I happened to chance upon a software project that is sponsored by RedHat, but what exactly is Cockpit and how do I install it?
SnapOverflow
I happened to chance upon a software project that is sponsored by RedHat, but what exactly is Cockpit and how do I install it?
What is Cockpit?
The Cockpit Project is a Project started by Linux developers to provide a clean and crisp web interface for several Linux distros, to help with server administrative tasks.
This project is to provide users - experienced or not - a GUI, meant to aid them in better managing their Linux servers.
There is no extra layer between Linux and Cockpit. Cockpit directly talks to the Linux components. Everything you are viewing in Cockpit, is a live view of the server.
How do I install cockpit?
Installing Cockpit is as easy as running
apt install cockpiton Ubuntu versions 17.04 and or newer.Due note that you might need to enable the cockpit
systemdservice.You can do that like so:
Cockpit relies heavily on
systemdcomponents to work properly. Therefore nonesystemddistros are not supported.Cockpit has new releases roughly twice a month, meaning the cockpit packages available on Ubuntu, will be outdated. No worries though, you can install the latest and greatest, by installing Cockpit, and plugins, via the bionic backports, like so:
apt install cockpit/bionic-backports.To install every cockpit package, in one go, you can use the following one liner:
This will list all the packages from the Ubuntu repos, put them in a while loop, and asks you, per package, if you want to install the specified Cockpit/Cockpit plugin.
There is a complementary blog post per a new Cockpit release, screenshots and all:
If you have a firewall enabled, you have to whitelist port
9090. Use the appropriate firewall software to to do this. If you havefirewalld, here is how you do that:after that, execute
firewall-cmd --reload. Now port9090is whitelisted for access.If you are on your Linux Desktop, you can browse the following URL: http://localhost:9090/, to access the Cockpit login page. If you are on a server, you can access Cockpit, by typing in the IP address and or hostname of the server, and appending
:9090at the end of the URL. And then voila, the Cockpit login page.This is the Cockpit login page. It uses the
/etc/passwdand/etc/shadowfile for the user credentials. Use the credentials of one of the Linux users to login.After login you see the
/systempage, which is an overview of your server. From here, you can browse and click around on what you want to do on your Linux system. Most of this is self explanatory, you will need to have some technical know-how to keep you from mucking up your server, though.The Cockpit dashboard plugin allows you to add other Linux servers - with Cockpit - to a server with the
cockpit-dashboardplugin installed. There in you can click on any of the servers and manage them from there.Removal
To remove Cockpit and all of its plugins and dependencies, I use the following:
This will purge cockpit and its plugins, including its dependencies, completely from your system.
Due note that the likes of Docker will also be purge from your system including docker images. Be aware of what you are doing. At all times.
Security
Cockpit is an alternative Linux session. Meaning it's another session to Linux, opened. Similar to the likes of SSH, X11 and VT logins.
An SSH user can also login to the Cockpit interface, if you log in as a normal user, all of the components that Cockpit is loading, is loaded using that user's specific permissions. Same as when you log in with SSH, if you don't have the rights to view the
/home/otheruser/test/directory, or excecutehaltCockpit can't either. So, rest assure, that they would need to execute some pretty nifty Linux Kong Fu to break the Linux system.For a more in depth blog posts about Cockpit security, please go to the cockpit website and visit the "Is cockpit Secure Post?"
Reference