* No-change backport to focal.
* Login page: Use valid selectors when testing for :is() / :where()
support. This fixes the "This web browser is too old" error message with
upcoming (nightly) Firefox/Chromium browsers. Patch backported from upstream
https://github.com/cockpit-project/cockpit/commit/ce351ca7079ba44
as 0001-login-Use-valid-selectors-when-testing-for-is-where-.patch.
Add the corresponding generated webpack diff to make this change effective
without a webpack run (which the Debian package does not do).
(LP: #1990623)
* debian/rules: Touch the login page manifest, so that the upstream build
system does not try to re-run webpack after patching the login page.
* New upstream release:
- Metrics: Improve layout on small resolutions
- Networking: Fix checkpoint handling and IP settings dialog
- Services: Show error message instead of eternal "Loading..." state
- Accounts: Add override button to confirm weak password
- Accounts: Fix parsing of "last login" date
* New upstream release:
- Shell: Fix browser history
- Cockpit-Client: Enable forward/back button
- debian/copyright: Add node_modules/ (Closes: #1005004)
* New upstream release:
- Overview: Show scheduled shutdowns
- Networking: Add firewall service description
* New upstream release:
- storage: Unmounting or deleting a busy filesystem is now supported
- shell: Allow adding ssh keys with passphrase
* New upstream release:
- Certificate login validation: Action required on updates
- Client: Show previously used hosts
- Client: Support port specification
- bridge: Warning on missing cockpit-system package
* New upstream release:
- storage: More information in table rows
* New upstream release:
- Tweak login screen UI
- Use official VDO LVM API
- Add cockpit-client, to be bundled as a flatpak
* New upstream release:
- Support for reading TLS certificates with any permissions
- cockpit-ws no longer supports merged certificates
- Services: Show user-owned systemd units
* New upstream release:
- Clean up old self-signed certificates
- Storage: Add support for Stratis
* New upstream release:
- FreeIPA-issued webserver certificates get auto-renewed
* New upstream release 253:
- SELinux: Dismiss multiple alerts
* New upstream release 254:
- Overview: Move last login to Health Card
- Webserver: Restrict frame embedding to same origin (CVE-2021-3660)
- Login: Add Arch Linux branding
- Users: Add login history
* New upstream release:
- Webserver: Drop remotectl utility
- Shell: Show package version in ‘About web console’ modal
- Storage: Encryption is presented as a property of a Filesystem
* New upstream release:
- Certificate/smart card authentication to ssh and sudo
- Logs: Polished with PF4
* New upstream release:
- Shell: Improve admin switcher and session menu
- Software Updates: Introduce basic kpatch support
* New upstream release:
- Storage: Content table improvements
- Common: Add Content-Type for wasm
- All: Port away from Moment.js
* New upstream release:
- Metrics: New PCP configuration dialog and Grafana client setup
- Storage: Show both SHA256 and SHA1 Tang fingerprints
- Polish of the Services and Storage pages
- PAM: Deprecate pam_cockpit_cert module
* Revert "Enable cockpit-sosreport binary package". Binary NEW queue has not
been processed in 3 months. Try this again some later time.
* New upstream release:
- Shell: sudo is invoked only when explicitly requested
* Enable cockpit-sosreport binary package. It is tested and supported
upstream, and the "sosreport" package has been in Debian for a long time.
* New upstream release. Lots of changes, but packaging-wise the most
relevant one is that the cockpit-machines binary package got split out
into its own upstream project and source package.
* New upstream release:
- Terminal: Support for changing the font size
- Machines: Allow editing disk cache mode
- Logs: Link to related services page
- SELinux: Restyle to resemble other pages
- Packaging: Removed ./configure options for distribution specific packages
* New upstream release:
- Updates: List outdated software that needs a restart
- Web server: Preserve permissions of administrator-provided certificates
- System: Performance page shows busiest CPU cores
- Machines: VM disk creation supports a custom path
* New upstream release:
- Restyling updates page in preparation for upcoming features
- SSH connections to remote machines are only opened when necessary
- Skip slow unit tests on hppa (Closes: #981127)
* New upstream release:
- fslist channels: Include properties of changed files
- Internal stabilization work
* New upstream release:
- Login: Improved handling of SSH host keys
- Overview: Editable motd
* New upstream release:
- machines: Allow editing VM's CPU mode and model
- machines: Add support for cloning VMs
- dashboard: Drop, replaced by menu host switcher
* New upstream release 232:
- Improved host editing
- Machines: Inline error messages
* New upstream release 233:
- Non-admin users no longer see Cockpit in motd
- Developers: jQuery API removal
* New upstream release:
- Replace system's graph page with a completely new USE method page
- Machines: Reimplement the design of the main VMs list
- Logging of remote IP addresses
* New upstream release:
- storage: List entries from /etc/crypttab that are still locked
* New upstream release:
- shell: Any page can be the shell
* New upstream release:
- Accounts: Allow setting weak passwords
- Changes to remote host logins
- Machines: Add support for reverting and deleting VM snapshots
- Drop cockpit-docker code
* New upstream release:
- Machines: Virtual machine list filtering
- Continued PatternFly 4 migration
* New upstream release:
- Storage: Better support for "noauto" LUKS devices
* New upstream release:
- Machines: Add support for VM snapshots
- Developer API: Launch and reattach to a long-running process
* New upstream release:
- Machines/Services: Multiple bug fixes
* New upstream release 222:
- Logs: More flexible text filters
- Services, Dashboard: Hide some buttons when access is limited
- Webserver: Lock down cockpit.service privileges
* New upstream release 223:
- Webserver: Standard-conformant lifetime of web server Certificate
- Certificate authentication against Active Directory
* New upstream release:
- Put back missing base1/patternfly.css
- Services: Don't offer 'Start Service' in Limited Access mode
* New upstream release:
- Support for Cross-Origin-Resource-Policy
- Accounts: Some buttons are hidden when access is limited
- Developers: Importing "base1/patternfly.css" is deprecated
* New upstream release:
- New navigation with integrated switching of hosts
- Logs: Inline help for filtering
- Storage: Improve side panel on details page
- Fix unit tests on IPv6-only build hosts (Closes: #960752)
* New upstream release:
- Logs: Improved filtering
- Gain or drop administrative access in a running Cockpit session
* New upstream release:
- Services: Improved accessibility and mobile support
- Overview: Add uptime information
- Disable idle timeout by default
- Support building without polkit
* debian/rules: Fix conditional for building cockpit-docker.
Thanks to Bruno Gravato for spotting the error!
* New upstream release:
- Overview: more Insights details
- Dialogs: new button order
- Machines: sendings keys to VM consoles
* New upstream release:
- SELinux: Automatic application of solutions that set booleans
- Machines: Drop virsh backend support
- Overview: New last login banner
* New upstream release:
- Networking: Show additional ports for each firewall zone
* New upstream release:
- Updates: Fix unstyled button regression
- Machines: Fix slow requests when enabling polkit access driver
- Deprecate cockpit-docker for Fedora, Debian, and Ubuntu development
series
* New upstream release:
- Networking: List Firewall active zones when unprivileged
- Start Selenium tests deprecation
* New upstream release:
- Inline documentation
- Support for transient virtual machines
- UEFI for virtual machines
- Unattended virtual machines installation
* New upstream release:
- Per page documentation
- Localize times
* New upstream release:
- Better support for various TLS certificate formats
- Switch from Zanata to Weblate
- Overview layout optimizations
* New upstream release 209:
- New overview design
- Session timeouts
- Banners on login screen
- Client certificate authentication
- Support for Fedora CoreOS
- Dropped support for pam_rhost
* New upstream release 210:
- Overview: Add CPU utilization to usage card
- Dashboard: Support SSH identity unlocking when adding new machines
- SElinux: Introduce an Ansible automation script
- Machines: Support bridge type network interfaces
- Machines: Support bus type disk configuration
* New upstream release:
- Storage: Drop default mount point concept
- Machines: Support transient virtual networks and storage pools
- Machines: Sliders for disk size and memory in VM creation
- Logs: Improve crash reporting
* New upstream release:
- Web server: Accept EC certificates
- Storage: List all software devices in a single panel
- Redesigned notifications
* New upstream release 205:
- Firewall: UI restructuring
- Machines: Refactor Create VM dialog and introduce a download option
- Adjust menu to PatternFly's current navigation design
- Searching with keywords
- Software Updates: Use notifications for available updates info
- Web server security hardening
* New upstream release 206:
- Machines: Network interface deletion
- login: Enable administration mode by default
- Firewall: Prevent accidental deletion
- Closes: #943839
* New upstream release:
- System: Highlight failed services
- Machines: Configure read-only and shareable disks
- Playground: Add index page
* New upstream release:
- Fix major CSS regression on Logs and some other pages
- Fix building on RHEL/CentOS 7
* New upstream release:
- Machines: Creation of Storage Volumes
- Improved component for selecting paths on the filesystem
* New upstream release:
- Machines: Type-ahead OS selection
- Machines: LVM storage pools
- Networking: Show included firewalld services
- Web server: Split out TLS handling
* New upstream release:
- Redesigned logs all over cockpit
- Services: Design and accesibility improvements
- System: Show DIMM information on Hardware Info page
- Machines: VM creation dialog now shows the recommended memory for the
selected OS
* New upstream release:
- PatternFly4 user interface design
- SELinux: Show changes
- Machines: Deletion of Virtual Networks
- Machines: Support more disk types
- Docker: Change menu label
- Web server: More flexible https redirection for proxies
* New upstream release:
- Machines: Support all storage pool types for new disks
- Machines: Show available space on host at VM creation
* New upstream release:
- machines: Install from iso URL
- machines: Show IP of network interfaces
* New upstream release:
- Simplified support for external TLS termination
- Firewall: More support for zones
- Machines: Additional storage options
- Machines: Support for changing memory allocation
- Storage: Select encryption type separately from filesystem
* New upstream release:
- Firewall: Add services to a specific zone
- Redesigned on/off switch
* New upstream release:
- Machines: iSCSI direct storage pools
- Storage: The "Format" button is no longer hidden
- Storage: Improve performance with many block devices
* New upstream release:
- Machines: Auto-detect guest operating system
- Translation cleanup
- Allow accounts with non-standard shells
* New upstream release:
- Machines: iSCSI Storage pools
- Machines: better notifications
- System: CPU security mitigation
- Network: Ports in the Firewall
- Fix distclean to not remove files from the tarball (Closes: #924744)
- Remove broken Scientific Linux branding symlinks (Closes: #925429)
- Suggest cockpit-machines (Closes: #881672)
* New upstream release:
- Logs: Filter log entries by service
- Machines: Support for Pausing/Resuming VMs
- Machines: Make Autostart property of a Virtual Network configurable
- Machines: Support for creating VM with option to boot from PXE
- Accessibility improvements
* New upstream release:
- Machines: Import existing image when creating VM
- Machines: Introduce virtual networks
- Services: Filtering of services by name, description, and state
* New upstream release:
- Machines: Show Storage Volume user
- Machines: Autostart configuration
- Terminal: Themes and context menu
- Storage: Responsive dialogs
- Software Updates: Show three most recent updates
* New upstream release:
- Machines: More operations for Storage Pools
- Domains: More information about the joined domain
- Storage: The options for VDO volumes are explained
- Machines: Support for oVirt will be dropped in the future
* New upstream release:
- Redesign the Service page
- Make System Overview page mobile friendly
* New upstream release:
- Responsive dialogs on network, kdump and users page
- Kubernetes containers included in docker graphs
* New upstream release:
- Machines: Dialog and tab layout is now responsive
- Storage: Filesystem labels are validated upfront
- Storage: Some mount options are prefilled when needed
- Integration of Cockpit pages on the desktop
* New upstream release:
- Machines: Manage storage pools
- Kernel Dump: Support non-local targets
- Respect SSH configuration
- Never send Content-Length with chunked encoding
* New upstream release:
- libvirt connection choice during VM creation
- PackageKit page update severity tooltip
- PackageKit page display registration status clearly
* New upstream release:
- Followup fixes related to the switch away from react-lite
- Memory graph layout and color improvements
- Machines: edit network interfaces
- Update look of lists to match Patternfly
* New upstream release:
- Move to ssh SHA256 fingerprints
- Machines: Show error messages in the correct place
* New upstream release:
- Machines: Detach disk from VM with LibvirtDBus provider
- Machines: Offer cockpit-machines as Application
* New upstream release:
- Lots of crash fixes
* New upstream release:
- Storage: Support LUKS v2
- Support centrally-managed SSH known hosts
- Drop support for Internet Explorer
* Fix arch-indep build.
When building only arch-indep packages, the cockpit-ws package does not
get built, and trying to remove the firewalld service failed.
(Closes: #907108)
* New upstream release 175:
- Network bound disk encryption
* New upstream release 176:
- Login: Suggest other browser when browser is unsupported
- Fix building against libssh 0.8
- Stop shipping firewall service file with recent firewalld
(Closes: #905389)
* New upstream release:
- Kubernetes: VM detail page
- Realmd: Install on demand
* New upstream release:
- Storage: Offer installation of VDO
- Machines: Add disks to a virtual machine
* Re-enable cockpit-pcp package, pcp has been in testing for a while now.
* New upstream release:
- System: Offer installation of PCP
- Software Updates: Improve layout in mobile mode
- Remove ability to drop privileges from navigation bar
- API: Introduce flow control for all channels
- Python 3 support
* New upstream release:
- Machines: Add virtual CPU configuration
- Kubernetes: Add KubeVirt pod metrics
- Docker: Show container volumes
- Fix broken actions for non-administrators
- Networking: Handle non-running NetworkManager
- Accounts: User role improvements
- Localize times
* New upstream release:
- Software Updates: Layout rework
- oVirt: Use authenticated libvirt connection by default
* New upstream release:
- Storage: Offer installation of NFS client support
- System: Request FreeIPA SSL certificate for Cockpit's web server
- Services: Show unit relationships
- Provide motd help about how to access cockpit
* New upstream release:
- Improve checks for root privilege availability
* New upstream release:
- Networking: Add Firewall Configuration
- Kubernetes: Show Kubevirt Registry Disks
* New upstream release:
- Kubernetes: Add creation of Virtual Machines
- Realms: Automatically set up Kerberos keytab for Cockpit web server
- Numbers now get formatted correctly for the selected language
* New upstream release:
- Storage: Show more details of sessions and services that keep NFS busy
- Machines: Detect if libvirtd is not running
- Machines: Show virtual machines that are being created
* New upstream release:
- Storage: Move NFS management into new details page
- System: Show available package updates and missing registration
- System: Fix inconsistent tooltips
- Logs: Change severities to officially defined syslog levels
- Machines: Add error notifications
- Accessibility improvements
- Reloading the page in the browser now reloads Cockpit package manifests
* New upstream release:
- Drop "Transfer data asynchronously" VDO option on Storage page
- Hide Docker storage pool reset button when it cannot work properly
- Update jQuery to version 3.3.1 (deprecated cockpit API!)
* New upstream release:
- Show pod name and disks of VMs running in Kubernetes
- Tighten up the default Content-Security-Policy
* New upstream release:
- New VMs can be created on Machines page
- VMs running in Kubernetes can now be deleted
- Improve LVM volume resizing
- Add new Hardware Information page
- Load Application metadata (Appstream) packages on demand on Debian/Ubuntu
- Stop advertising and supporting cockpit-bundled jQuery library
* New upstream release:
- Add kubevirt Virtual Machines overview
- Redesign package list on Software Updates page and show RHEL Errata
- Install AppStream collection metadata packages on demand on Apps page
- Add AppStream metadata to cockpit-sosreport for showing up on Apps page
- Change CPU graphs to use "100%" for a fully loaded multi-processor system
- Show storage, network, and other numbers with 3 digits of precision
- Add an example bastion container
* New upstream release:
- Configure data deduplication with VDO devices on Storage page
- Add serial console to virtual Machines page and redesign the
Consoles tab
- Show more error message details for failures on virtual Machines page
* New upstream release:
- Add check boxes for common NFS mount options
- Clarify Software Update status if only security updates are available
- Create self-signed certificates with SubjectAltName
* New upstream release:
- Add Networks tab to overview on Machines page
- The Apps page now displays SVG app icons
* New upstream release:
- Redesign navigation and support mobile browsing
- Use /etc/cockpit/krb5.keytab if present to support alternate keytabs
- Add project homepage link to Apps page
- Maintain issue(5) file with current Cockpit status
* New upstream release:
- Add NFS client support to the Storage page
- Fix Terminal rendering issues in Chrome
- Prevent closing Terminal with Ctrl+W when focused
* New upstream release:
- Center the "Disconnected" message in the content area
- Remove long-obsolete "./configure --branding" option
* New upstream release:
- Clean up rpmlint/lintian errors in the packages
* New upstream release:
- Add Applications page
- Add automatic update configuration for dnf to Software Updates
- Fix cockpit-bridge crash if /etc/os-release does not exist
* New upstream release:
- Support loading SSH keys from arbitrary paths
* Ignore PhantomJS crashes in avocado autopkgtest
checklogin-basic.py causes a PhantomJS crash on Ubuntu artful on amd64
which does not reproduce in QEMU. (Closes: #873241)
* Add smoke autopkgtest that can run in containers.
Add a simple test of cockpit-bridge and the login page to ensure that
packages have the right dependencies and contents, and that the systemd
units are set up correctly to get a login page on
https://localhost:9090.
This can also run in a container and thus in Debian's CI and on all
Ubuntu architectures.
* Drop nodejs-legacy autopkgtest dependency. That package ceased to exist,
and the tests don't need the /usr/bin/node binary.
* New upstream release 149:
- Support sending non-maskable interrupt to VMs
- Add information about non-met conditions for systemd services
- Clear cockpit cookie on logout
* New upstream release 150:
- Automatically enable and start newly created timers on the Services page
* New upstream release:
- Fix navigation and various JavaScript errors with Internet Explorer
- Detect unregistered RHEL systems on Software Updates page
- debian/copryight: Add missing copyrights and licenses (Closes: #869934)
* New upstream release:
- Add configuration of account locking and password expiry to Accounts
page
- Consistently ignore loopback traffic on all network load graphs
- Fix the Kdump page in Internet Exporer
* New upstream release:
- Show recent updates and live update log on Software Updates page
- Improve available Software Updates table layout for small/mobile screens
- Support OAuth Kubernetes logins to work with Google Compute Engine
- Fix reporting ABRT crashes that are already known to the server
- Scroll the virtual machine VNC console into view automatically
* New upstream release:
- Resize the terminal dynamically to use all available space
- Let the Machines page update immediately after changes
- Add delete VM functionality to the Machines page
- Retire support for external Machines provider API
- Always recommend rebooting after applying Software Updates
- Group D-Bus channels to avoid hitting connection limits
- Fix building on Fedora Rawhide/glibc 2.25.90
* New upstream release:
- Add ability to cancel software updates while it is safe
- Show progress of "Refreshing package information" on the Software Updates
page
- Add ABRT integration to the System page
- Fix Machines page to only react to primary mouse button clicks on Firefox
* New upstream release:
- Add "Software Updates" page for package (rpm/deb) based operating
systems
- Fix cockpit-machines package to make inline VNC console actually work
* New upstream release:
- Virtual machines display an interactive console, either in browser, or a
popup viewer
- Fix Virtual Machines operations on non-English locales
- Add documentation explaining how to grant/restrict access via polkit
rules
* Fix autopkgtest:
- Latest avocado now requires python-libvirt, add it as test dependency.
- Use the packaged phantomjs instead of phantomjs-prebuilt as that is only
available for x86_64; this should make the tests work on other
architectures too. The Debian/Ubuntu phantomjs package is built with Qt
support, so run under $QT_QPA_PLATFORM=offscreen to work in a headless
test environment.
- Drop stray "sudo" command. The test already runs as root, this was a
copy&paste leftover.
* New upstream release:
- Attempt to tear down used partitions when formatting disks
- Show the correct known_hosts path on missing/mismatching host keys
- Set HTML content type when serving login page, for better reverse proxy
operation
- Fix Kubernetes page incompatibility with recent Firefox versions
- Set the system:authenticated role on anonymous Kubernetes projects
* New upstream release:
- Use SSCG to generate SSL certificates if available
- Add a "cockpit-bridge --rules" option to output the rules
- Allow auth commands to store credentials for future challenges
- Allow users to change Docker container environment variables
- Disable shutdown/reboot button for unprivileged users on the System page
- Fix binary channel data for child iframes, used e. g. in Docker terminals
- Don't install broken branding symlinks. (Closes: #859870)
* Drop cockpit-pcp package. It wasn't meant to be packaged as long as pcp is
not in testing.
* New upstream release:
- Show more information about virtual machines, such as boot order
- Fix enablement of timer systemd units created on Services page
- Fix Storage crash on multiple iSCSI sessions
- cockpit-docker is now installable with docker-ce or other alternatives
- Hide docker push commands on Registry image pages for "pull" roles
* New upstream release:
- Only allow mdraid disk removal when it won't destroy data
- Allow DN style usernames in the Kubernetes dashboard
- Simplify protocol that cockpit talks to session authentication processes
* Sync packaging with upstream.
* Build with autoreconf.
This will make the previous patches actually effective, and also ensure
good architecture support.
* Cherry-pick upstream patches to fix build with inaccessible home directory.
Fixes FTBFS on most architectures.
* New upstream release:
- Does not use kernel keyring any more, thus this should fix the FTBFS on
mips/mipsel and Ubuntu armhf.
* Update packaging for moving from pam_reauthorize.so and cockpit-polkit
to cockpit-askpass helper.
* Fix autopkgtest on Ubuntu
* Run cockpit-ws unprivileged under cockpit-ws user
* Lower cockpit-docker Recommends to Suggests
* Upload to unstable, with the above fixes it should be good enough for more
wide-scale testing.
* Initial release. (Closes: #820107)