diff options
| author | Aaron Andersen <aaron@fosslib.net> | 2020-04-11 20:47:24 -0400 |
|---|---|---|
| committer | Aaron Andersen <aaron@fosslib.net> | 2020-04-21 20:34:55 -0400 |
| commit | 7bc9f24fb646f7b538f84e829427c8d16272e9d8 (patch) | |
| tree | 05d8356618b179d78f0f4d912abbaf73e9708f46 /nixos/doc | |
| parent | d0de9702795d33d6c3c72ea663256b9a743435e1 (diff) | |
nixos/httpd: update release notes
Diffstat (limited to 'nixos/doc')
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2009.xml | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml index 3e29c19af8fb..40b5ca240aa6 100644 --- a/nixos/doc/manual/release-notes/rl-2009.xml +++ b/nixos/doc/manual/release-notes/rl-2009.xml @@ -261,6 +261,25 @@ environment.systemPackages = [ </programlisting> </para> </listitem> + <listitem> + <para> + The httpd web server previously started its main process as root + privileged, then ran worker processes as a less privileged identity user. + This was changed to start all of httpd as a less privileged user (defined by + <xref linkend="opt-services.httpd.user"/> and + <xref linkend="opt-services.httpd.group"/>). As a consequence, all files that + are needed for httpd to run (included configuration fragments, SSL + certificates and keys, etc.) must now be readable by this less privileged + user/group. + </para> + <para> + The default value for <xref linkend="opt-services.httpd.mpm"/> + has been changed from <literal>prefork</literal> to <literal>event</literal>. Along with + this change the default value for + <link linkend="opt-services.httpd.virtualHosts">services.httpd.virtualHosts.<name>.http2</link> + has been set to <literal>true</literal>. + </para> + </listitem> </itemizedlist> </section> |