Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Blank Page after adding another host with CIS-Level 1 benchmark policy #21308

Open
yokhoe opened this issue Nov 22, 2024 · 2 comments
Open

Blank Page after adding another host with CIS-Level 1 benchmark policy #21308

yokhoe opened this issue Nov 22, 2024 · 2 comments
Labels
bug question Further information is requested

Comments

@yokhoe
Copy link

yokhoe commented Nov 22, 2024

Explain what happens

  1. Cockpit :9090 can login and dashboard is accessible to manage the local machine.
  2. I add another host to manage it on this installation of cockpit.
  3. Upon logout and logging back in, it's showing a blank page.

Version of Cockpit

323.1-1.el9_5

Where is the problem in Cockpit?

Overview

Server operating system

Red Hat Enterprise Linux

Server operating system version

9.5

What browsers are you using?

Firefox, Chrome, Edge

System log

journalctl did not capture anything critical, even after my attempt of enabling the debug mode for cockpit

-- Boot 01bdf8a78272433e8e458e511f960fb6 --
Nov 22 10:31:55 private01.cvad.unt.edu systemd[1]: Starting Cockpit Web Service...
Nov 22 10:31:55 private01.cvad.unt.edu systemd[1]: Started Cockpit Web Service.

Content of /etc/systemd/system/[email protected]

[Unit]
Description=Cockpit Web Service https instance %I
Documentation=man:cockpit-ws(8)
BindsTo=cockpit.service

[Service]
Environment=G_MESSAGES_DEBUG=cockpit-ws,cockpit-bridge
Slice=system-cockpithttps.slice
ExecStart=/usr/libexec/cockpit-ws --for-tls-proxy --port=0
User=cockpit-wsinstance
Group=cockpit-wsinstance
cockpit.issue-20241122_112221-Meeting.Recording.mp4
@yokhoe yokhoe added the bug label Nov 22, 2024
@yokhoe
Copy link
Author

yokhoe commented Nov 25, 2024

I came to discover that this issue is caused by a custom build of RHEL 9(.5) with a CIS-Server Level 1 benchmark policy. I tested a RHEL 9.5 with no policy and it works. Unfortunately, I can't trace anything useful with the Cockpit debug logs.

@martinpitt
Copy link
Member

I don't know what a "CIS-Level 1 benchmark policy" is -- can you roughly describe what that is? I suppose https://www.cisecurity.org/cis-benchmarks but that is very abstract. A kernel change, a browser plugin, some security restrictions, etc?

In the video, what's the difference between the left and right browser? they seem roughly equivalent, and at least talk to the same host IPs/names, but the right one is called "ScreenConnect" - some kind of remote desktop?

I think the bug happens at 2:27, right? The journal spits out a lot of TLS errors, and one more when you login. That may just be browser dependant, but it's worth taking a look at the browser console (Ctrl+Shift+J) -- open it on the login page, then log in, and see what happens. Can you please copy the messages here?

@martinpitt martinpitt changed the title Blank Page after adding another host Blank Page after adding another host with CIS-Level 1 benchmark policy Nov 26, 2024
@martinpitt martinpitt added the question Further information is requested label Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants