92bc3717 |
1 | # vim:syntax=apparmor |
2 | # Last Modified: Sat Jan 6 09:35:33 2007 |
3 | # ------------------------------------------------------------------ |
4 | # |
5 | # Copyright (C) 2006 Volker Kuhlmann |
6 | # |
7 | # This program is free software; you can redistribute it and/or |
8 | # modify it under the terms of version 2 of the GNU General Public |
9 | # License published by the Free Software Foundation. |
10 | # |
11 | # ------------------------------------------------------------------ |
12 | |
13 | #include <tunables/global> |
14 | |
15 | /usr/bin/passwd { |
16 | #include <abstractions/authentication> |
17 | #include <abstractions/base> |
18 | #include <abstractions/consoles> |
19 | #include <abstractions/nameservice> |
20 | |
21 | capability chown, |
22 | capability sys_resource, |
23 | |
24 | /etc/.pwd.lock w, |
25 | /etc/pwdutils/logging r, |
26 | /etc/shadow rwl, |
27 | /etc/shadow.old rwl, |
28 | /etc/shadow.tmp?????? rwl, |
29 | /usr/bin/passwd mr, |
30 | /usr/lib/pwdutils/lib*.so* mr, |
31 | /usr/lib64/pwdutils/lib*.so* mr, |
32 | /usr/share/cracklib/pw_dict.hwm r, |
33 | /usr/share/cracklib/pw_dict.pwd r, |
34 | /usr/share/cracklib/pw_dict.pwi r, |
35 | } |