Cockpit 260
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 260 and cockpit-podman 39:
Certificate login validation: Action required on updates
Earlier Cockpit/sssd versions did not check trust or revocation status of a presented client certificate, and thus certificate/smart card login was secure and supported only when matching the entire binary certificate against the Identity Management’s database. With sssd 2.6.1 and Cockpit 260, the certificate signature and revocation status is now validated against the CA configured in sssd, and any non-trusted certificate is rejected. This includes the case when the local sssd has no configured CA, which may break certificate logins after updating cockpit and sssd.
Thus if you use certificate login, you need to set up the trusted CA in sssd. Please see the certificate authentication documentation for details.
This issue was assigned CVE-2021-3698.
Client: Show previously used hosts
Cockpit client now shows list of hosts that were used before so you can log in with one click. It is also possible to remove unwanted hosts from this list.
Client: Support port specification
Cockpit Client now supports specifying the port number when connecting, with the usual syntax like user@host.example.net:22222. This is the same form used in Cockpit bastion host configurations.
Podman: Create container in pod
It is now possible to create a container in an existing pod using the Create container in pod button.
Create container dialog now shows in which pod the container is created
Podman: Set restart policy
For system containers it is now possible to set a restart policy for new containers.
Podman: Allow inserting multiple environment variables
Podman users can now insert multiple environment variables in bulk by copy pasting an list of environment files the variables have to be formatted as FOO=bar separated by newlines.
bridge: Warning on missing cockpit-system package
Previously, when attempting to connect to a system which had cockpit-bridge installed, but not cockpit-system, you’d get a generic “Not found” error, with no hints about how to fix that.
cockpit-bridge now detects this problem and issues a more helpful message.
Try it out
Cockpit 260 and cockpit-podman 39 are available now: