From a874a8a98b5cd197acf9b2a40b71107db3718f6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niklas=20Hamb=C3=BCchen?= <mail@nh2.me> Date: Fri, 30 Apr 2021 19:28:04 +0200 Subject: [PATCH] release notes: Mention wireguard `generatePrivateKeyFile` permission changes --- nixos/doc/manual/release-notes/rl-2105.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml index 6e4a9e7114b0..4b7d71147b46 100644 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ b/nixos/doc/manual/release-notes/rl-2105.xml @@ -333,6 +333,17 @@ <literal>vim</literal> switched to Python 3, dropping all Python 2 support. </para> </listitem> + <listitem> + <para> + <link linkend="opt-networking.wireguard.interfaces">networking.wireguard.interfaces.<name>.generatePrivateKeyFile</link>, + which is off by default, had a <literal>chmod</literal> race condition + fixed. As an aside, the parent directory's permissions were widened, + and the key files were made owner-writable. + This only affects newly created keys. + However, if the exact permissions are important for your setup, read + <link xlink:href="https://github.com/NixOS/nixpkgs/pull/121294">#121294</link>. + </para> + </listitem> <listitem> <para> <link linkend="opt-boot.zfs.forceImportAll">boot.zfs.forceImportAll</link>