[SOLVED] Cockpit doesn't work

rowihei · August 5, 2020, 6:29pm

NethServer Version: 7.8.2003
Module: cockpit
I tried to restore a file from backup, but nethserver told me: " use new admin-console cockpit" or so.
But it is not possible to open cockpit-website at port 9090
I read many about this problem in this forum - but nothing solved my problem
Now that’s are the steps I’ve done:

there is NO service at port 9090 (?)

systemctl status cockpit
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Drop-In: /etc/systemd/system/cockpit.service.d
└─nethserver.conf
Active: inactive (dead)
Docs: man:cockpit-ws(8)
yum reinstall nethserver-cockpit cockpit cockpit-{bridge,storaged,system,ws}
systemctl restart cockpit*
systemctl status cockpit*
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Drop-In: /etc/systemd/system/cockpit.service.d
└─nethserver.conf
Active: active (running) since Wed 2020-08-05 20:23:38 CEST; 5s ago
Docs: man:cockpit-ws(8)
Process: 6678 ExecStartPre=/usr/sbin/remotectl certificate --ensure --user=root --group=cockpit-ws --selinux-type=etc_t (code=exited, status=0/SUCCESS)
Main PID: 6681 (cockpit-ws)
CGroup: /system.slice/cockpit.service
└─6681 /usr/libexec/cockpit-ws
Aug 05 20:23:38 msrv.eds.lan systemd[1]: Starting Cockpit Web Service…
Aug 05 20:23:38 msrv.eds.lan remotectl[6678]: /usr/bin/chcon: can’t apply partial context to unlabeled file ‘/etc/cockpit/w…er.cert’
Aug 05 20:23:38 msrv.eds.lan remotectl[6678]: remotectl: couldn’t change SELinux type context ‘etc_t’ for certificate: /etc…code 1
Aug 05 20:23:38 msrv.eds.lan systemd[1]: Started Cockpit Web Service.
Aug 05 20:23:38 msrv.eds.lan cockpit-ws[6681]: Using certificate: /etc/cockpit/ws-certs.d/99-nethserver.cert
Hint: Some lines were ellipsized, use -l to show in full.

After that the same as before - timeout … https://IP:9090

What is wrong ?
How can I find the reason ?
Thanks for good tips ---- or a tip to restore on console a file, deleted ago 13 days in nextcloud !

dnutan · August 5, 2020, 7:11pm

systemctl -l status cockpit.socket
config show cockpit.socket  # look for access and LimitAccess

Regarding Nextcloud, have you or the user checked if the file is in the nextcloud trashbin (deleted files)?

rowihei · August 6, 2020, 8:51am

Thank You, dnutan,
the system says:

systemctl -l status cockpit.socket
● cockpit.socket - Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
Active: active (listening) since Wed 2020-08-05 19:56:44 CEST; 14h ago
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)
Aug 05 19:56:44 msrv.eds.lan systemd[1]: Starting Cockpit Web Service Socket.
Aug 05 19:56:44 msrv.eds.lan systemd[1]: Listening on Cockpit Web Service Socket
config show cockpit.socket
cockpit.socket=configuration
HideUninstall=disabled
LimitAccess=172.20.20.0/24
Pins=
Shortcuts=
ShowHints=enabled
UserSettingsGrantAccess=disabled
UserSettingsPage=disabled
UserSettingsPageAlias=/user-settings
access=green,red
delegation=

It’s only possible to see cockpit-website from GREEN… I tested this yesterday in the evening per OpenVPN - a little bit long-winded …
What has to be changed in which configfile to allow RED too ?

mrmarkuz · August 6, 2020, 10:04am

It seems you only allowed your LAN to access cockpit over WAN (Red) in System/Settings:

Please delete the 172.20.20.0/24 network. This field is meant to allow specific IP addesses to access Wan (Red).

rowihei · August 6, 2020, 2:21pm

Thank you, mrmarkuz,
this was the solution
It was the first time I used cockpit in productive system … and that’s why I missed this settings.
The next problem - Backup-Restore only allow 500 files to restore at ones…
But this is another problem = another thread