Cockpit 0.62 contains a number of compatibility fixes.
In particular, bugs were fixed that caused adding and using servers from
the dashboard to break. One fix was on the bridge side and the other on
web service side (ie: both hosts need an update).
The fixes:
https://github.com/cockpit-project/cockpit/pull/2440https://github.com/cockpit-project/cockpit/pull/2425
Prior to 0.62, different versions of Cockpit may not work well with
another between servers. There are many prior versions where this
limitation does not apply, but it's a good general rule.
In addition there's a fix in 0.62 which fixed compatibility with docker
1.7 and later:
https://github.com/cockpit-project/cockpit/pull/2444
Another fix will be along shortly to fix generation of certificates for
old versions of NSS:
https://github.com/cockpit-project/cockpit/issues/2423
Hope this helps with packaging and diagnosing issues.
Cheers,
Stef
================
#cockpit Meeting
================
Meeting started by mvollmer at 13:01:55 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/cockpit/2015-06-29/cockpit.2015-06-29-13.0…
.
Meeting summary
---------------
* Agenda (mvollmer, 13:02:55)
* Certificate generation fixes (mvollmer, 13:04:48)
* LINK: https://github.com/cockpit-project/cockpit/issues/2423
(stefw, 13:05:23)
* Will rewrite CA generation to have a self-signed CA and a signed
certificate from that to use in cockpit-ws (stefw, 13:14:59)
* Announcing compatibility issues (mvollmer, 13:16:43)
* SSH key authentication UX (mvollmer, 13:29:30)
* petervo, andreasn, will start up a feature page for key based SSH UX
(stefw, 13:33:39)
* Fedora 23 jQuery chang (mvollmer, 13:36:19)
* journal (mvollmer, 13:54:08)
* dperpeet, andreasn will start feature page in wiki for new journal
layout (dperpeet, 14:03:30)
* master testing (mvollmer, 14:04:08)
* LINK: https://github.com/cockpit-project/cockpit/pull/2445
(mvollmer, 14:05:45)
* ACTION: dperpeet make sure that master testing doesnt happen too
often (mvollmer, 14:11:44)
* open floor (mvollmer, 14:15:57)
Meeting ended at 14:17:26 UTC.
Action Items
------------
* dperpeet make sure that master testing doesnt happen too often
Action Items, by person
-----------------------
* dperpeet
* dperpeet make sure that master testing doesnt happen too often
* **UNASSIGNED**
* (none)
People Present (lines said)
---------------------------
* stefw (171)
* dperpeet (84)
* mvollmer (79)
* andreasn (27)
* sgallagh (12)
* zodbot (7)
* petervo (3)
* Shad0w_Crux (1)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
This is really the sorta thing we should discuss on cockpit-devel. I'll
CC the email.
For anyone following along, there was an addition to the dbus-json3
channel in the cockpit transport protocol that broke connecting from
earlier versions cockpit.js to later versions of cockpit-bridge.
On 18.06.2015 03:17, Marius Vollmer wrote:
> Peter Volpe <pvolpe(a)redhat.com> writes:
>
>> As Stef brought up on IRC we already have channel options for optional
>> behavior so my plan is
>>
>> 1) Add a permissive_client boolean with a default value of false to
>> the dbus channel options here:
>> https://github.com/cockpit-project/cockpit/blob/master/src/bridge/cockpitdb….
>> Only when that is true will we send the owned message.
>
> Hmm, I was thinking that we add a flag explicitly for the "owner"
> protocol addition.
>
> Once we have feature negotiation, I think we should not ignore unknown
> messages anymore. It is better to know whether or not your peer will
> understand a specific message and adapt to it.
The entire protocol is based around ignoring stuff it doesn't know
about. This starts with fields in JSON open messages ... new control
messages and so on.
For stuff that is defined, the behavior is usually strictly defined, but
unknown stuff is ignored.
Hence the need for a 'caps' or 'capabilities' field so that the caller
can enforce that the callee understands some new aspect of a payload or
protocol.
> For the "owner" message, this doesn't make a big difference, but for
> other protocol additions, the bridge or the JS might want to choose
> between alternatives based on the capabilities of the peer.
Right exactly. This case seems not to require that the callee
understands about it.
It seems to me that this is primarily a bug fix, first and foremost. The
cockpit.js code should not have thrown a fit when it got an unknown message.
>> 2) Add a capabilities property to cockpitchannel and close the channel
>> if there is no match in cockpit_channel_real_prepare
>
> Do we need to have generic logic for detecting incompatibilities once we
> have feature/capabilities exchange? In fact, the point is to avoid
> incompatibilities, and there should ideally never be a reason to close a
> channel, no?
Not sure I understand. It's the same mechanism.
> So, without actually digging into it and verifying the feasibility, what
> about this:
>
> - DBusClient adds { notify_owner: true } to the open command and
> understands "owner" messages. It still aborts on unknown messages.
>
> - The bridge only sends "owner" messages when "notify_owner" is true.
>
> This ought to fix the immediate problem, no? (Old bridges will ignore
> "notify_owner", and old clients wont set it.)
Right, that's what Peter was talking about earlier. Although he was
suggesting we fix at a lower level. Fixing the dbus-json3 protocol to
have better behavior about ignoring unknown messages.
> With this in place, we can design a more general solution more
> carefully. It would require two way feature exchange, I think, and we
> probably want to do it in a generic way for all payloads.
That's exactly what the "caps" stuff is.
> Features would be static and per payload for a given bridge executable
> and a given cockpit.js file.
>
> For example, the bridge might announce "can-notify-owner" for the
> dbus-json3 payload so that the client knows whether it will actually get
> the notifications or not. (And the client announces "want-notify-owner"
> to tell the bridge to actually send them.)
>
> What about inventing a new payload type just for feature exchange? Old
> bridges without features will reject that payload, which we can
> interpret that as "no features".
I think that's exactly what the "caps" stuff is. Except for to keep it
simple, it's just one way. The caller tells the callee what it requires
... and the callee closes the channel if it doesn't understand one of
the requirements.
We don't need to get more complicated than that, as we already have
optional/ignored fields in open messages that can be used in cases where
the feature is requested but not required.
Stef
================
#cockpit Meeting
================
Meeting started by andreasn at 13:04:52 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/cockpit/2015-06-15/cockpit.2015-06-15-13.0…
.
Meeting summary
---------------
* agenda (andreasn, 13:06:42)
* New Patternfly 1.3.0 (andreasn, 13:09:37)
* Fedora version for main development enviorment (andreasn, 13:11:13)
* LINK:
https://github.com/cockpit-project/cockpit/pull/2427#issuecomment-112048154
(mvollmer, 13:13:50)
* test images, the next steps (andreasn, 13:22:01)
* GSoC (andreasn, 13:52:51)
* LINK: https://github.com/Shad0wCrux/cockpit (Shad0w_Crux,
14:01:37)
Meeting ended at 14:04:37 UTC.
Action Items
------------
Action Items, by person
-----------------------
* **UNASSIGNED**
* (none)
People Present (lines said)
---------------------------
* mvollmer (73)
* andreasn (37)
* petervo (30)
* sgallagh (24)
* Shad0w_Crux (7)
* zodbot (2)
* github (1)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot