Cockpit 257
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 257, cockpit-machines 256, and cockpit-podman 36:
Support for reading TLS certificates with any permissions
Formerly, cockpit-tls
, the process responsible for handling encryption on HTTPS connections to cockpit, would directly read the certificate file for itself. This required the private key file to be owned by the cockpit-ws
user (or group) that this process ran as. Users sometimes want to share the same key file with several different services, making this arrangement awkward. It also required additional configuration steps in the case of automatically-issued certificates.
Cockpit now reads the certificate and key files as the root user, allowing them to be installed with any set of permissions.
cockpit-ws no longer supports merged certificates
When running in a container, cockpit-tls
cannot be used, and cockpit-ws
must be run directly.
When running in this mode, merged key and certificate files are no longer supported: you must switch to separate .cert
and .key
files. If you did not do any particular certificate setup, you can just remove /etc/cockpit/ws-certs.d/0-self-signed.crt
and let the container re-create a fresh self-signed certificate on startup.
Services: Show user-owned systemd units
In addition to system system-wide units, systemd manages user-specific units as well. The Services page can now show and control these user instance units with the new “System”/”User” toggle. Changing user units does not require Administrator privileges.
Machines: Support selecting between consoles of the same type
VM configurations can specify multiple PTY consoles. A VM can have an emulated serial console and a virtio serial console. The console menu now shows alias identifiers, making it possible to choose between consoles of the same type.
Podman: New “Create container” workflow
Creating a container is easier and more featureful. The new container creation workflow starts by clicking the “Create container” button, which shows a new dialog.
The dialog itself shows local images, including manually created images and previously created images, and can download an image directly from a registry.
A second tab contains optional system integration with port mapping, volume mapping, and environment variables.
Podman: Prune unused images
Unused images can now be cleaned up in cockpit-podman. This behaves similar to podman image prune -a
and can delete unused system and user container images at the same time.
Try it out
Cockpit 257, cockpit-machines 256, and cockpit-podman 36 are available now: