Initial commit

Signed-off-by: Qin Bo <bqin@linx-info.com>

install_shell/shadow-cap.conf

@@ -0,0 +1,116 @@
+/usr/bin/chage
+{
+	cap_dac_read_search+ep
+	cap_sec_admin+ei
+}
+/usr/bin/chfn
+{
+	cap_dac_override,cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/bin/chsh
+{
+	cap_dac_override,cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/bin/gpasswd
+{
+	cap_sec_admin+ei
+}
+
+/usr/sbin/groupadd 
+{
+	cap_sec_admin+ei
+}
+
+/usr/sbin/groupdel 
+{
+	cap_sec_admin+ei
+}
+
+/bin/login 
+{
+	cap_chown,cap_fowner,cap_setgid,cap_setuid,cap_sys_resource,cap_setpcap+ep
+}
+
+/usr/bin/newgrp
+{
+	cap_setgid+ep
+	cap_sec_admin+ei
+}
+
+/bin/su 
+{
+	cap_setpcap,cap_setuid,cap_setgid,cap_sys_resource+ep
+}
+
+/usr/bin/passwd
+{
+	cap_dac_override,cap_chown,cap_fowner+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/useradd 
+{
+	cap_dac_override,cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/userdel 
+{
+	cap_dac_override,cap_chown,cap_fowner+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/groupmod
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/pwconv
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/pwunconv
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/grpconv
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/grpunconv
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/usermod
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+
+/usr/sbin/vipw
+{
+	cap_fowner,cap_chown+ep
+	cap_sec_admin+ei
+}
+/usr/bin/expiry
+{
+	cap_dac_read_search+ep
+}
+
+/usr/sbin/newusers 
+{
+	cap_chown,cap_fowner+ep
+}