public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Require signed binary caches by default

Browse Source
This commit is contained in:
Eelco Dolstra 2015-07-27 19:28:41 +02:00
parent a7bfe5643b
commit e3a5bca4ae
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/doc/manual/release-notes/rl-unstable.xml
View File

@ -56,6 +56,11 @@ default, unless you have a non-empty
<command>cron</command> to be enabled, set <command>cron</command> to be enabled, set
<option>services.cron.enable = true</option>.</para></listitem> <option>services.cron.enable = true</option>.</para></listitem>
<listitem><para>Nix now requires binary caches to be cryptographically
signed. If you have unsigned binary caches that you want to continue
to use, you should set <option>nix.requireSignedBinaryCaches =
false</option>.</para></listitem>
<listitem><para>Steam now doesn't need root rights to work. Instead of using <listitem><para>Steam now doesn't need root rights to work. Instead of using
<literal>*-steam-chrootenv</literal>, you should now just run <literal>steam</literal>. <literal>*-steam-chrootenv</literal>, you should now just run <literal>steam</literal>.
<literal>steamChrootEnv</literal> package was renamed to <literal>steam</literal>, <literal>steamChrootEnv</literal> package was renamed to <literal>steam</literal>,

2
nixos/modules/services/misc/nix-daemon.nix
View File

@ -254,7 +254,7 @@ in
requireSignedBinaryCaches = mkOption { requireSignedBinaryCaches = mkOption {
type = types.bool; type = types.bool;
default = false; default = true;
description = '' description = ''
If enabled, Nix will only download binaries from binary If enabled, Nix will only download binaries from binary
caches if they are cryptographically signed with any of the caches if they are cryptographically signed with any of the