- cockpit.pam: respect /etc/cockpit/disallowed-users

This means by default root cannot login with password to cockpit
  (bsc#1216080)

- Remove SELinux file context for /usr/bin/cockpit-bridge, this
  is already defined in the main selinux-policy package (bsc#1220385).
  Modified selinux_libdir.patch

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=165

cockpit.changes

@@ -1,8 +1,16 @@
+-------------------------------------------------------------------
+Mon Mar  4 13:24:23 UTC 2024 - Adam Majer <adam.majer@suse.de>
+
+- cockpit.pam: respect /etc/cockpit/disallowed-users
+  This means by default root cannot login with password to cockpit
+  (bsc#1216080)
+
 -------------------------------------------------------------------
 Thu Feb 29 16:40:06 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
 
 - Remove SELinux file context for /usr/bin/cockpit-bridge, this
   is already defined in the main selinux-policy package (bsc#1220385).
+  Modified selinux_libdir.patch
 
 -------------------------------------------------------------------
 Thu Feb 15 12:21:55 UTC 2024 - Adam Majer <adam.majer@suse.de>

cockpit.pam

@@ -1,5 +1,7 @@
 #%PAM-1.0
 auth substack common-auth
+# List of users to deny access to Cockpit, by default root is included.
+auth    required pam_listfile.so item=user sense=deny file=/etc/cockpit/disallowed-users onerr=succeed
 account required pam_nologin.so
 account include common-account
 password include common-password