diff --git a/refpolicy/policy/modules/system/authlogin.if b/refpolicy/policy/modules/system/authlogin.if
index 01cfa5e..1e4154b 100644
--- a/refpolicy/policy/modules/system/authlogin.if
+++ b/refpolicy/policy/modules/system/authlogin.if
@@ -136,6 +136,20 @@ class udp_socket { create ioctl read getattr write setattr append bind getopt se
 
 #######################################
 #
+# authlogin_ignore_get_shadow_passwords_attributes(domain)
+#
+define(`authlogin_ignore_get_shadow_passwords_attributes',`
+requires_block_template(`$0'_depend)
+dontaudit $1 shadow_t:file getattr;
+')
+
+define(`authlogin_ignore_get_shadow_passwords_attributes_depend',`
+type shadow_t;
+class file getattr;
+')
+
+#######################################
+#
 # authlogin_read_shadow_passwords(domain)
 #
 define(`authlogin_read_shadow_passwords',`