move "dev" out of misc.cil

author: John Turner <jturner.usa@gmail.com> 2025-08-23 20:15:26 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-23 20:15:26 -0400
commit: 9489f4b077b0ddd66c187844b33e7128a0a08736 (patch)
tree: 5208a8804a8f01edb77a637a141a109125a7a90e /src
parent: cef527a3a1a3ee05100d9b2a3794f3ac3b1929e1 (diff)
download: selinux-policy-9489f4b077b0ddd66c187844b33e7128a0a08736.tar.gz
2 files changed, 18 insertions, 24 deletions
diff --git a/src/dev.cil b/src/dev.cil
index bc39e64..6e604f5 100644
--- a/src/dev.cil
+++ b/src/dev.cil
@@ -2,18 +2,33 @@
 ;; SPDX-License-Identifier: Unlicense
 
 (block dev
-
     (macro type ((type ARG1))
 	(typeattributeset typeattr ARG1))
 
-    (typeattribute typeattr)
-
+    (macro root_file_type_transition_file ((type ARG1))
+        (call .root.file_type_transition
+	    (ARG1 file dir "dev")))
+    
     (blockinherit .file.all_macro_template_blk_files)
     (blockinherit .file.all_macro_template_chr_files)
 
+    (typeattribute typeattr)
+
     (call .obj.type (typeattr))
 
     (call .devtmp.associate_fs (typeattr))
+    (call .tmp.associate_fs (typeattr))
+    (call .tmp.associate_fs (file))
+    (call .xattr.associate_fs (file))
+    
+    (filecon "/dev" dir file_context)
+    (filecon "/dev/.*" block file_context)
+    (filecon "/dev/.*" char file_context)
+    (filecon "/dev/.*" dir file_context)
+    (filecon "/dev/.*" file file_context)
+    (filecon "/dev/.*" pipe file_context)
+    (filecon "/dev/.*" socket file_context)
+    (filecon "/dev/.*" symlink file_context)    
 
     (block except
 
diff --git a/src/misc.cil b/src/misc.cil
index dd37e6f..d0e4998 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,27 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in dev
-
-    (filecon "/dev" dir file_context)
-    (filecon "/dev/.*" block file_context)
-    (filecon "/dev/.*" char file_context)
-    (filecon "/dev/.*" dir file_context)
-    (filecon "/dev/.*" file file_context)
-    (filecon "/dev/.*" pipe file_context)
-    (filecon "/dev/.*" socket file_context)
-    (filecon "/dev/.*" symlink file_context)
-
-    (macro root_file_type_transition_file ((type ARG1))
-	(call .root.file_type_transition
-	    (ARG1 file dir "dev")))
-
-    (call .tmp.associate_fs (typeattr))
-
-    (call .tmp.associate_fs (file))
-
-    (call .xattr.associate_fs (file)))
-
 (in devpts
 
     (filecon "/dev/pts" dir ())
author	John Turner <jturner.usa@gmail.com>	2025-08-23 20:15:26 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-23 20:15:26 -0400
commit	9489f4b077b0ddd66c187844b33e7128a0a08736 (patch)
tree	5208a8804a8f01edb77a637a141a109125a7a90e /src
parent	cef527a3a1a3ee05100d9b2a3794f3ac3b1929e1 (diff)
download	selinux-policy-9489f4b077b0ddd66c187844b33e7128a0a08736.tar.gz