Issue: With SELinux confined users configured, staff_u users are unable to obtain administrative access in the Cockpit portal. With SELinux in enforcing mode, user is able to login to the Cockpit console. However, when trying to obtain privileged access by clicking the "Turn on administrative access" button, the popup error displays:
~~~
"Problem becoming administrator. Sudo: no password was provided sudo: a password is required."
~~~

The wheel group is mapped to staff_u confined user:
~~~
$ sudo semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

%wheel               staff_u              s0                   *
_default_          user_u               s0                   *
root                 unconfined_u         s0-s0:c0.c1023       *
~~~

The sudo is configured to execute under sysadm_t and sysadm_r, as recommended in KB 4155461:
~~~
$ sudo grep '^%wheel' /etc/sudoers
%wheel  ALL=(ALL)       TYPE=sysadm_t   ROLE=sysadm_r   ALL
~~~

User has admin access:
~~~
$ groups
arevalo wheel

$ id -Z
staff_u:staff_r:staff_t:s0

$ sudo id -Z
staff_u:sysadm_r:sysadm_t:s0
~~~