[20260709]centos 9登录提示信息.txt
[20260709]centos 9登录提示信息.txt
--//安装centos 9,使用kitty(putty变体)从windows登录linux服务器,总是出现如下内容:
Using username "root".
root@192.168.56.103's password:
Send automatic password
Activate the web console with: systemctl enable --now cockpit.socket
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Last login: Fri Jul 3 17:19:54 2026 from 192.168.56.1
--//启动该服务是web console管理,而且控制台要显示相关信息。启动它可以使用浏览器管理服务器,比较好用的功能查看关闭各种服务。
# systemctl enable --now cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.
--//使用它很容易选择关闭不需要的服务以及有问题的服务,但是有一点点小瑕疵,就是每次登录以及ssh登录出现如下提示信息:
Using username "root".
root@192.168.56.103's password:
Send automatic password
Web console: https://centos9.com:9090/
Last login: Thu Jul 9 15:27:33 2026 from 192.168.56.1
--//这样暴露服务器以及端口号,想知道这个提示是从那里来的,如何可以关闭它。最近一段时间学习bpftrace,利用自带工具探究看看。
1.ssh登录信息问题:
# /usr/share/bpftrace/tools/opensnoop.bt | grep sshd | tee /tmp/sshd.txt
--//然后使用kityy登录服务器。
.....
--//打开sshd.txt 知道登录通过sshd打开那些文件。
# grep cockpit /tmp/sshd.txt
3039 sshd-session 5 0 /etc/motd.d/cockpit
# ll /etc/motd.d/cockpit
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
--//很明显ssh登录过程打开/etc/motd.d/cockpit文件。而且该文件还是软连接指向了../../run/cockpit/issue。
# cat /etc/motd.d/cockpit
Web console: https://centos9.com:9090/
--//正好与ssh登录的信息对上。
# grep motd /tmp/sshd.txt
3039 sshd-session 9 0 /usr/lib64/security/pam_motd.so
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3039 sshd-session 5 0 /etc/motd
3039 sshd-session 5 0 /etc/motd.d
3039 sshd-session 5 0 /run/motd.d
3039 sshd-session 5 0 /usr/lib/motd.d
3039 sshd-session 5 0 /etc/motd.d/cockpit
--//可以发现应该ssh登录通过/usr/lib64/security/pam_motd.so模块控制是否显示motd相关信息。
# grep pam /tmp/sshd.txt | head -2
3039 sshd-session 6 0 /lib64/libpam.so.0
3039 sshd-session 6 0 /etc/pam.d/sshd
# grep pam_motd.so /etc/pam.d/sshd
session optional pam_motd.so
--//很明显有几种方法关闭信息来源,
--//1.删除/etc/motd.d/cockpit文件.注如果清空该文件,重新启动服务器会再次回来.
--//2.修改/etc/pam.d/sshd,注解session optional pam_motd.so该行。
--//我选择第2方案,测试通过。
2.控制台登录信息问题:
--//就在以为解决该问题时,发现控制台上还会显示相关信息。
Web console: https://centos9.com:9090/
# ps -ef | grep tt[y]
root 3376 1 0 15:51 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
--//很明显控制台启动执行的agetty,centos 9比以前版本进步不少,没有缺省启动6个控制界面,一般服务器通过按ctrl+FN (n=1-6)切
--//换,确实仅仅启动一个.
--//跟踪agetty进程打开的文件,虚拟机器按ctrl+alt+Fn。简单一点就是在控制台登录再退出也可以获得执行agetty打开那些文件。
# /usr/share/bpftrace/tools/opensnoop.bt | grep agetty
Attached 8 probes
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 4 0 /sys/module/vt/parameters/default_utf8
3604 (agetty) 3 0 /dev/tty0
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 3 0 /sys/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs
3604 (agetty) 4 0 /dev/tty3
3604 (agetty) 3 0 /var/run/utmp
3604 (agetty) 4 0 /var/run/utmp
3604 (agetty) 3 0 /var/log/wtmp
3604 (agetty) 3 0 /sbin/agetty
3604 agetty 3 0 /etc/ld.so.cache
3604 agetty 3 0 /lib64/libc.so.6
3604 agetty 3 0 /var/run/utmp
3604 agetty 4 0 /var/run/utmp
3604 agetty 3 0 /var/log/wtmp
3604 agetty 3 0 /usr/lib/locale/locale-archive
3604 agetty 3 0 /usr/share/locale/locale.alias
3604 agetty -1 2 /usr/lib/locale/C.UTF-8/LC_CTYPE
3604 agetty 3 0 /usr/lib/locale/C.utf8/LC_CTYPE
3604 agetty 3 0 /usr/lib64/gconv/gconv-modules.cache
3604 agetty 3 0 /etc/issue
3604 agetty 4 0 /etc/os-release
3604 agetty 3 0 /etc/issue.d
3604 agetty 4 0 .
3604 agetty 4 0 cockpit.issue
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3604 agetty 3 0 /run/agetty.reload
--//注意看下划线,很明显对应就是该文件。
# ps -ef | grep tt[y]
root 3376 1 0 15:51 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
root 3543 1 0 15:59 tty2 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
root 3849 1 0 16:10 tty3 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
--//测试过程启动打开了3个控制台。
# locate cockpit.issue
/etc/issue.d/cockpit.issue
# cat /etc/issue.d/cockpit.issue
Web console: https://centos9.com:9090/
# ls -l /etc/issue.d/cockpit.issue /etc/motd.d/cockpit
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:19 /etc/issue.d/cockpit.issue -> ../../run/cockpit/issue
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
--//显示的信息也对上,也是一个软链接文件。指向../../run/cockpit/issue,与/etc/motd.d/cockpit的指向一致。
--//要想控制台不显示相关信息,删除/etc/issue.d/cockpit.issue文件。
# rm /etc/issue.d/cockpit.issue
rm: remove symbolic link '/etc/issue.d/cockpit.issue'? y
--//再次在控制台登录再退出。
# /usr/share/bpftrace/tools/opensnoop.bt | grep agetty
Attached 8 probes
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 4 0 /sys/module/vt/parameters/default_utf8
3849 (agetty) 3 0 /dev/tty0
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 3 0 /sys/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs
3849 (agetty) 4 0 /dev/tty3
3849 (agetty) 3 0 /var/run/utmp
3849 (agetty) 4 0 /var/run/utmp
3849 (agetty) 3 0 /var/log/wtmp
3849 (agetty) 3 0 /sbin/agetty
3849 agetty 3 0 /etc/ld.so.cache
3849 agetty 3 0 /lib64/libc.so.6
3849 agetty 3 0 /var/run/utmp
3849 agetty 4 0 /var/run/utmp
3849 agetty 3 0 /var/log/wtmp
3849 agetty 3 0 /usr/lib/locale/locale-archive
3849 agetty 3 0 /usr/share/locale/locale.alias
3849 agetty -1 2 /usr/lib/locale/C.UTF-8/LC_CTYPE
3849 agetty 3 0 /usr/lib/locale/C.utf8/LC_CTYPE
3849 agetty 3 0 /usr/lib64/gconv/gconv-modules.cache
3849 agetty 3 0 /etc/issue
3849 agetty 4 0 /etc/os-release
3849 agetty 3 0 /etc/issue.d
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3849 agetty 4 0 .
3849 agetty 3 0 /run/agetty.reload
--//虽然访问/etc/issue.d目录,但是该目录没有文件存在。
# cat /etc/issue
\S
Kernel \r on an \m
--//该文件也是控制台显示的信息。里面\r \m 表示内核版本和arch信息。
3.验证看看以及一些补充:
--//重启服务器,看看是否ssh登录以及控制台是否还出现相关信息,验证通过,过程略。
# rpm -qa | grep cockpit
cockpit-bridge-359-1.el9.noarch
cockpit-ws-selinux-359-1.el9.x86_64
cockpit-ws-359-1.el9.x86_64
cockpit-packagekit-359-1.el9.noarch
cockpit-system-359-1.el9.noarch
cockpit-storaged-359-1.el9.noarch
cockpit-podman-124-1.el9.noarch
cockpit-359-1.el9.x86_64
--//很明显cockpit包含一系列rpm包。
--//查看/etc/issue.d/cockpit.issue文件对应的rpm包的安装执行脚本.rpm 加入-i选项可以知道对应cockpit-ws包。
# rpm -qf /etc/issue.d/cockpit.issue --scripts
postinstall scriptlet (using /bin/sh):
# set up dynamic motd/issue symlinks on first-time install; don't bring them back on upgrades if admin removed them
# disable root login on first-time install; so existing installations aren't changed
if [ "$1" = 1 ]; then
mkdir -p /etc/motd.d /etc/issue.d
ln -s ../../run/cockpit/issue /etc/motd.d/cockpit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ln -s ../../run/cockpit/issue /etc/issue.d/cockpit.issue
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
printf "# List of users which are not allowed to login to Cockpit\n" > /etc/cockpit/disallowed-users
printf "root\n" >> /etc/cockpit/disallowed-users
chmod 644 /etc/cockpit/disallowed-users
fi
# on upgrades, adjust motd/issue links to changed target if they still exist (changed in 331)
if [ "$1" = 2 ]; then
if [ "$(readlink /etc/motd.d/cockpit 2>/dev/null)" = "../../run/cockpit/motd" ]; then
ln -sfn ../../run/cockpit/issue /etc/motd.d/cockpit
fi
if [ "$(readlink /etc/issue.d/cockpit.issue 2>/dev/null)" = "../../run/cockpit/motd" ]; then
ln -sfn ../../run/cockpit/issue /etc/issue.d/cockpit.issue
fi
fi
command -v systemd-tmpfiles >/dev/null && systemd-tmpfiles --create cockpit-ws.conf || :
if [ $1 -eq 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Initial installation
/usr/lib/systemd/systemd-update-helper install-system-units cockpit.socket cockpit.service || :
fi
# firewalld only partially picks up changes to its services files without this
test -f /usr/bin/firewall-cmd && firewall-cmd --reload --quiet || true
# remove obsolete system user on upgrade (replaced with DynamicUser in version 330)
if getent passwd cockpit-wsinstance >/dev/null; then
userdel cockpit-wsinstance
fi
preuninstall scriptlet (using /bin/sh):
if [ $1 -eq 0 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Package removal, not upgrade
/usr/lib/systemd/systemd-update-helper remove-system-units cockpit.socket cockpit.service || :
fi
postuninstall scriptlet (using /bin/sh):
if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Package upgrade, not uninstall
/usr/lib/systemd/systemd-update-helper mark-restart-system-units cockpit.socket cockpit.service || :
fi
--//在安装cockpit-ws rpm包时建立链接:
ln -s ../../run/cockpit/issue /etc/motd.d/cockpit
ln -s ../../run/cockpit/issue /etc/issue.d/cockpit.issue
--//再来看看/run安装点。
# df /run
Filesystem Size Used Avail Use% Mounted on
tmpfs 1.6G 8.9M 1.5G 1% /run
--//实际上run安装的文件类型tmpfs,就是安装在内存上的文件系统,不必担心占用大小。
# ls -l /run/cockpit/
total 8
-rw-r-----. 1 root wheel 40 2026-07-09 16:16:45 active.issue
-rw-r-----. 1 root wheel 70 2026-03-26 21:32:17 inactive.issue
lrwxrwxrwx. 1 root root 12 2026-07-09 16:16:40 issue -> active.issue
--//启动激活cockpit服务时issue文件指向active.issue,如果不激活指向inactive.issue。
# cat /run/cockpit/inactive.issue
Activate the web console with: systemctl enable --now cockpit.socket
--//仔细看inactive.issue的时间戳指向2026-03-26 21:32:17,怎么建立的文件不是当前日期。
# locate inactive.issue
/usr/share/cockpit/issue/inactive.issue
# ll /usr/share/cockpit/issue/
total 8
-rw-r--r--. 1 root root 70 2026-03-26 21:32:17 inactive.issue
-rwxr-xr-x. 1 root root 883 2026-03-26 21:32:17 update-issue
--//很明显/run文件系统上的文件从/usr/share/cockpit/issue/inactive.issue拷贝过来的,时间戳可以对上。
--//至于那些文件在启动时拷贝到/run目录,给认真分析服务器启动过程,放弃该问题探究。
--//说句真心话,到现在我还是不熟悉systemctl的管理风格,更加不熟悉在上面建立服务。
4.收尾:
--//虚拟机器内存太小,还是关闭该服务。
# systemctl disable --now cockpit.socket
Removed "/etc/systemd/system/sockets.target.wants/cockpit.socket".
--//这里的--now有同时关于服务的功能,相当于disable + stop 。
# man systemctl
...
--now
When used with enable, the units will also be started. When used with disable or mask, the units will also be
stopped. The start or stop operation is only carried out when the respective enable or disable operation has been
successful.
# ls -l /run/cockpit/
total 8
-rw-r-----. 1 root wheel 40 2026-07-09 16:16:45 active.issue
-rw-r-----. 1 root wheel 70 2026-03-26 21:32:17 inactive.issue
lrwxrwxrwx. 1 root root 14 2026-07-09 16:36:31 issue -> inactive.issue
--//issue文件指向inactive.issue。
# ls -l /etc/issue.d/cockpit.issue /etc/motd.d/cockpit
ls: cannot access '/etc/issue.d/cockpit.issue': No such file or directory
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
--//安装centos 9,使用kitty(putty变体)从windows登录linux服务器,总是出现如下内容:
Using username "root".
root@192.168.56.103's password:
Send automatic password
Activate the web console with: systemctl enable --now cockpit.socket
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Last login: Fri Jul 3 17:19:54 2026 from 192.168.56.1
--//启动该服务是web console管理,而且控制台要显示相关信息。启动它可以使用浏览器管理服务器,比较好用的功能查看关闭各种服务。
# systemctl enable --now cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.
--//使用它很容易选择关闭不需要的服务以及有问题的服务,但是有一点点小瑕疵,就是每次登录以及ssh登录出现如下提示信息:
Using username "root".
root@192.168.56.103's password:
Send automatic password
Web console: https://centos9.com:9090/
Last login: Thu Jul 9 15:27:33 2026 from 192.168.56.1
--//这样暴露服务器以及端口号,想知道这个提示是从那里来的,如何可以关闭它。最近一段时间学习bpftrace,利用自带工具探究看看。
1.ssh登录信息问题:
# /usr/share/bpftrace/tools/opensnoop.bt | grep sshd | tee /tmp/sshd.txt
--//然后使用kityy登录服务器。
.....
--//打开sshd.txt 知道登录通过sshd打开那些文件。
# grep cockpit /tmp/sshd.txt
3039 sshd-session 5 0 /etc/motd.d/cockpit
# ll /etc/motd.d/cockpit
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
--//很明显ssh登录过程打开/etc/motd.d/cockpit文件。而且该文件还是软连接指向了../../run/cockpit/issue。
# cat /etc/motd.d/cockpit
Web console: https://centos9.com:9090/
--//正好与ssh登录的信息对上。
# grep motd /tmp/sshd.txt
3039 sshd-session 9 0 /usr/lib64/security/pam_motd.so
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3039 sshd-session 5 0 /etc/motd
3039 sshd-session 5 0 /etc/motd.d
3039 sshd-session 5 0 /run/motd.d
3039 sshd-session 5 0 /usr/lib/motd.d
3039 sshd-session 5 0 /etc/motd.d/cockpit
--//可以发现应该ssh登录通过/usr/lib64/security/pam_motd.so模块控制是否显示motd相关信息。
# grep pam /tmp/sshd.txt | head -2
3039 sshd-session 6 0 /lib64/libpam.so.0
3039 sshd-session 6 0 /etc/pam.d/sshd
# grep pam_motd.so /etc/pam.d/sshd
session optional pam_motd.so
--//很明显有几种方法关闭信息来源,
--//1.删除/etc/motd.d/cockpit文件.注如果清空该文件,重新启动服务器会再次回来.
--//2.修改/etc/pam.d/sshd,注解session optional pam_motd.so该行。
--//我选择第2方案,测试通过。
2.控制台登录信息问题:
--//就在以为解决该问题时,发现控制台上还会显示相关信息。
Web console: https://centos9.com:9090/
# ps -ef | grep tt[y]
root 3376 1 0 15:51 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
--//很明显控制台启动执行的agetty,centos 9比以前版本进步不少,没有缺省启动6个控制界面,一般服务器通过按ctrl+FN (n=1-6)切
--//换,确实仅仅启动一个.
--//跟踪agetty进程打开的文件,虚拟机器按ctrl+alt+Fn。简单一点就是在控制台登录再退出也可以获得执行agetty打开那些文件。
# /usr/share/bpftrace/tools/opensnoop.bt | grep agetty
Attached 8 probes
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 4 0 /sys/module/vt/parameters/default_utf8
3604 (agetty) 3 0 /dev/tty0
3604 (agetty) 3 0 /dev/tty3
3604 (agetty) 3 0 /sys/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs
3604 (agetty) 4 0 /dev/tty3
3604 (agetty) 3 0 /var/run/utmp
3604 (agetty) 4 0 /var/run/utmp
3604 (agetty) 3 0 /var/log/wtmp
3604 (agetty) 3 0 /sbin/agetty
3604 agetty 3 0 /etc/ld.so.cache
3604 agetty 3 0 /lib64/libc.so.6
3604 agetty 3 0 /var/run/utmp
3604 agetty 4 0 /var/run/utmp
3604 agetty 3 0 /var/log/wtmp
3604 agetty 3 0 /usr/lib/locale/locale-archive
3604 agetty 3 0 /usr/share/locale/locale.alias
3604 agetty -1 2 /usr/lib/locale/C.UTF-8/LC_CTYPE
3604 agetty 3 0 /usr/lib/locale/C.utf8/LC_CTYPE
3604 agetty 3 0 /usr/lib64/gconv/gconv-modules.cache
3604 agetty 3 0 /etc/issue
3604 agetty 4 0 /etc/os-release
3604 agetty 3 0 /etc/issue.d
3604 agetty 4 0 .
3604 agetty 4 0 cockpit.issue
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3604 agetty 3 0 /run/agetty.reload
--//注意看下划线,很明显对应就是该文件。
# ps -ef | grep tt[y]
root 3376 1 0 15:51 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
root 3543 1 0 15:59 tty2 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
root 3849 1 0 16:10 tty3 00:00:00 /sbin/agetty -o -p -- \u --noclear - linux
--//测试过程启动打开了3个控制台。
# locate cockpit.issue
/etc/issue.d/cockpit.issue
# cat /etc/issue.d/cockpit.issue
Web console: https://centos9.com:9090/
# ls -l /etc/issue.d/cockpit.issue /etc/motd.d/cockpit
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:19 /etc/issue.d/cockpit.issue -> ../../run/cockpit/issue
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
--//显示的信息也对上,也是一个软链接文件。指向../../run/cockpit/issue,与/etc/motd.d/cockpit的指向一致。
--//要想控制台不显示相关信息,删除/etc/issue.d/cockpit.issue文件。
# rm /etc/issue.d/cockpit.issue
rm: remove symbolic link '/etc/issue.d/cockpit.issue'? y
--//再次在控制台登录再退出。
# /usr/share/bpftrace/tools/opensnoop.bt | grep agetty
Attached 8 probes
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 4 0 /sys/module/vt/parameters/default_utf8
3849 (agetty) 3 0 /dev/tty0
3849 (agetty) 3 0 /dev/tty3
3849 (agetty) 3 0 /sys/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs
3849 (agetty) 4 0 /dev/tty3
3849 (agetty) 3 0 /var/run/utmp
3849 (agetty) 4 0 /var/run/utmp
3849 (agetty) 3 0 /var/log/wtmp
3849 (agetty) 3 0 /sbin/agetty
3849 agetty 3 0 /etc/ld.so.cache
3849 agetty 3 0 /lib64/libc.so.6
3849 agetty 3 0 /var/run/utmp
3849 agetty 4 0 /var/run/utmp
3849 agetty 3 0 /var/log/wtmp
3849 agetty 3 0 /usr/lib/locale/locale-archive
3849 agetty 3 0 /usr/share/locale/locale.alias
3849 agetty -1 2 /usr/lib/locale/C.UTF-8/LC_CTYPE
3849 agetty 3 0 /usr/lib/locale/C.utf8/LC_CTYPE
3849 agetty 3 0 /usr/lib64/gconv/gconv-modules.cache
3849 agetty 3 0 /etc/issue
3849 agetty 4 0 /etc/os-release
3849 agetty 3 0 /etc/issue.d
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3849 agetty 4 0 .
3849 agetty 3 0 /run/agetty.reload
--//虽然访问/etc/issue.d目录,但是该目录没有文件存在。
# cat /etc/issue
\S
Kernel \r on an \m
--//该文件也是控制台显示的信息。里面\r \m 表示内核版本和arch信息。
3.验证看看以及一些补充:
--//重启服务器,看看是否ssh登录以及控制台是否还出现相关信息,验证通过,过程略。
# rpm -qa | grep cockpit
cockpit-bridge-359-1.el9.noarch
cockpit-ws-selinux-359-1.el9.x86_64
cockpit-ws-359-1.el9.x86_64
cockpit-packagekit-359-1.el9.noarch
cockpit-system-359-1.el9.noarch
cockpit-storaged-359-1.el9.noarch
cockpit-podman-124-1.el9.noarch
cockpit-359-1.el9.x86_64
--//很明显cockpit包含一系列rpm包。
--//查看/etc/issue.d/cockpit.issue文件对应的rpm包的安装执行脚本.rpm 加入-i选项可以知道对应cockpit-ws包。
# rpm -qf /etc/issue.d/cockpit.issue --scripts
postinstall scriptlet (using /bin/sh):
# set up dynamic motd/issue symlinks on first-time install; don't bring them back on upgrades if admin removed them
# disable root login on first-time install; so existing installations aren't changed
if [ "$1" = 1 ]; then
mkdir -p /etc/motd.d /etc/issue.d
ln -s ../../run/cockpit/issue /etc/motd.d/cockpit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ln -s ../../run/cockpit/issue /etc/issue.d/cockpit.issue
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
printf "# List of users which are not allowed to login to Cockpit\n" > /etc/cockpit/disallowed-users
printf "root\n" >> /etc/cockpit/disallowed-users
chmod 644 /etc/cockpit/disallowed-users
fi
# on upgrades, adjust motd/issue links to changed target if they still exist (changed in 331)
if [ "$1" = 2 ]; then
if [ "$(readlink /etc/motd.d/cockpit 2>/dev/null)" = "../../run/cockpit/motd" ]; then
ln -sfn ../../run/cockpit/issue /etc/motd.d/cockpit
fi
if [ "$(readlink /etc/issue.d/cockpit.issue 2>/dev/null)" = "../../run/cockpit/motd" ]; then
ln -sfn ../../run/cockpit/issue /etc/issue.d/cockpit.issue
fi
fi
command -v systemd-tmpfiles >/dev/null && systemd-tmpfiles --create cockpit-ws.conf || :
if [ $1 -eq 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Initial installation
/usr/lib/systemd/systemd-update-helper install-system-units cockpit.socket cockpit.service || :
fi
# firewalld only partially picks up changes to its services files without this
test -f /usr/bin/firewall-cmd && firewall-cmd --reload --quiet || true
# remove obsolete system user on upgrade (replaced with DynamicUser in version 330)
if getent passwd cockpit-wsinstance >/dev/null; then
userdel cockpit-wsinstance
fi
preuninstall scriptlet (using /bin/sh):
if [ $1 -eq 0 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Package removal, not upgrade
/usr/lib/systemd/systemd-update-helper remove-system-units cockpit.socket cockpit.service || :
fi
postuninstall scriptlet (using /bin/sh):
if [ $1 -ge 1 ] && [ -x "/usr/lib/systemd/systemd-update-helper" ]; then
# Package upgrade, not uninstall
/usr/lib/systemd/systemd-update-helper mark-restart-system-units cockpit.socket cockpit.service || :
fi
--//在安装cockpit-ws rpm包时建立链接:
ln -s ../../run/cockpit/issue /etc/motd.d/cockpit
ln -s ../../run/cockpit/issue /etc/issue.d/cockpit.issue
--//再来看看/run安装点。
# df /run
Filesystem Size Used Avail Use% Mounted on
tmpfs 1.6G 8.9M 1.5G 1% /run
--//实际上run安装的文件类型tmpfs,就是安装在内存上的文件系统,不必担心占用大小。
# ls -l /run/cockpit/
total 8
-rw-r-----. 1 root wheel 40 2026-07-09 16:16:45 active.issue
-rw-r-----. 1 root wheel 70 2026-03-26 21:32:17 inactive.issue
lrwxrwxrwx. 1 root root 12 2026-07-09 16:16:40 issue -> active.issue
--//启动激活cockpit服务时issue文件指向active.issue,如果不激活指向inactive.issue。
# cat /run/cockpit/inactive.issue
Activate the web console with: systemctl enable --now cockpit.socket
--//仔细看inactive.issue的时间戳指向2026-03-26 21:32:17,怎么建立的文件不是当前日期。
# locate inactive.issue
/usr/share/cockpit/issue/inactive.issue
# ll /usr/share/cockpit/issue/
total 8
-rw-r--r--. 1 root root 70 2026-03-26 21:32:17 inactive.issue
-rwxr-xr-x. 1 root root 883 2026-03-26 21:32:17 update-issue
--//很明显/run文件系统上的文件从/usr/share/cockpit/issue/inactive.issue拷贝过来的,时间戳可以对上。
--//至于那些文件在启动时拷贝到/run目录,给认真分析服务器启动过程,放弃该问题探究。
--//说句真心话,到现在我还是不熟悉systemctl的管理风格,更加不熟悉在上面建立服务。
4.收尾:
--//虚拟机器内存太小,还是关闭该服务。
# systemctl disable --now cockpit.socket
Removed "/etc/systemd/system/sockets.target.wants/cockpit.socket".
--//这里的--now有同时关于服务的功能,相当于disable + stop 。
# man systemctl
...
--now
When used with enable, the units will also be started. When used with disable or mask, the units will also be
stopped. The start or stop operation is only carried out when the respective enable or disable operation has been
successful.
# ls -l /run/cockpit/
total 8
-rw-r-----. 1 root wheel 40 2026-07-09 16:16:45 active.issue
-rw-r-----. 1 root wheel 70 2026-03-26 21:32:17 inactive.issue
lrwxrwxrwx. 1 root root 14 2026-07-09 16:36:31 issue -> inactive.issue
--//issue文件指向inactive.issue。
# ls -l /etc/issue.d/cockpit.issue /etc/motd.d/cockpit
ls: cannot access '/etc/issue.d/cockpit.issue': No such file or directory
lrwxrwxrwx. 1 root root 23 2026-07-09 10:00:08 /etc/motd.d/cockpit -> ../../run/cockpit/issue
浙公网安备 33010602011771号