Cockpit is the modern Linux admin interface. We release regularly.

Here are the release notes from Cockpit 257, cockpit-machines 256, and cockpit-podman 36:

Support for reading TLS certificates with any permissions

Formerly, cockpit-tls, the process responsible for handling encryption on HTTPS connections to cockpit, would directly read the certificate file for itself. This required the private key file to be owned by the cockpit-ws user (or group) that this process ran as. Users sometimes want to share the same key file with several different services, making this arrangement awkward. It also required additional configuration steps in the case of automatically-issued certificates.

Cockpit now reads the certificate and key files as the root user, allowing them to be installed with any set of permissions.

cockpit-ws no longer supports merged certificates

When running in a container, cockpit-tls cannot be used, and cockpit-ws must be run directly.

When running in this mode, merged key and certificate files are no longer supported: you must switch to separate .cert and .key files. If you did not do any particular certificate setup, you can just remove /etc/cockpit/ws-certs.d/0-self-signed.crt and let the container re-create a fresh self-signed certificate on startup.

Services: Show user-owned systemd units

In addition to system system-wide units, systemd manages user-specific units as well. The Services page can now show and control these user instance units with the new “System”/”User” toggle. Changing user units does not require Administrator privileges.

Machines: Support selecting between consoles of the same type

VM configurations can specify multiple PTY consoles. A VM can have an emulated serial console and a virtio serial console. The console menu now shows alias identifiers, making it possible to choose between consoles of the same type.

Podman: New “Create container” workflow

Creating a container is easier and more featureful. The new container creation workflow starts by clicking the “Create container” button, which shows a new dialog.

The dialog itself shows local images, including manually created images and previously created images, and can download an image directly from a registry.

A second tab contains optional system integration with port mapping, volume mapping, and environment variables.

Podman: Prune unused images

Unused images can now be cleaned up in cockpit-podman. This behaves similar to podman image prune -a and can delete unused system and user container images at the same time.

Try it out

Cockpit 257, cockpit-machines 256, and cockpit-podman 36 are available now:

• For your Linux system

• Cockpit Source Tarball
• Cockpit Fedora 35
• Cockpit Fedora 34
• cockpit-machines Source Tarball
• cockpit-machines Fedora 35
• cockpit-machines Fedora 34
• cockpit-podman Source Tarball
• cockpit-podman Fedora 35
• cockpit-podman Fedora 34