Edit file

File name : cockpit.service

Content :[Unit] Description=Cockpit Web Service Documentation=man:cockpit-ws(8) Requires=cockpit.socket Requires=cockpit-wsinstance-http.socket cockpit-wsinstance-https-factory.socket After=cockpit-wsinstance-http.socket cockpit-wsinstance-https-factory.socket [Service] RuntimeDirectory=cockpit/tls # systemd ≥ 241 sets this automatically Environment=RUNTIME_DIRECTORY=/run/cockpit/tls ExecStartPre=+/usr/libexec/cockpit-certificate-ensure --for-cockpit-tls ExecStart=/usr/libexec/cockpit-tls User=cockpit-ws Group=cockpit-ws NoNewPrivileges=true ProtectSystem=strict ProtectHome=true PrivateTmp=true PrivateDevices=true ProtectKernelTunables=true RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 MemoryDenyWriteExecute=true

Save