers many new security features and more efficient use of disk space

NixOS is an independent, functional and usable GNU/Linux distribution that uses the KDE Plasma Workspaces and Applications as its default desktop environment. It is called NixOS because it’s based on Nix, a purely functional package management system.

Nix is similar to APT and YUM

Similar to APT and YUM, the Nix package manager makes sure that no package is broken during upgrades. It also manages boot scripts, configuration files, and other similar files that are involved in the package management of a Linux distribution.

In addition to numerous new and upgraded packages, this release has the following highlights: many NixOS configurations and Nix packages now use significantly less disk space, thanks to the extensive work on closure size reduction; to improve security, packages are now built using various hardening features, see the Nixpkgs manual for more information; support for PXE netboot, see section 2.3, Booting from the 'netboot' media (PXE), in documentation; X.Org Server 1.18, if you use the ati_unfree driver, 1.17 is still used due to an ABI incompatibility; this release is based on glibc 2.24, GCC 5.4.0 and systemd 231; the default Linux kernel remains 4.4.

What's new in NixOS 16.09

  • Many NixOS configurations and Nix packages now use significantly less disk space, thanks to the extensive work on closure size reduction. For example, the closure size of a minimal NixOS container went down from ~424 MiB in 16.03 to ~212 MiB in 16.09, while the closure size of Firefox went from ~651 MiB to ~259 MiB.
  • To improve security, packages are now built using various hardening features. See the Nixpkgs manual for more information.
  • Support for PXE netboot. See Section 2.3, “Booting from the “netboot” media (PXE)” for documentation.
  • X.org server 1.18. If you use the ati_unfree driver, 1.17 is still used due to an ABI incompatibility.
  • This release is based on Glibc 2.24, GCC 5.4.0 and systemd 231. The default Linux kernel remains 4.4.
  • The following new services were added since the last release:
  • hardware/video/amdgpu.nix
  • hardware/video/displaylink.nix
  • programs/info.nix
  • programs/mosh.nix
  • programs/spacefm.nix
  • programs/tmux.nix
  • programs/xonsh.nix
  • security/chromium-suid-sandbox.nix
  • security/hidepid.nix
  • services/audio/squeezelite.nix
  • services/backup/znapzend.nix
  • services/continuous-integration/buildkite-agent.nix
  • services/continuous-integration/hydra/default.nix
  • services/continuous-integration/gocd-agent/default.nix
  • services/continuous-integration/gocd-server/default.nix
  • services/development/hoogle.nix
  • services/editors/emacs.nix
  • services/games/factorio.nix
  • services/games/terraria.nix
  • services/logging/awstats.nix
  • services/logging/graylog.nix
  • services/misc/emby.nix
  • services/misc/mantisbt.nix
  • services/misc/nzbget.nix
  • services/misc/packagekit.nix
  • services/misc/sonarr.nix
  • services/misc/spice-vdagentd.nix
  • services/misc/taskserver
  • services/network-filesystems/tahoe.nix
  • services/networking/coturn.nix
  • services/networking/ferm.nix
  • services/networking/gdomap.nix
  • services/networking/libreswan.nix
  • services/networking/logmein-hamachi.nix
  • services/networking/mfi.nix
  • services/networking/mjpg-streamer.nix
  • services/networking/mosquitto.nix
  • services/networking/nntp-proxy.nix
  • services/networking/offlineimap.nix
  • services/networking/pptpd.nix
  • services/networking/sniproxy.nix
  • services/networking/smokeping.nix
  • services/networking/toxvpn.nix
  • services/networking/xl2tpd.nix
  • services/networking/zerobin.nix
  • services/security/oauth2_proxy.nix
  • services/torrent/flexget.nix
  • services/web-apps/mattermost.nix
  • services/web-apps/tt-rss.nix
  • services/web-servers/caddy.nix
  • services/web-servers/lighttpd/inginious.nix
  • services/x11/compton.nix
  • services/x11/xbanish.nix
  • system/boot/loader/systemd-boot/systemd-boot.nix
  • system/boot/plymouth.nix
  • virtualisation/xe-guest-utilities.nix
  • Other notable improvements:
  • Revamped grsecurity/PaX support. There is now only a single general-purpose distribution kernel and the configuration interface has been streamlined. Desktop users should be able to simply set
  • security.grsecurity.enable = true
  • to get a reasonably secure system without having to sacrifice too much functionality. See Chapter 17, Grsecurity/PaX for documentation
  • Special filesystems, like /proc, /run and others, now have the same mount options as recommended by systemd and are unified across different places in NixOS. Mount options are updated during nixos-rebuild switch if possible. One benefit from this is improved security — most such filesystems are now mounted with noexec, nodev and/or nosuid options.
  • The reverse path filter was interfering with DHCPv4 server operation in the past. An exception for DHCPv4 and a new option to log packets that were dropped due to the reverse path filter was added (networking.firewall.logReversePathDrops) for easier debugging.
  • Containers configuration within containers..config is now properly typed and checked. In particular, partial configurations are merged correctly.
  • The directory container setuid wrapper programs, /var/setuid-wrappers, is now updated atomically to prevent failures if the switch to a new configuration is interrupted.
  • services.xserver.startGnuPGAgent has been removed due to GnuPG 2.1.x bump. See how to achieve similar behavior. You might need to pkill gpg-agent after the upgrade to prevent a stale agent being in the way.
  • Declarative users could share the uid due to the bug in the script handling conflict resolution.
  • Gummi boot has been replaced using systemd-boot.
  • Hydra package and NixOS module were added for convenience

Further details and a list of new supported services can be found in the project's release notes.

Download (pkglist): 
nixos-graphical-x86_64-linux.iso (898MB,SHA256)
nixos-minimal-x86_64-linux.iso (386MB, SHA256).

Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us