module ssh_password 1.0;

require {
     type sshd_t;
     type shadow_t;
     class file { read open };
}

#============= sshd_t ==============
allow sshd_t shadow_t:file { read open };