diff --git a/nixos/doc/manual/release-notes.xml b/nixos/doc/manual/release-notes.xml index 68feb80e090..10815ba613a 100644 --- a/nixos/doc/manual/release-notes.xml +++ b/nixos/doc/manual/release-notes.xml @@ -7,7 +7,7 @@
-Release 14.02 (“Baboon”, 2014/02/??) +Release 14.04 (“Baboon”, 2014/04/??) This is the second stable release branch of NixOS. The main enhancements are the following: @@ -18,7 +18,7 @@ enhancements are the following: for details. - NixOS is now based on Glibc 2.18 and GCC + NixOS is now based on Glibc 2.19 and GCC 4.8. @@ -30,6 +30,23 @@ following incompatible changes: + Nixpkgs no longer exposes unfree packages by + default. If your NixOS configuration requires unfree packages from + Nixpkgs, you need to enable support for them explicitly by setting: + + +nixpkgs.config.allowUnfree = true; + + + Otherwise, you get an error message such as: + + +error: package ‘nvidia-x11-331.49-3.12.17’ in ‘…/nvidia-x11/default.nix:56’ + has an unfree license, refusing to evaluate + + + + The firewall is now enabled by default. If you don’t want this, you need to disable it explicitly: diff --git a/nixos/lib/eval-config.nix b/nixos/lib/eval-config.nix index 4b8c7354a7e..e082b174454 100644 --- a/nixos/lib/eval-config.nix +++ b/nixos/lib/eval-config.nix @@ -26,10 +26,15 @@ rec { # These are the extra arguments passed to every module. In # particular, Nixpkgs is passed through the "pkgs" argument. + # FIXME: we enable config.allowUnfree to make packages like + # nvidia-x11 available. This isn't a problem because if the user has + # ‘nixpkgs.config.allowUnfree = false’, then evaluation will fail on + # the 64-bit package anyway. However, it would be cleaner to respect + # nixpkgs.config here. extraArgs = extraArgs_ // { inherit pkgs modules baseModules; modulesPath = ../modules; - pkgs_i686 = import ./nixpkgs.nix { system = "i686-linux"; }; + pkgs_i686 = import ./nixpkgs.nix { system = "i686-linux"; config.allowUnfree = true; }; utils = import ./utils.nix pkgs; }; diff --git a/nixos/modules/services/security/fprot.nix b/nixos/modules/services/security/fprot.nix index 9f1fc4ed6d8..a109191be55 100644 --- a/nixos/modules/services/security/fprot.nix +++ b/nixos/modules/services/security/fprot.nix @@ -18,7 +18,6 @@ in { }; productData = mkOption { - default = "${pkgs.fprot}/opt/f-prot/product.data"; description = '' product.data file. Defaults to the one supplied with installation package. ''; @@ -32,7 +31,6 @@ in { }; licenseKeyfile = mkOption { - default = "${pkgs.fprot}/opt/f-prot/license.key"; description = '' License keyfile. Defaults to the one supplied with installation package. ''; @@ -45,6 +43,10 @@ in { ###### implementation config = mkIf cfg.updater.enable { + + services.fprot.updater.productData = "${pkgs.fprot}/opt/f-prot/product.data"; + services.fprot.updater.licenseKeyfile = "${pkgs.fprot}/opt/f-prot/license.key"; + environment.systemPackages = [ pkgs.fprot ]; environment.etc = singleton { source = "${pkgs.fprot}/opt/f-prot/f-prot.conf"; diff --git a/pkgs/stdenv/generic/default.nix b/pkgs/stdenv/generic/default.nix index f1cf34b160c..03000d0cdd8 100644 --- a/pkgs/stdenv/generic/default.nix +++ b/pkgs/stdenv/generic/default.nix @@ -14,7 +14,7 @@ let lib = import ../../../lib; in lib.makeOverridable ( let - allowUnfree = config.allowUnfree or true && builtins.getEnv "HYDRA_DISALLOW_UNFREE" != "1"; + allowUnfree = config.allowUnfree or false && builtins.getEnv "HYDRA_DISALLOW_UNFREE" != "1"; allowBroken = builtins.getEnv "NIXPKGS_ALLOW_BROKEN" == "1";