What's new in the Bullseye release?
For additional information see:
Printers connected over USB can be treated as network devices via the new ipp-usb package, extending driverless printing to include USB-connected printers.
A generic open command is provided as a convenience alias to either xdg-open (by default) or run-mailcap. This can be changed through the update-alternatives system.
- The Fcitx input method, often used for inputting CJK characters among others, has been upgraded from Fcitx 4 to Fcitx 5, enabling Wayland support.
Support for exFAT filesystems is now a part of the kernel, rather than requiring use of the separate FUSE driver. If you wish to continue using the older implementation, you must use mount.exfat-fuse instead of mount.exfat. Tools provided as part of the kernel driver are in the exfatprogs package, conflicting with the older independent tools in exfat-utils.
The GNOME Flashback desktop environment can now be installed as part of the task-gnome-flashback-desktop package, and is newly available in the installer when selecting a desktop.
The win32-loader software, which enables Debian installation from Windows without use of separate installation media, now supports UEFI and Secure Boot.
The Panfrost and Lima drivers are now available, enabling free support for the GPUs present in many ARM devices.
- Podman 3.0.1, a Red Hat-developed daemonless container engine that can function as a drop-in replacement for Docker, is available.
Regexp matching support in journalctl is now compiled in.
The format of the /etc/apt/sources.list line for the security repository has changed. It should look something like this:
deb https://security.debian.org/debian-security bullseye-security main
Debian 11 uses control groups v2 (cgroupsv2) by default, providing a unified resource-control hierarchy. Legacy cgroups can be re-enabled.
Intel GPUs based on the Broadwell architecture and newer will now default to the intel-media-va-driver driver for video decoding, if installed. This can be overridden with an environment variable to force the legacy driver on supported hardware. See the HardwareVideoAcceleration page for more information.
Password hashing for local system accounts now uses yescrypt by default instead of SHA-512. This provides improved security. Change passwords with the passwd command to take advantage of this.
On upgrades and new installations of bullseye, systemd has persistent journal functionality by default, storing its files in /var/log/journal/, readable by any members of the "adm" or "systemd-journal" groups. To change this behaviour see systemd-journald(8).
The nis package has been split apart, and the new component packages have greatly different behavior compared to traditional NIS. The ypbind command will not run by default. All NIS users will need to be aware of these changes to the NIS system (also available on salsa) and should plan accordingly.
systemd now enables the fs.protected_fifos and fs.protected_regular kernel parameters by default. This may break applications that share files in /tmp (or other sticky directories) among multiple user accounts. The protection may be disabled temporarily by running sysctl fs.protected_regular=0 and sysctl fs.protected_fifos=0 or permanently by creating a file with a name ending in .conf in the /etc/sysctl.d directory, containing these lines:
Support for the barrier and nobarrier mount options has been removed from the XFS filesystem. It is recommended to check /etc/fstab for the presence of either keyword and remove it. Partitions using these options will fail to mount.
redmine is unavailable, as it did not migrate to the latest version of Ruby in time for Bullseye's release. It will be made available via Backports as soon as possible. Users of the package are advised to either delay the upgrade until this is done, or use a Buster VM/container to isolate the application.
Some options in rsync have been renamed. If you're using it to transfer files between Buster and Bullseye as part of your upgrade process, and you're making use of the --copy-devices (now --write-devices) or --noatime (now --open-noatime) flags, you're required to install rsync from buster-backports and use the newer options.