cockpit-doc 164-1 / usr / share / doc / cockpit / guide / cockpit-ws.8.html

This file is indexed.

/usr/share/doc/cockpit/guide/cockpit-ws.8.html is in cockpit-doc 164-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>cockpit-ws</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="index.html" title="Cockpit Guide">
<link rel="up" href="cockpit-manual.html" title="Manual pages">
<link rel="prev" href="cockpit.conf.5.html" title="cockpit.conf">
<link rel="next" href="remotectl.8.html" title="remotectl">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
<td><a accesskey="p" href="cockpit.conf.5.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
<td><a accesskey="u" href="cockpit-manual.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
<th width="100%" align="center">Cockpit Guide</th>
<td><a accesskey="n" href="remotectl.8.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
</tr></table>
<div class="refentry">
<a name="cockpit-ws.8"></a><div class="titlepage"></div>
<div class="refnamediv"><table width="100%"><tr>
<td valign="top">
<h2><span class="refentrytitle">cockpit-ws</span></h2>
<p>cockpit-ws — Cockpit web service</p>
</td>
<td valign="top" align="right"></td>
</tr></table></div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">cockpit-ws</code>  [<code class="option">--help</code>] [<code class="option">--port</code> <em class="replaceable"><code>PORT</code></em>] [<code class="option">--no-tls</code>] [<code class="option">--local-ssh</code>] [<code class="option">--address</code> <em class="replaceable"><code>ADDRESS</code></em>]</p></div>
</div>
<div class="refsect1">
<a name="cockpit-ws-description"></a><h2>DESCRIPTION</h2>
<p>
      The <span class="command"><strong>cockpit-ws</strong></span> program is the web service
      component used for communication between the browser application
      and various configuration tools and services like
      <span class="citerefentry"><span class="refentrytitle">cockpit-bridge</span>(8)</span>.
    </p>
<p>
      Users or administrators should never need to start this program
      as it automatically started by
      <span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span>
      on bootup.
    </p>
</div>
<div class="refsect1">
<a name="cockpit-ws-transport"></a><h2>TRANSPORT SECURITY</h2>
<p>
      To specify the TLS certificate the web service should use, simply
      drop a file with the extension <code class="literal">.cert</code> in the
      <code class="filename">/etc/cockpit/ws-certs.d</code> directory. If there are
      multiple files in this directory, then the highest priority one
      is chosen after sorting.</p>
<p>The <code class="literal">.cert</code> file should contain at least two
      OpenSSL style PEM blocks. First one or more <code class="literal">BEGIN CERTIFICATE</code>
      blocks for the server certificate and intermediate certificate authorities
      and a last one containing a <code class="literal">BEGIN PRIVATE KEY</code> or similar.
      The key may not be encrypted.</p>
<p>If there is no TLS certificate, a self-signed certificate is
      automatically generated using <span class="command"><strong>openssl</strong></span> and stored in
      the <code class="filename">0-self-signed.cert</code> file. To check which certificate
      <span class="command"><strong>cockpit-ws</strong></span> will use run the following command.</p>
<pre class="programlisting">
$ sudo remotectl certificate
</pre>
<p>If using <code class="literal">certmonger</code> to manage certificates, following command can
      be used to automatically prepare concatenated <code class="literal">.cert</code> file:</p>
<pre class="programlisting">
CERT_FILE=/etc/pki/tls/certs/$(hostname).pem
KEY_FILE=/etc/pki/tls/private/$(hostname).key

getcert request -f ${CERT_FILE} -k ${KEY_FILE} -D $(hostname --fqdn) -C "sed -n w/etc/cockpit/ws-certs.d/50-from-certmonger.cert ${CERT_FILE} ${KEY_FILE}"
</pre>
</div>
<div class="refsect1">
<a name="cockpit-ws-timeout"></a><h2>TIMEOUT</h2>
<p>
      When started via
      <span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span>
      then <span class="command"><strong>cockpit-ws</strong></span> will exit after 90 seconds
      if nobody logs in, or after the last user is disconnected.
    </p>
</div>
<div class="refsect1">
<a name="cockpit-ws-options"></a><h2>OPTIONS</h2>
<div class="variablelist"><table border="0" class="variablelist">
<colgroup>
<col align="left" valign="top">
<col>
</colgroup>
<tbody>
<tr>
<td><p><span class="term"><code class="option">--help</code></span></p></td>
<td><p>
            Show help options.
          </p></td>
</tr>
<tr>
<td><p><span class="term"><code class="option">--local-ssh</code></span></p></td>
<td><p>
            Normally <span class="command"><strong>cockpit-ws</strong></span> uses
            <span class="command"><strong>cockpit-session</strong></span> and PAM to authenticate the user and start a
            user session. With this option enabled, it will instead authenticate via SSH at
            <code class="literal">127.0.0.1</code> port <code class="literal">22</code>.
          </p></td>
</tr>
<tr>
<td><p><span class="term"><code class="option">--port</code> <em class="replaceable"><code>PORT</code></em></span></p></td>
<td><p>
            Serve HTTP requests <em class="replaceable"><code>PORT</code></em> instead of port 9090.
            Usually Cockpit is started on demand by <span class="command"><strong>systemd</strong></span> socket
            activation, and this option has no effect. Update the
            <code class="literal">ListenStream</code> directive <code class="filename">cockpit.socket</code>
            file in the usual <span class="command"><strong>systemd</strong></span> manner.
          </p></td>
</tr>
<tr>
<td><p><span class="term"><code class="option">--address</code> <em class="replaceable"><code>ADDRESS</code></em></span></p></td>
<td><p>
            Bind to address <em class="replaceable"><code>ADDRESS</code></em> instead of binding to
            all available addresses. Usually Cockpit is started on demand by
            <span class="command"><strong>systemd</strong></span> socket activation, and this option has no effect.
            In that case, update the <code class="literal">ListenStream</code> directive in the
            <code class="filename">cockpit.socket</code> file in the usual <span class="command"><strong>systemd</strong></span> manner.
          </p></td>
</tr>
<tr>
<td><p><span class="term"><code class="option">--no-tls</code></span></p></td>
<td><p>
            Don't use TLS.
          </p></td>
</tr>
</tbody>
</table></div>
</div>
<div class="refsect1">
<a name="cockpit-ws-environment"></a><h2>ENVIRONMENT</h2>
<p>
      The <span class="command"><strong>cockpit-ws</strong></span> process will use the <code class="literal">XDG_CONFIG_DIRS</code>
      environment variable from the
      <a class="ulink" href="https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html" target="_top">XDG
        basedir spec</a> to find its
      <span class="citerefentry"><span class="refentrytitle">cockpit.conf</span>(5)</span>
      configuration file.
    </p>
<p>
      In addition the <code class="literal">XDG_DATA_DIRS</code> environment variable from the
      <a class="ulink" href="https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html" target="_top">XDG
        basedir spec</a>
      can be used to override the location to serve static files from. These are the files that
      are served to a non-logged in user.
    </p>
</div>
<div class="refsect1">
<a name="cockpit-ws-bugs"></a><h2>BUGS</h2>
<p>
      Please send bug reports to either the distribution bug tracker or the
      <a class="ulink" href="https://github.com/cockpit-project/cockpit/issues/new" target="_top">upstream bug tracker</a>.
    </p>
</div>
<div class="refsect1">
<a name="cockpit-ws-author"></a><h2>AUTHOR</h2>
<p>Cockpit has been written by many
      <a class="ulink" href="https://github.com/cockpit-project/cockpit/" target="_top">contributors</a>.</p>
</div>
<div class="refsect1">
<a name="cockpit-ws-also"></a><h2>SEE ALSO</h2>
<p>
      <span class="citerefentry"><span class="refentrytitle">cockpit.conf</span>(5)</span>
      ,
      <span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span>
    </p>
</div>
</div>
<div class="footer"><hr></div>
</body>
</html>

APT Browse - Built by Thomas Orozco.