move "devtmp" out of misc.cil

author: John Turner <jturner.usa@gmail.com> 2025-08-23 20:17:25 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-23 20:17:25 -0400
commit: 32b5cf0b7b901e5b4be248fa8d494736883a7dc5 (patch)
tree: e22caa7157b7ef6e154da63702867d2197ab687f
parent: 7777f4eb94581b880ffea48f9e75daa9085b8e45 (diff)
download: selinux-policy-32b5cf0b7b901e5b4be248fa8d494736883a7dc5.tar.gz
2 files changed, 3 insertions, 6 deletions
diff --git a/src/fs/seclabelfs/devtmpseclabelfs.cil b/src/fs/seclabelfs/devtmpseclabelfs.cil
index fdfc120..3e33b79 100644
--- a/src/fs/seclabelfs/devtmpseclabelfs.cil
+++ b/src/fs/seclabelfs/devtmpseclabelfs.cil
@@ -2,7 +2,6 @@
 ;; SPDX-License-Identifier: Unlicense
 
 (block devtmp
-
     (fsuse trans "devtmpfs" fs_context)
 
     (blockinherit .fs.macro_template_all_files)
@@ -13,4 +12,6 @@
     (blockinherit .fs.macro_template_files)
     (blockinherit .fs.macro_template_lnk_files)
     (blockinherit .fs.macro_template_sock_files)
-    (blockinherit .seclabelfs.template))
+    (blockinherit .seclabelfs.template)
+
+    (allow fs self (filesystem (associate))))
diff --git a/src/misc.cil b/src/misc.cil
index 03eb36e..fc8301f 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,10 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in devtmp
-
-    (allow fs self (filesystem (associate))))
-
 (in dos
 
     (filecon "/boot/efi" dir fs_context)
author	John Turner <jturner.usa@gmail.com>	2025-08-23 20:17:25 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-23 20:17:25 -0400
commit	32b5cf0b7b901e5b4be248fa8d494736883a7dc5 (patch)
tree	e22caa7157b7ef6e154da63702867d2197ab687f
parent	7777f4eb94581b880ffea48f9e75daa9085b8e45 (diff)
download	selinux-policy-32b5cf0b7b901e5b4be248fa8d494736883a7dc5.tar.gz