Cockpit 257

Cockpit is the modern Linux admin interface. We release regularly.

Here are the release notes from Cockpit 257, cockpit-machines 256, and cockpit-podman 36:

Support for reading TLS certificates with any permissions

Formerly, cockpit-tls, the process responsible for handling encryption on HTTPS connections to cockpit, would directly read the certificate file for itself. This required the private key file to be owned by the cockpit-ws user (or group) that this process ran as. Users sometimes want to share the same key file with several different services, making this arrangement awkward. It also required additional configuration steps in the case of automatically-issued certificates.

Cockpit now reads the certificate and key files as the root user, allowing them to be installed with any set of permissions.

cockpit-ws no longer supports merged certificates

When running in a container, cockpit-tls cannot be used, and cockpit-ws must be run directly.

When running in this mode, merged key and certificate files are no longer supported: you must switch to separate .cert and .key files. If you did not do any particular certificate setup, you can just remove /etc/cockpit/ws-certs.d/0-self-signed.crt and let the container re-create a fresh self-signed certificate on startup.

Services: Show user-owned systemd units

In addition to system system-wide units, systemd manages user-specific units as well. The Services page can now show and control these user instance units with the new “System”/”User” toggle. Changing user units does not require Administrator privileges.

140483853-7c31cd69-4d5d-4b37-8cdc-4498e1daf813

Machines: Support selecting between consoles of the same type

VM configurations can specify multiple PTY consoles. A VM can have an emulated serial console and a virtio serial console. The console menu now shows alias identifiers, making it possible to choose between consoles of the same type.

140937551-4e7bb79d-54da-4bf7-9c67-b1ac85f1f074

Podman: New “Create container” workflow

Creating a container is easier and more featureful. The new container creation workflow starts by clicking the “Create container” button, which shows a new dialog.

141087576-66ad8aaa-937f-44ae-99f9-738fd75ed146

The dialog itself shows local images, including manually created images and previously created images, and can download an image directly from a registry.

141087882-48f73144-549b-44d2-b3ad-bd007e2e3422

A second tab contains optional system integration with port mapping, volume mapping, and environment variables.

141087968-5d7ee210-92cc-4efd-87f5-43569b9be60c

Podman: Prune unused images

Unused images can now be cleaned up in cockpit-podman. This behaves similar to podman image prune -a and can delete unused system and user container images at the same time.

139233630-1ca43c26-a276-4f9a-9ac5-5caf0d56b277

140961475-7dbd2501-5a3b-49e0-8edc-f5d5f1f7df53

Try it out

Cockpit 257, cockpit-machines 256, and cockpit-podman 36 are available now:

About Garrett LeSage

Garrett has been a designer in the FOSS (free and open source software) world since the late 90s and works at Red Hat in the Cockpit team.