forked from cockpit/cockpit
Adam Majer
30d7523ce5
This means by default root cannot login with password to cockpit (bsc#1216080) - Remove SELinux file context for /usr/bin/cockpit-bridge, this is already defined in the main selinux-policy package (bsc#1220385). Modified selinux_libdir.patch OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:cockpit/cockpit?expand=0&rev=165
11 lines
416 B
Plaintext
11 lines
416 B
Plaintext
#%PAM-1.0
|
|
auth substack common-auth
|
|
# List of users to deny access to Cockpit, by default root is included.
|
|
auth required pam_listfile.so item=user sense=deny file=/etc/cockpit/disallowed-users onerr=succeed
|
|
account required pam_nologin.so
|
|
account include common-account
|
|
password include common-password
|
|
session required pam_loginuid.so
|
|
session optional pam_keyinit.so force revoke
|
|
session include common-session
|