commit: 52f264ecb4cfbf36d25a980096b09d10147e9e34
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Wed Dec 7 01:01:22 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 8 04:44:05 2016 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=52f264ec
modutils: Move lines.
policy/modules/system/modutils.te | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/policy/modules/system/modutils.te
b/policy/modules/system/modutils.te
index 87e71d9..8ebd5d1 100644
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@@ -8,6 +8,7 @@ policy_module(modutils, 1.16.1)
type kmod_t alias { insmod_t depmod_t update_modules_t };
type kmod_exec_t alias { insmod_exec_t depmod_exec_t update_modules_exec_t };
application_domain(kmod_t, kmod_exec_t)
+kernel_domtrans_to(kmod_t, kmod_exec_t)
mls_file_write_all_levels(kmod_t)
role system_r types kmod_t;
@@ -52,6 +53,7 @@ kernel_write_proc_files(kmod_t)
kernel_mount_debugfs(kmod_t)
kernel_mount_kvmfs(kmod_t)
kernel_read_debugfs(kmod_t)
+kernel_search_key(kmod_t)
# Rules for /proc/sys/kernel/tainted
kernel_read_kernel_sysctls(kmod_t)
kernel_rw_kernel_sysctl(kmod_t)
@@ -109,10 +111,6 @@ userdom_use_user_terminals(kmod_t)
userdom_dontaudit_search_user_home_dirs(kmod_t)
-kernel_domtrans_to(kmod_t, kmod_exec_t)
-
-kernel_search_key(kmod_t)
-
ifdef(`init_systemd',`
init_rw_stream_sockets(kmod_t)
