move "fuse" out of misc.cil

author: John Turner <jturner.usa@gmail.com> 2025-08-23 20:27:09 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-23 20:27:09 -0400
commit: be42ee14486f2c39c7a7f0b9c517a4efd37468ac (patch)
tree: f4bfcbef50b002e89f7f57937d366e798c939a46 /src
parent: d51ea05efd323c8caffc814713e73bba5bc55141 (diff)
download: selinux-policy-be42ee14486f2c39c7a7f0b9c517a4efd37468ac.tar.gz
2 files changed, 5 insertions, 8 deletions
diff --git a/src/dev/stordev/fusestordev.cil b/src/dev/stordev/fusestordev.cil
index 2430c62..ea6f761 100644
--- a/src/dev/stordev/fusestordev.cil
+++ b/src/dev/stordev/fusestordev.cil
@@ -1,11 +1,13 @@
 ;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense
 
-(block fuse
-
-    (filecon "/dev/fuse" char stordev_context)
+(block fuse    
 
     (blockinherit .stordev.base_template)
     (blockinherit .stordev.macro_template_chr_files)
 
+    (filecon "/dev/fuse" char stordev_context)
+    (filecon "/sys/fs/fuse/connections" dir ())
+    (filecon "/sys/fs/fuse/connections/.*" any ())
+    
     (call .rbacsep.exempt.obj.type (stordev)))
diff --git a/src/misc.cil b/src/misc.cil
index 1dde37f..4c069ef 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,11 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in fuse
-
-    (filecon "/sys/fs/fuse/connections" dir ())
-    (filecon "/sys/fs/fuse/connections/.*" any ()))
-
 (in home
 
     (filecon "/home" dir file_context)
author	John Turner <jturner.usa@gmail.com>	2025-08-23 20:27:09 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-23 20:27:09 -0400
commit	be42ee14486f2c39c7a7f0b9c517a4efd37468ac (patch)
tree	f4bfcbef50b002e89f7f57937d366e798c939a46 /src
parent	d51ea05efd323c8caffc814713e73bba5bc55141 (diff)
download	selinux-policy-be42ee14486f2c39c7a7f0b9c517a4efd37468ac.tar.gz