Cockpit 260

Cockpit is the modern Linux admin interface. We release regularly.

Here are the release notes from Cockpit 260 and cockpit-podman 39:

Certificate login validation: Action required on updates

Earlier Cockpit/sssd versions did not check trust or revocation status of a presented client certificate, and thus certificate/smart card login was secure and supported only when matching the entire binary certificate against the Identity Management’s database. With sssd 2.6.1 and Cockpit 260, the certificate signature and revocation status is now validated against the CA configured in sssd, and any non-trusted certificate is rejected. This includes the case when the local sssd has no configured CA, which may break certificate logins after updating cockpit and sssd.

Thus if you use certificate login, you need to set up the trusted CA in sssd. Please see the certificate authentication documentation for details.

This issue was assigned CVE-2021-3698.

Client: Show previously used hosts

Cockpit client now shows list of hosts that were used before so you can log in with one click. It is also possible to remove unwanted hosts from this list.

Screenshot from 2021-12-10 08-09-06

Client: Support port specification

Cockpit Client now supports specifying the port number when connecting, with the usual syntax like This is the same form used in Cockpit bastion host configurations.

Podman: Create container in pod

It is now possible to create a container in an existing pod using the Create container in pod button.

screenshot of ## create container in pod

Create container dialog now shows in which pod the container is created

screenshot of ## create container in pod

Podman: Set restart policy

For system containers it is now possible to set a restart policy for new containers.

screenshot of ## podman restart policy

Podman: Allow inserting multiple environment variables

Podman users can now insert multiple environment variables in bulk by copy pasting an list of environment files the variables have to be formatted as FOO=bar separated by newlines.

bridge: Warning on missing cockpit-system package

Previously, when attempting to connect to a system which had cockpit-bridge installed, but not cockpit-system, you’d get a generic “Not found” error, with no hints about how to fix that.

cockpit-bridge now detects this problem and issues a more helpful message.

screenshot of warning on missing cockpit-system package

Try it out

Cockpit 260 and cockpit-podman 39 are available now:

About Garrett LeSage

Garrett has been a designer in the FOSS (free and open source software) world since the late 90s and works at Red Hat in the Cockpit team.