diff options
author | rnhmjoj <rnhmjoj@inventati.org> | 2020-11-07 02:33:03 +0100 |
---|---|---|
committer | rnhmjoj <rnhmjoj@inventati.org> | 2021-01-10 19:33:41 +0100 |
commit | 3a17a9b05eec0189d82ebb84f327f386727474cd (patch) | |
tree | e1d0b8075973eb81fbb12b760e5118d3595ed78f /nixos/doc | |
parent | 5597f6ded8bf15a1b51dc717a9bf4611abf3435a (diff) |
nixos/docs: add uWSGI changes to the relase notes
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2103.xml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml index 05daca1d710c..68d98ffad5e9 100644 --- a/nixos/doc/manual/release-notes/rl-2103.xml +++ b/nixos/doc/manual/release-notes/rl-2103.xml @@ -178,6 +178,30 @@ </listitem> <listitem> <para> + The uWSGI server is now built with POSIX capabilities. As a consequence, + root is no longer required in emperor mode and the service defaults to + running as the unprivileged <literal>uwsgi</literal> user. Any additional + capability can be added via the new option + <xref linkend="opt-services.uwsgi.capabilities"/>. + The previous behaviour can be restored by setting: +<programlisting> + <xref linkend="opt-services.uwsgi.user"/> = "root"; + <xref linkend="opt-services.uwsgi.group"/> = "root"; + <xref linkend="opt-services.uwsgi.instance"/> = + { + uid = "uwsgi"; + gid = "uwsgi"; + }; +</programlisting> + </para> + <para> + Another incompatibility from the previous release is that vassals running under a + different user or group need to use <literal>immediate-{uid,gid}</literal> + instead of the usual <literal>uid,gid</literal> options. + </para> + </listitem> + <listitem> + <para> <package>btc1</package> has been abandoned upstream, and removed. </para> </listitem> |