diff options
Diffstat (limited to 'CHANGELOG')
| -rw-r--r-- | CHANGELOG | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -1,3 +1,32 @@ +2024-09-10 +- The default Nix build user group ID is now set to 350 when + `system.stateVersion` ≥ 5, to reflect the default for new Nix + installations. This only affects installations that enable + `nix.configureBuildUsers`, and any divergence will be detected on + system activation. To use `nix.configureBuildUsers` with a higher + `system.stateVersion` on installations using the old group ID, set: + + ids.gids.nixbld = 30000; + + We do not recommend trying to change the group ID with macOS user + management tools without a complete uninstallation and reinstallation + of Nix. + +2024-06-15 +- SECURITY NOTICE: The previous implementation of the + `users.users.<name>.openssh.authorizedKeys.*` options would not delete + authorized keys files when the setting for a given user was removed. + + This means that if you previously stopped managing a user's authorized + SSH keys with nix-darwin, or intended to revoke their access by + removing the option, the previous set of keys could still be used to + log in as that user. + + You can check the /etc/ssh/authorized_keys.d directory to see which + keys were permitted; afterwards, please remove the directory and + re-run activation. The options continue to be supported and will now + correctly permit only the keys in your current system configuration. + 2022-08-24 - Major changes to `homebrew` module `homebrew.cleanup` was renamed to `homebrew.onActivation.cleanup`. |