24 lines
521 B
Plaintext
24 lines
521 B
Plaintext
|
|
module clamav-unixchkpwd 1.0;
|
|
|
|
require {
|
|
type chkpwd_t;
|
|
type user_devpts_t;
|
|
type antivirus_t;
|
|
type shadow_t;
|
|
type init_t;
|
|
class chr_file { read write };
|
|
class file { getattr open read };
|
|
class process siginh;
|
|
}
|
|
|
|
#============= antivirus_t ==============
|
|
allow antivirus_t shadow_t:file { open read };
|
|
allow antivirus_t shadow_t:file getattr;
|
|
|
|
#============= chkpwd_t ==============
|
|
allow chkpwd_t user_devpts_t:chr_file { read write };
|
|
|
|
#============= init_t ==============
|
|
allow init_t chkpwd_t:process siginh;
|