diff --git a/.cockpit.metadata b/.cockpit.metadata
index 8a82ffa..b930eab 100644
--- a/.cockpit.metadata
+++ b/.cockpit.metadata
@@ -1 +1 @@
-70a78561a0c958723655b998ed85bff6be166cdb SOURCES/cockpit-176.tar.xz
+d70e54c448e3a526975abe862c6c9d86d4ecbc45 SOURCES/cockpit-195.tar.xz
diff --git a/.gitignore b/.gitignore
index 60d5ad0..e7a2847 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/cockpit-176.tar.xz
+SOURCES/cockpit-195.tar.xz
diff --git a/SOURCES/0001-ssh-Use-SHA256-fingerprints-when-available.patch b/SOURCES/0001-ssh-Use-SHA256-fingerprints-when-available.patch
deleted file mode 100644
index 11663ae..0000000
--- a/SOURCES/0001-ssh-Use-SHA256-fingerprints-when-available.patch
+++ /dev/null
@@ -1,125 +0,0 @@
-From 50873a820f9d9c655b93e8ff2d4158aff29761ff Mon Sep 17 00:00:00 2001
-From: Martin Pitt <martin@piware.de>
-Date: Mon, 8 Oct 2018 15:19:02 +0200
-Subject: [PATCH 1/2] ssh: Use SHA256 fingerprints when available
-
-libssh 0.8 offers SHA256 fingerprints in addition to the old MD5/SHA1
-ones. The latter are both cryptographically broken, and not allowed when
-running in FIPS mode -- these cause an assertion crash in OpenSSL.
-
-The "ssh" CLI hasn't shown MD5 fingerprints in a long time, not even on
-RHEL 7 (it shows SHA1 and SHA256 there by default), so this actually
-improves compatibility with ssh.
-
-Use libssh 0.8's ssh_get_fingerprint_hash() function, as ssh itself
-shows SHA256 fingerprints in base64 instead of hex. cockpit-ssh's
-fingerprint prompts should be compatible, and hex fingerprints would be
-overly long.
-
-Adjust most check-multi-machine tests to not care about the particular
-type of fingerprint, as they don't check the actual fingerprint anyway.
-Only `TestMultiMachine.testDirectLogin` does, so adjust the test to
-accept both MD5 and SHA256 fingerprints.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1585191
-
-Closes #10241
----
- configure.ac | 2 ++
- src/ssh/cockpitsshrelay.c | 17 +++++++++++++++--
- src/ssh/test-sshbridge.c | 8 +++++++-
- 3 files changed, 24 insertions(+), 3 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index af8b1e3..b0d4879 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -132,6 +132,8 @@ if test "$enable_ssh" != "no"; then
- AC_DEFINE_UNQUOTED(HAVE_SSH_GET_SERVER_PUBLICKEY, 1, Whether ssh_get_server_publickey is available)
- ])
-
-+ AC_CHECK_DECLS([SSH_PUBLICKEY_HASH_SHA256, ssh_get_fingerprint_hash], [], [], [[#include <libssh/libssh.h>]])
-+
- COCKPIT_SSH_SESSION_CFLAGS="$COCKPIT_CFLAGS $LIBSSH_CFLAGS $KRB5_CFLAGS"
- COCKPIT_SSH_SESSION_LIBS="$COCKPIT_LIBS $LIBSSH_LIBS $KRB5_LIBS"
- AC_SUBST(COCKPIT_SSH_SESSION_LIBS)
-diff --git a/src/ssh/cockpitsshrelay.c b/src/ssh/cockpitsshrelay.c
-index 41286c3..1798345 100644
---- a/src/ssh/cockpitsshrelay.c
-+++ b/src/ssh/cockpitsshrelay.c
-@@ -52,6 +52,15 @@
- #include <fcntl.h>
- #include <time.h>
-
-+/* libssh 0.8 offers SHA256 fingerprints, use them if available */
-+#if HAVE_DECL_SSH_PUBLICKEY_HASH_SHA256
-+#define SSH_PUBLICKEY_HASH SSH_PUBLICKEY_HASH_SHA256
-+#define SSH_PUBLICKEY_HASH_NAME "SHA256"
-+#else
-+#define SSH_PUBLICKEY_HASH SSH_PUBLICKEY_HASH_MD5
-+#define SSH_PUBLICKEY_HASH_NAME "MD5"
-+#endif
-+
- /* we had a private one before moving to /etc/ssh/ssh_known_hosts */
- #define LEGACY_KNOWN_HOSTS PACKAGE_LOCALSTATE_DIR "/known_hosts"
-
-@@ -505,7 +514,7 @@ prompt_for_host_key (CockpitSshData *data)
-
- message = g_strdup_printf ("The authenticity of host '%s:%d' can't be established. Do you want to proceed this time?",
- host, port);
-- prompt = g_strdup_printf ("MD5 Fingerprint (%s):", data->host_key_type);
-+ prompt = g_strdup_printf (SSH_PUBLICKEY_HASH_NAME " Fingerprint (%s):", data->host_key_type);
-
- reply = prompt_with_authorize (data, prompt, message, data->host_fingerprint, data->host_key, TRUE);
-
-@@ -674,7 +683,7 @@ verify_knownhost (CockpitSshData *data,
- goto done;
- }
-
-- if (ssh_get_publickey_hash (key, SSH_PUBLICKEY_HASH_MD5, &hash, &len) < 0)
-+ if (ssh_get_publickey_hash (key, SSH_PUBLICKEY_HASH, &hash, &len) < 0)
- {
- g_warning ("Couldn't hash ssh public key");
- ret = "internal-error";
-@@ -682,7 +691,11 @@ verify_knownhost (CockpitSshData *data,
- }
- else
- {
-+#if HAVE_DECL_SSH_GET_FINGERPRINT_HASH
-+ data->host_fingerprint = ssh_get_fingerprint_hash (SSH_PUBLICKEY_HASH, hash, len);
-+#else
- data->host_fingerprint = ssh_get_hexa (hash, len);
-+#endif
- ssh_clean_pubkey_hash (&hash);
- }
-
-diff --git a/src/ssh/test-sshbridge.c b/src/ssh/test-sshbridge.c
-index e86f639..bc5bc3a 100644
---- a/src/ssh/test-sshbridge.c
-+++ b/src/ssh/test-sshbridge.c
-@@ -563,7 +563,13 @@ test_echo_large (TestCase *tc,
-
- static const gchar MOCK_RSA_KEY[] = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYzo07OA0H6f7orVun9nIVjGYrkf8AuPDScqWGzlKpAqSipoQ9oY/mwONwIOu4uhKh7FTQCq5p+NaOJ6+Q4z++xBzSOLFseKX+zyLxgNG28jnF06WSmrMsSfvPdNuZKt9rZcQFKn9fRNa8oixa+RsqEEVEvTYhGtRf7w2wsV49xIoIza/bln1ABX1YLaCByZow+dK3ZlHn/UU0r4ewpAIZhve4vCvAsMe5+6KJH8ft/OKXXQY06h6jCythLV4h18gY/sYosOa+/4XgpmBiE7fDeFRKVjP3mvkxMpxce+ckOFae2+aJu51h513S9kxY2PmKaV/JU9HBYO+yO4j+j24v";
-
-+#if HAVE_DECL_SSH_PUBLICKEY_HASH_SHA256
-+static const gchar MOCK_RSA_FP[] = "SHA256:XQ8a7zGxMFstDrGecBRUP9OMnOUXd/T3vkNGtYShs2w";
-+#define SSH_PUBLICKEY_HASH_NAME "SHA256"
-+#else
- static const gchar MOCK_RSA_FP[] = "0e:6a:c8:b1:07:72:e2:04:95:9f:0e:b3:56:af:48:e2";
-+#define SSH_PUBLICKEY_HASH_NAME "MD5"
-+#endif
-
-
- static void
-@@ -634,7 +640,7 @@ do_hostkey_conversation (TestCase *tc,
- (int)tc->ssh_port, MOCK_RSA_FP,
- (int)tc->ssh_port, MOCK_RSA_KEY);
-
-- do_auth_conversation (tc->transport, "MD5 Fingerprint (ssh-rsa):",
-+ do_auth_conversation (tc->transport, SSH_PUBLICKEY_HASH_NAME " Fingerprint (ssh-rsa):",
- expect_json, response, add_header);
- g_free (expect_json);
- }
---
-2.19.1
-
diff --git a/SOURCES/0001-test-Disable-packet-channel-large.patch b/SOURCES/0001-test-Disable-packet-channel-large.patch
new file mode 100644
index 0000000..21e6aae
--- /dev/null
+++ b/SOURCES/0001-test-Disable-packet-channel-large.patch
@@ -0,0 +1,33 @@
+From 8f9b44617f2362d8d6dbb62c99a907c9018aa1f1 Mon Sep 17 00:00:00 2001
+From: Martin Pitt <mpitt@redhat.com>
+Date: Mon, 3 Jun 2019 15:01:28 +0200
+Subject: [PATCH] test: Disable /packet-channel/large
+
+In brew for 7.7 (and only there) this test is flaky and often fails with
+
+ 22 Invalid argument (<type 'exceptions.IOError'>, IOError(22, 'Invalid argument'), <traceback object at 0x7ffff7e15dd0>)
+
+Disable this check until this gets debugged. It works fine on a RHEL 7.7
+VM mock in upstream CI.
+---
+ src/bridge/test-packet-channel.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/bridge/test-packet-channel.c b/src/bridge/test-packet-channel.c
+index 17b643ff8..d5f4552a3 100644
+--- a/src/bridge/test-packet-channel.c
++++ b/src/bridge/test-packet-channel.c
+@@ -620,8 +620,10 @@ main (int argc,
+
+ g_test_add ("/packet-channel/echo", TestCase, NULL,
+ setup_channel, test_echo, teardown);
++ /*
+ g_test_add ("/packet-channel/large", TestCase, NULL,
+ setup_channel, test_large, teardown);
++ */
+ g_test_add ("/packet-channel/connect-in-progress",
+ TestCase, &fixture_connect_in_progress,
+ setup_channel, test_connect_in_progress, teardown);
+--
+2.21.0
+
diff --git a/SOURCES/9999-Build-system-generated-changes-from-patches.patch b/SOURCES/9999-Build-system-generated-changes-from-patches.patch
deleted file mode 100644
index ec45230..0000000
--- a/SOURCES/9999-Build-system-generated-changes-from-patches.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From f2df0777226cf446d682812f464f68e91cbd25b4 Mon Sep 17 00:00:00 2001
-From: Martin Pitt <martin@piware.de>
-Date: Sun, 28 Oct 2018 13:55:38 +0100
-Subject: [PATCH 2/2] Build system generated changes from patches
-
----
- configure | 90 ++++++++++++++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 80 insertions(+), 10 deletions(-)
-
-diff --git a/configure b/configure
-index 841293e..665e89c 100755
---- a/configure
-+++ b/configure
-@@ -1939,6 +1939,52 @@ fi
-
- } # ac_fn_c_try_link
-
-+# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
-+# ---------------------------------------------
-+# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
-+# accordingly.
-+ac_fn_c_check_decl ()
-+{
-+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-+ as_decl_name=`echo $2|sed 's/ *(.*//'`
-+ as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'`
-+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5
-+$as_echo_n "checking whether $as_decl_name is declared... " >&6; }
-+if eval \${$3+:} false; then :
-+ $as_echo_n "(cached) " >&6
-+else
-+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-+/* end confdefs.h. */
-+$4
-+int
-+main ()
-+{
-+#ifndef $as_decl_name
-+#ifdef __cplusplus
-+ (void) $as_decl_use;
-+#else
-+ (void) $as_decl_name;
-+#endif
-+#endif
-+
-+ ;
-+ return 0;
-+}
-+_ACEOF
-+if ac_fn_c_try_compile "$LINENO"; then :
-+ eval "$3=yes"
-+else
-+ eval "$3=no"
-+fi
-+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-+fi
-+eval ac_res=\$$3
-+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-+$as_echo "$ac_res" >&6; }
-+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-+
-+} # ac_fn_c_check_decl
-+
- # ac_fn_c_check_func LINENO FUNC VAR
- # ----------------------------------
- # Tests whether FUNC exists, setting the cache variable VAR accordingly
-@@ -6891,6 +6937,30 @@ _ACEOF
- fi
-
-
-+ ac_fn_c_check_decl "$LINENO" "SSH_PUBLICKEY_HASH_SHA256" "ac_cv_have_decl_SSH_PUBLICKEY_HASH_SHA256" "#include <libssh/libssh.h>
-+"
-+if test "x$ac_cv_have_decl_SSH_PUBLICKEY_HASH_SHA256" = xyes; then :
-+ ac_have_decl=1
-+else
-+ ac_have_decl=0
-+fi
-+
-+cat >>confdefs.h <<_ACEOF
-+#define HAVE_DECL_SSH_PUBLICKEY_HASH_SHA256 $ac_have_decl
-+_ACEOF
-+ac_fn_c_check_decl "$LINENO" "ssh_get_fingerprint_hash" "ac_cv_have_decl_ssh_get_fingerprint_hash" "#include <libssh/libssh.h>
-+"
-+if test "x$ac_cv_have_decl_ssh_get_fingerprint_hash" = xyes; then :
-+ ac_have_decl=1
-+else
-+ ac_have_decl=0
-+fi
-+
-+cat >>confdefs.h <<_ACEOF
-+#define HAVE_DECL_SSH_GET_FINGERPRINT_HASH $ac_have_decl
-+_ACEOF
-+
-+
- COCKPIT_SSH_SESSION_CFLAGS="$COCKPIT_CFLAGS $LIBSSH_CFLAGS $KRB5_CFLAGS"
- COCKPIT_SSH_SESSION_LIBS="$COCKPIT_LIBS $LIBSSH_LIBS $KRB5_LIBS"
-
diff --git a/SPECS/cockpit.spec b/SPECS/cockpit.spec
index 9e85bc5..0fd9698 100644
--- a/SPECS/cockpit.spec
+++ b/SPECS/cockpit.spec
@@ -1,3 +1,15 @@
+# This spec file has been automatically updated
+Version: 195
+Release: 1%{?dist}
+#
+# This file is maintained at the following location:
+# https://github.com/cockpit-project/cockpit/blob/master/tools/cockpit.spec
+#
+# If you are editing this file in another location, changes will likely
+# be clobbered the next time an automated release is done.
+#
+# Check first cockpit-devel@lists.fedorahosted.org
+#
# Globals that may be defined elsewhere
# * Version 122
# * wip 1
@@ -7,8 +19,13 @@
# by tools/gen-spec-dependencies during "make dist", but keep a hardcoded fallback
%define required_base 122
+# we generally want CentOS packages to be like RHEL; special cases need to check %{centos} explicitly
%if 0%{?centos}
-%define rhel %{?centos}
+%define rhel %{centos}
+%endif
+
+%if "%{!?__python3:1}"
+%define __python3 /usr/bin/python3
%endif
# for testing this already gets set in fedora.install, as we want the target
@@ -20,7 +37,7 @@
%define _hardened_build 1
# define to build the dashboard; i686 buildroot does not have libssh-devel
-%ifarch x86_64 %{arm} aarch64 ppc64le s390x %{ix86}
+%ifarch x86_64 %{arm} aarch64 ppc64le s390x
%define build_dashboard 1
%endif
@@ -44,39 +61,41 @@
%define build_subscriptions 1
%endif
+# cockpit-kubernetes is RHEL 7 and Fedora < 30 only, and 64 bit arches only
+%if (0%{?fedora} && 0%{?fedora} < 30) || (0%{?rhel} >= 7 && 0%{?rhel} < 8)
+%ifarch aarch64 x86_64 ppc64le s390x
+%define build_kubernetes 1
+%endif
+%endif
-%define libssh_version 0.7.1-7
-%if 0%{?fedora} > 0 && 0%{?fedora} < 22
-%define libssh_version 0.6.0
+# cockpit-machines-ovirt is RHEL 7 and Fedora < 30 only
+%if (0%{?fedora} && 0%{?fedora} < 30) || (0%{?rhel} >= 7 && 0%{?rhel} < 8)
+%define build_ovirt 1
%endif
-%if 0%{?rhel} >= 7
+%if 0%{?rhel} >= 8
%global go_scl_prefix go-toolset-7-
%else
%global go_scl_prefix %{nil}
%endif
-%if 0%{?rhel} >= 7 || 0%{?centos}
+%if 0%{?rhel} >= 7
%define vdo_on_demand 1
%endif
Name: cockpit
-Summary: A user interface for Linux servers
+Summary: Web Console for Linux servers
License: LGPLv2+
URL: https://cockpit-project.org/
-Version: 176
%if %{defined wip}
-Release: 1.%{wip}%{?dist}
Source0: cockpit-%{version}.tar.gz
%else
-Release: 4%{?dist}
Source0: https://github.com/cockpit-project/cockpit/releases/download/%{version}/cockpit-%{version}.tar.xz
%endif
-Patch1: 0001-ssh-Use-SHA256-fingerprints-when-available.patch
-Patch9999: 9999-Build-system-generated-changes-from-patches.patch
+Patch0001: 0001-test-Disable-packet-channel-large.patch
BuildRequires: gcc
BuildRequires: pkgconfig(gio-unix-2.0)
@@ -92,7 +111,7 @@ BuildRequires: /usr/bin/python2
%endif
BuildRequires: intltool
%if %{defined build_dashboard}
-BuildRequires: libssh-devel >= %{libssh_version}
+BuildRequires: libssh-devel >= 0.7.1
%endif
BuildRequires: openssl-devel
BuildRequires: zlib-devel
@@ -101,13 +120,13 @@ BuildRequires: libxslt-devel
BuildRequires: docbook-style-xsl
BuildRequires: glib-networking
BuildRequires: sed
-BuildRequires: git
BuildRequires: glib2-devel >= 2.37.4
BuildRequires: systemd-devel
BuildRequires: pcp-libs-devel
BuildRequires: krb5-server
BuildRequires: gdb
+BuildRequires: openssh-clients
# For documentation
BuildRequires: xmlto
@@ -119,8 +138,8 @@ Requires: cockpit-bridge
Requires: cockpit-ws
Requires: cockpit-system
-# Optional components (for f24 we use soft deps)
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+# Optional components
+%if 0%{?fedora} || 0%{?rhel} >= 8
%if 0%{?rhel} == 0
Recommends: cockpit-dashboard
%ifarch x86_64 %{arm} aarch64 ppc64le i686 s390x
@@ -130,30 +149,19 @@ Recommends: (cockpit-docker if /usr/bin/docker)
Recommends: (cockpit-networkmanager if NetworkManager)
Recommends: (cockpit-storaged if udisks2)
Recommends: cockpit-packagekit
-%if 0%{?rhel} >= 8
+%if 0%{?rhel} >= 8 && 0%{?centos} == 0
Recommends: subscription-manager-cockpit
%endif
Suggests: cockpit-pcp
+%if 0%{?build_kubernetes}
Suggests: cockpit-kubernetes
+%endif
Suggests: cockpit-selinux
%endif
%prep
%setup -q -n cockpit-%{version}
-
-# Apply patches using git in order to support binary patches. Note that
-# we also reset mtimes since patches should be "complete" and include both
-# generated and source file changes
-# Keep this in sync with tools/debian/rules.
-if [ -n "%{patches}" ]; then
- git init
- git config user.email "unused@example.com" && git config user.name "Unused"
- git config core.autocrlf false && git config core.safecrlf false && git config gc.auto 0
- git add -f . && git commit -a -q -m "Base" && git tag -a initial --message="initial"
- git am --whitespace=nowarn %{patches}
- touch -r $(git diff --name-only initial..HEAD) .git Makefile.in aclocal.m4
- rm -rf .git
-fi
+%autopatch -p1
%build
exec 2>&1
@@ -185,17 +193,13 @@ rm -f %{buildroot}/%{_prefix}/%{__lib}/firewalld/services/cockpit.xml
%endif
install -p -m 644 AUTHORS COPYING README.md %{buildroot}%{_docdir}/cockpit/
-# On RHEL we don't yet show options for changing language
-%if 0%{?rhel}
-echo '{ "linguas": null }' > %{buildroot}%{_datadir}/cockpit/shell/override.json
-%endif
-
# Build the package lists for resource packages
echo '%dir %{_datadir}/cockpit/base1' > base.list
find %{buildroot}%{_datadir}/cockpit/base1 -type f >> base.list
echo '%{_sysconfdir}/cockpit/machines.d' >> base.list
+echo %{buildroot}%{_datadir}/polkit-1/actions/org.cockpit-project.cockpit-bridge.policy >> base.list
# RHEL 7 needs to keep cockpit-ssh in dashboard for backwards compat
-%if 0%{?rhel} == 7 || 0%{?centos} == 7
+%if 0%{?rhel} == 7
find %{buildroot}%{_datadir}/cockpit/ssh -type f >> dashboard.list
echo '%{_libexecdir}/cockpit-ssh' >> dashboard.list
%else
@@ -207,7 +211,7 @@ echo '%{_libexecdir}/cockpit-ssh' >> base.list
echo '%dir %{_datadir}/cockpit/dashboard' >> dashboard.list
find %{buildroot}%{_datadir}/cockpit/dashboard -type f >> dashboard.list
%else
-rm -rf %{buildroot}/%{_datadir}/cockpit/dashboard %{buildroot}/%{_datadir}/cockpit/ssh
+rm -rf %{buildroot}/%{_datadir}/cockpit/dashboard %{buildroot}/%{_datadir}/cockpit/ssh
touch dashboard.list
%endif
@@ -254,12 +258,20 @@ find %{buildroot}%{_datadir}/cockpit/packagekit -type f >> packagekit.list
echo '%dir %{_datadir}/cockpit/machines' > machines.list
find %{buildroot}%{_datadir}/cockpit/machines -type f >> machines.list
+%if 0%{?build_ovirt}
echo '%dir %{_datadir}/cockpit/ovirt' > ovirt.list
find %{buildroot}%{_datadir}/cockpit/ovirt -type f >> ovirt.list
+%else
+rm -rf %{buildroot}/%{_datadir}/cockpit/ovirt
+touch ovirt.list
+%endif
echo '%dir %{_datadir}/cockpit/selinux' > selinux.list
find %{buildroot}%{_datadir}/cockpit/selinux -type f >> selinux.list
+echo '%dir %{_datadir}/cockpit/playground' > tests.list
+find %{buildroot}%{_datadir}/cockpit/playground -type f >> tests.list
+
%ifarch x86_64 %{arm} aarch64 ppc64le i686 s390x
%if 0%{?fedora} || 0%{?rhel} < 8
echo '%dir %{_datadir}/cockpit/docker' > docker.list
@@ -273,7 +285,7 @@ rm -rf %{buildroot}/%{_datadir}/cockpit/docker
touch docker.list
%endif
-%ifarch aarch64 x86_64 ppc64le s390x
+%if 0%{?build_kubernetes}
%if %{defined wip}
%else
rm %{buildroot}/%{_datadir}/cockpit/kubernetes/override.json
@@ -292,19 +304,21 @@ touch kubernetes.list
%if 0%{?build_basic} == 0
for pkg in base1 branding motd kdump networkmanager realmd selinux shell sosreport ssh static systemd tuned users; do
rm -r %{buildroot}/%{_datadir}/cockpit/$pkg
+ rm -f %{buildroot}/%{_datadir}/metainfo/org.cockpit-project.cockpit-${pkg}.metainfo.xml
done
-for data in applications doc locale man metainfo pixmaps; do
+for data in doc locale man pixmaps polkit-1; do
rm -r %{buildroot}/%{_datadir}/$data
done
for lib in systemd tmpfiles.d firewalld; do
rm -r %{buildroot}/%{_prefix}/%{__lib}/$lib
done
-for libexec in cockpit-askpass cockpit-session cockpit-ws; do
+for libexec in cockpit-askpass cockpit-session cockpit-ws cockpit-desktop; do
rm %{buildroot}/%{_libexecdir}/$libexec
done
rm -r %{buildroot}/%{_libdir}/security %{buildroot}/%{_sysconfdir}/pam.d %{buildroot}/%{_sysconfdir}/motd.d %{buildroot}/%{_sysconfdir}/issue.d
rm %{buildroot}/usr/bin/cockpit-bridge %{buildroot}/usr/sbin/remotectl
rm -f %{buildroot}%{_libexecdir}/cockpit-ssh
+rm -f %{buildroot}%{_datadir}/metainfo/cockpit.appdata.xml
%endif
# when not building optional packages, remove their files
@@ -318,12 +332,14 @@ rm -r %{buildroot}/%{_prefix}/%{__lib}/cockpit-test-assets %{buildroot}/%{_sysco
rm -r %{buildroot}/%{_libexecdir}/cockpit-pcp %{buildroot}/%{_localstatedir}/lib/pcp/
# files from -kubernetes
rm -f %{buildroot}/%{_libexecdir}/cockpit-kube-auth %{buildroot}/%{_libexecdir}/cockpit-kube-launch %{buildroot}/%{_libexecdir}/cockpit-stub
+# files from -machines
+rm -f %{buildroot}/%{_prefix}/share/metainfo/org.cockpit-project.cockpit-machines.metainfo.xml
+# files from -storaged
+rm -f %{buildroot}/%{_prefix}/share/metainfo/org.cockpit-project.cockpit-storaged.metainfo.xml
%endif
-# On RHEL, apps is not currently built
-%if 0%{?rhel}
+# On RHEL 7, apps is not shipped
rm -rf %{buildroot}/%{_datadir}/%{name}/apps
-%endif
sed -i "s|%{buildroot}||" *.list
@@ -343,7 +359,7 @@ rm -f %{buildroot}%{_datadir}/metainfo/org.cockpit-project.cockpit-kdump.metainf
rm -f %{buildroot}%{_datadir}/pixmaps/cockpit-sosreport.png
%endif
-%if 0%{?rhel}%{?centos}
+%if 0%{?rhel}
rm -f %{buildroot}%{_datadir}/metainfo/org.cockpit-project.cockpit-selinux.metainfo.xml
%endif
@@ -354,7 +370,7 @@ rm -f %{buildroot}%{_datadir}/metainfo/org.cockpit-project.cockpit-selinux.metai
# dwz has trouble with the go binaries
# https://fedoraproject.org/wiki/PackagingDrafts/Go
%global _dwz_low_mem_die_limit 0
-%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
+%if 0%{?fedora} || 0%{?rhel} >= 8
%global _debugsource_packages 1
%global _debuginfo_subpackages 0
%endif
@@ -373,8 +389,11 @@ rm -f %{buildroot}%{_datadir}/metainfo/org.cockpit-project.cockpit-selinux.metai
%if 0%{?build_basic}
%description
-Cockpit runs in a browser and can manage your network of GNU/Linux
-machines.
+The Cockpit Web Console enables users to administer GNU/Linux servers using a
+web browser.
+
+It offers network configuration, log inspection, diagnostic reports, SELinux
+troubleshooting, interactive command-line sessions, and more.
%files
%{_docdir}/cockpit/AUTHORS
@@ -382,7 +401,6 @@ machines.
%{_docdir}/cockpit/README.md
%dir %{_datadir}/cockpit
%{_datadir}/metainfo/cockpit.appdata.xml
-%{_datadir}/applications/cockpit.desktop
%{_datadir}/pixmaps/cockpit.png
%doc %{_mandir}/man1/cockpit.1.gz
@@ -391,7 +409,7 @@ machines.
Summary: Cockpit bridge server-side component
Requires: glib-networking
%if 0%{?rhel} != 7 && 0%{?centos} != 7
-Requires: libssh >= %{libssh_version}
+Requires: libssh >= 0.7.1
Provides: cockpit-ssh = %{version}-%{release}
# cockpit-ssh moved from dashboard to bridge in 171
Conflicts: cockpit-dashboard < 170.x
@@ -402,7 +420,6 @@ The Cockpit bridge component installed server side and runs commands on the
system on behalf of the web based user interface.
%files bridge -f base.list
-%{_datadir}/cockpit/base1/bundle.min.js.gz
%doc %{_mandir}/man1/cockpit-bridge.1.gz
%{_bindir}/cockpit-bridge
%{_libexecdir}/cockpit-askpass
@@ -431,18 +448,17 @@ Requires: libpwquality
Requires: /usr/bin/date
Provides: cockpit-realmd = %{version}-%{release}
Provides: cockpit-shell = %{version}-%{release}
-Obsoletes: cockpit-shell < 127
Provides: cockpit-systemd = %{version}-%{release}
Provides: cockpit-tuned = %{version}-%{release}
Provides: cockpit-users = %{version}-%{release}
%if 0%{?rhel}
Provides: cockpit-networkmanager = %{version}-%{release}
-Obsoletes: cockpit-networkmanager < 135
+Obsoletes: cockpit-networkmanager
Requires: NetworkManager
Provides: cockpit-kdump = %{version}-%{release}
Requires: kexec-tools
# Optional components (only when soft deps are supported)
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+%if 0%{?fedora} || 0%{?rhel} >= 8
Recommends: polkit
%endif
%if 0%{?rhel} >= 8
@@ -456,6 +472,13 @@ Provides: cockpit-sosreport = %{version}-%{release}
Provides: cockpit-subscriptions = %{version}-%{release}
Requires: subscription-manager >= 1.13
%endif
+# NPM modules which are also available as packages
+Provides: bundled(js-jquery) = 3.4.0
+Provides: bundled(js-moment) = 2.24.0
+Provides: bundled(nodejs-flot) = 0.8.3
+Provides: bundled(nodejs-promise) = 8.0.3
+Provides: bundled(xstatic-bootstrap-datepicker-common) = 1.8.0
+Provides: bundled(xstatic-patternfly-common) = 3.58.0
%description system
This package contains the Cockpit shell and system configuration interfaces.
@@ -467,13 +490,17 @@ Summary: Cockpit Web Service
Requires: glib-networking
Requires: openssl
Requires: glib2 >= 2.37.4
+# RHEL/CentOS 7 has firewalld 0.6.x, but does not ship cockpit service
+%if 0%{?rhel} != 7
%if 0%{?firewalld_service}
Conflicts: firewalld >= 0.6.0-1
%else
Conflicts: firewalld < 0.6.0-1
%endif
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+%endif
+%if 0%{?fedora} || 0%{?rhel} >= 8
Recommends: sscg >= 2.3
+Recommends: system-logos
%endif
Requires(post): systemd
Requires(preun): systemd
@@ -483,6 +510,7 @@ Requires(postun): systemd
The Cockpit Web Service listens on the network, and authenticates users.
%files ws -f cockpit.lang
+%doc %{_mandir}/man1/cockpit-desktop.1.gz
%doc %{_mandir}/man5/cockpit.conf.5.gz
%doc %{_mandir}/man8/cockpit-ws.8.gz
%doc %{_mandir}/man8/remotectl.8.gz
@@ -503,6 +531,7 @@ The Cockpit Web Service listens on the network, and authenticates users.
%{_sbindir}/remotectl
%{_libdir}/security/pam_ssh_add.so
%{_libexecdir}/cockpit-ws
+%{_libexecdir}/cockpit-desktop
%attr(4750, root, cockpit-ws) %{_libexecdir}/cockpit-session
%attr(775, -, wheel) %{_localstatedir}/lib/cockpit
%{_datadir}/cockpit/static
@@ -510,7 +539,7 @@ The Cockpit Web Service listens on the network, and authenticates users.
%pre ws
getent group cockpit-ws >/dev/null || groupadd -r cockpit-ws
-getent passwd cockpit-ws >/dev/null || useradd -r -g cockpit-ws -d / -s /sbin/nologin -c "User for cockpit-ws" cockpit-ws
+getent passwd cockpit-ws >/dev/null || useradd -r -g cockpit-ws -d /nonexisting -s /sbin/nologin -c "User for cockpit-ws" cockpit-ws
%post ws
%systemd_post cockpit.socket
@@ -525,14 +554,14 @@ test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true
%systemd_postun_with_restart cockpit.service
# -------------------------------------------------------------------------------
-# Sub-packages that are part of cockpit-system in RHEL, but separate in Fedora
+# Sub-packages that are part of cockpit-system in RHEL/CentOS, but separate in Fedora
%if 0%{?rhel} == 0
%package kdump
Summary: Cockpit user interface for kernel crash dumping
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-shell >= 122
Requires: kexec-tools
BuildArch: noarch
@@ -544,8 +573,8 @@ The Cockpit component for configuring kernel crash dumping.
%package sosreport
Summary: Cockpit user interface for diagnostic reports
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-shell >= 122
Requires: sos
BuildArch: noarch
@@ -559,11 +588,11 @@ sosreport tool.
%package networkmanager
Summary: Cockpit user interface for networking, using NetworkManager
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-shell >= 122
Requires: NetworkManager
# Optional components (only when soft deps are supported)
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+%if 0%{?fedora} || 0%{?rhel} >= 8
Recommends: NetworkManager-team
%endif
BuildArch: noarch
@@ -575,13 +604,13 @@ The Cockpit component for managing networking. This package uses NetworkManager
%endif
-%if 0%{?rhel}%{?centos} == 0
+%if 0%{?rhel} == 0
%package selinux
Summary: Cockpit SELinux package
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+Requires: cockpit-bridge >= 122
+Requires: cockpit-shell >= 122
+%if 0%{?fedora} || 0%{?rhel} >= 8
Requires: setroubleshoot-server >= 3.3.3
%endif
BuildArch: noarch
@@ -608,21 +637,24 @@ Dummy package from building optional packages only; never install or publish me.
%if 0%{?build_optional}
-# storaged on Fedora < 27, udisks on newer ones
-# Recommends: not supported in RHEL <= 7
%package -n cockpit-storaged
Summary: Cockpit user interface for storage, using udisks
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-shell >= 122
Requires: udisks2 >= 2.6
+%if 0%{?rhel} == 7
+# Recommends: not supported in RHEL <= 7
Requires: udisks2-lvm2 >= 2.6
Requires: udisks2-iscsi >= 2.6
Requires: device-mapper-multipath
-%if 0%{?fedora} || 0%{?rhel} >= 8
-Requires: python3
-Requires: python3-dbus
-%else
Requires: python
Requires: python-dbus
+%else
+Recommends: udisks2-lvm2 >= 2.6
+Recommends: udisks2-iscsi >= 2.6
+Recommends: device-mapper-multipath
+Recommends: clevis-luks
+Requires: %{__python3}
+Requires: python3-dbus
%endif
BuildArch: noarch
@@ -630,7 +662,7 @@ BuildArch: noarch
The Cockpit component for managing storage. This package uses udisks.
%files -n cockpit-storaged -f storaged.list
-
+%{_datadir}/metainfo/org.cockpit-project.cockpit-storaged.metainfo.xml
%package -n cockpit-tests
Summary: Tests for Cockpit
@@ -638,26 +670,31 @@ Requires: cockpit-bridge >= 138
Requires: cockpit-system >= 138
Requires: openssh-clients
Provides: cockpit-test-assets = %{version}-%{release}
-Obsoletes: cockpit-test-assets < 132
%description -n cockpit-tests
This package contains tests and files used while testing Cockpit.
These files are not required for running Cockpit.
-%files -n cockpit-tests
+%files -n cockpit-tests -f tests.list
%config(noreplace) %{_sysconfdir}/cockpit/cockpit.conf
-%{_datadir}/cockpit/playground
%{_prefix}/%{__lib}/cockpit-test-assets
%package -n cockpit-machines
Summary: Cockpit user interface for virtual machines
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-system >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-system >= 122
+%if 0%{?rhel} == 7
Requires: libvirt
+%else
+Requires: (libvirt-daemon-kvm or libvirt)
+%endif
Requires: libvirt-client
-# Optional components (for f24 we use soft deps)
-%if 0%{?fedora} >= 24 || 0%{?rhel} >= 8
+Requires: libvirt-dbus >= 1.2.0
+%if 0%{?fedora} || 0%{?rhel} >= 8
+# Optional components
Recommends: virt-install
+Recommends: libosinfo
+Recommends: python3-gobject-base
%endif
%description -n cockpit-machines
@@ -666,27 +703,32 @@ The Cockpit components for managing virtual machines.
If "virt-install" is installed, you can also create new virtual machines.
%files -n cockpit-machines -f machines.list
+%{_datadir}/metainfo/org.cockpit-project.cockpit-machines.metainfo.xml
+
+%if 0%{?build_ovirt}
%package -n cockpit-machines-ovirt
BuildArch: noarch
Summary: Cockpit user interface for oVirt virtual machines
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-system >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-system >= 122
+%if 0%{?rhel} == 7
Requires: libvirt
-Requires: libvirt-client
-# package of old name "cockpit-ovirt" was shipped on fedora only
-%if 0%{?fedora} >= 25
-Obsoletes: cockpit-ovirt < 161
+%else
+Requires: (libvirt-daemon-kvm or libvirt)
%endif
+Requires: libvirt-client
%description -n cockpit-machines-ovirt
The Cockpit components for managing oVirt virtual machines.
%files -n cockpit-machines-ovirt -f ovirt.list
+%endif
+
%package -n cockpit-pcp
Summary: Cockpit PCP integration
-Requires: cockpit-bridge >= %{required_base}
+Requires: cockpit-bridge >= 134.x
Requires: pcp
%description -n cockpit-pcp
@@ -705,16 +747,17 @@ Cockpit support for reading PCP metrics and loading PCP archives.
%if %{defined build_dashboard}
%package -n cockpit-dashboard
Summary: Cockpit remote servers and dashboard
-%if 0%{?rhel} == 7 || 0%{?centos} == 7
-Requires: libssh >= %{libssh_version}
+%if 0%{?rhel} == 7
Provides: cockpit-ssh = %{version}-%{release}
# nothing depends on the dashboard, but we can't use it with older versions of the bridge
Conflicts: cockpit-bridge < 135
+# PR #10430 dropped workaround for ws' inability to understand x-host-key challenge
+Conflicts: cockpit-ws < 173.1
%else
BuildArch: noarch
Requires: cockpit-ssh >= 135
-%endif
Conflicts: cockpit-ws < 135
+%endif
%description -n cockpit-dashboard
Cockpit support for connecting to remote servers (through ssh),
@@ -729,12 +772,12 @@ bastion hosts, and a basic dashboard.
%if 0%{?fedora} || 0%{?rhel} < 8
%package -n cockpit-docker
Summary: Cockpit user interface for Docker containers
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-bridge >= 122
+Requires: cockpit-shell >= 122
Requires: /usr/bin/docker
Requires: /usr/lib/systemd/system/docker.service
%if 0%{?fedora}
-Requires: python3
+Requires: %{__python3}
%else
Requires: python2
%endif
@@ -748,14 +791,14 @@ This package is not yet complete.
%endif
%endif
-%ifarch aarch64 x86_64 ppc64le s390x
+%if 0%{?build_kubernetes}
%package -n cockpit-kubernetes
Summary: Cockpit user interface for Kubernetes cluster
Requires: /usr/bin/kubectl
# Requires: Needs newer localization support
-Requires: cockpit-bridge >= %{required_base}
-Requires: cockpit-shell >= %{required_base}
+Requires: cockpit-bridge >= 137.x
+Requires: cockpit-shell >= 137.x
BuildRequires: %{go_scl_prefix}golang-bin
BuildRequires: %{go_scl_prefix}golang-src
Provides: cockpit-stub = %{version}-%{release}
@@ -787,8 +830,18 @@ The Cockpit component for installing package updates, via PackageKit.
%endif # build optional extension packages
%changelog
-* Thu Nov 29 2018 Johnny Hughes <johnny@centos.org> 176-4
-- Manual CentOS Debranding
+* Mon Jun 03 2019 Martin Pitt <mpitt@redhat.com> 195-1
+- Machines: Reset source when changing source type rhbz#1707655
+- Machines: Disallow detaching disks on paused VMs rhbz#1708515
+- Machines: Fix crash with non-existing storage pools rhbz#1712441
+- Machines: Fix issues with NIC edit dialog rhbz#1708976
+- Machines: Always shut off the VMs before deletion rhbz#1706678
+- cockpit-machines: Require libvirt-dbus rhbz#1712911
+
+* Thu May 09 2019 Martin Pitt <mpitt@redhat.com> 193-1
+- Storage: Fix fstab entries for VDO volumes rhbz#1669402
+- Storage: Only show NFS mounts in NFS table rhbz#1689235
+- Docker: Include kubernetes containers in CPU/memory graphs rhbz#1525794
* Mon Oct 29 2018 Martin Pitt <mpitt@redhat.com> 176-4
- Switch to ssh SHA256 fingerprints, to fix crash in FIPS mode