| 1 | # vim:syntax=apparmor |
| 2 | # Last Modified: Sat Jan 6 09:35:33 2007 |
| 3 | # ------------------------------------------------------------------ |
| 4 | # |
| 5 | # Copyright (C) 2006 Volker Kuhlmann |
| 6 | # |
| 7 | # This program is free software; you can redistribute it and/or |
| 8 | # modify it under the terms of version 2 of the GNU General Public |
| 9 | # License published by the Free Software Foundation. |
| 10 | # |
| 11 | # ------------------------------------------------------------------ |
| 12 | |
| 13 | #include <tunables/global> |
| 14 | |
| 15 | /usr/bin/passwd { |
| 16 | #include <abstractions/authentication> |
| 17 | #include <abstractions/base> |
| 18 | #include <abstractions/consoles> |
| 19 | #include <abstractions/nameservice> |
| 20 | |
| 21 | capability chown, |
| 22 | capability sys_resource, |
| 23 | |
| 24 | /etc/.pwd.lock w, |
| 25 | /etc/pwdutils/logging r, |
| 26 | /etc/shadow rwl, |
| 27 | /etc/shadow.old rwl, |
| 28 | /etc/shadow.tmp?????? rwl, |
| 29 | /usr/bin/passwd mr, |
| 30 | /usr/lib/pwdutils/lib*.so* mr, |
| 31 | /usr/lib64/pwdutils/lib*.so* mr, |
| 32 | /usr/share/cracklib/pw_dict.hwm r, |
| 33 | /usr/share/cracklib/pw_dict.pwd r, |
| 34 | /usr/share/cracklib/pw_dict.pwi r, |
| 35 | } |