move into bpfnoseclabelfs

author: John Turner <jturner.usa@gmail.com> 2025-08-12 15:06:13 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-12 15:06:13 -0400
commit: 1c2a744b479ab9abccac123580e0b7eef6282ee7 (patch)
tree: 3a4ce47d89c90cbc9f6f2809bba28cc413ac8972
parent: 122ff59ca75a7bddc41146ce815f1b3ada066d22 (diff)
download: selinux-policy-1c2a744b479ab9abccac123580e0b7eef6282ee7.tar.gz
2 files changed, 6 insertions, 8 deletions
diff --git a/src/fs/noseclabelfs/bpfnoseclabelfs.cil b/src/fs/noseclabelfs/bpfnoseclabelfs.cil
index d874ea5..6e855ff 100644
--- a/src/fs/noseclabelfs/bpfnoseclabelfs.cil
+++ b/src/fs/noseclabelfs/bpfnoseclabelfs.cil
@@ -3,6 +3,9 @@
 
 (block bpf
 
-  (genfscon "bpf" "/" fs_context)
-
-  (blockinherit .noseclabelfs.template))
+    (filecon "/sys/fs/bpf" dir ())
+    (filecon "/sys/fs/bpf/.*" any ())
+    
+    (genfscon "bpf" "/" fs_context)
+  
+    (blockinherit .noseclabelfs.template))
diff --git a/src/misc.cil b/src/misc.cil
index 5437318..7de0d50 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,11 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in bpf
-
-    (filecon "/sys/fs/bpf" dir ())
-    (filecon "/sys/fs/bpf/.*" any ()))
-
 (in cache
 
     (filecon "/var/cache" dir file_context)
author	John Turner <jturner.usa@gmail.com>	2025-08-12 15:06:13 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-12 15:06:13 -0400
commit	1c2a744b479ab9abccac123580e0b7eef6282ee7 (patch)
tree	3a4ce47d89c90cbc9f6f2809bba28cc413ac8972
parent	122ff59ca75a7bddc41146ce815f1b3ada066d22 (diff)
download	selinux-policy-1c2a744b479ab9abccac123580e0b7eef6282ee7.tar.gz