From d51ea05efd323c8caffc814713e73bba5bc55141 Mon Sep 17 00:00:00 2001
From: John Turner <jturner.usa@gmail.com>
Date: Sat, 23 Aug 2025 20:26:13 -0400
Subject: move "fs.unconfined" out of misc.cil

---
 src/fs.cil   | 8 ++++++--
 src/misc.cil | 7 -------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/fs.cil b/src/fs.cil
index 79f09d9..3d78e49 100644
--- a/src/fs.cil
+++ b/src/fs.cil
@@ -569,7 +569,6 @@
 	(blockinherit .fs.macro_template_fs))
 
     (block unconfined
-
 	(macro type ((type ARG1))
 	    (typeattributeset typeattr ARG1))
 
@@ -586,7 +585,12 @@
 	(allow typeattr fs.typeattr
 	    (lnk_file (not (audit_access execmod map mounton))))
 	(allow typeattr fs.typeattr
-	    (sock_file (not (audit_access execmod map mounton))))))
+	    (sock_file (not (audit_access execmod map mounton))))
+
+        (call .dos.boot_file_type_transition_fs (typeattr))
+        (call .dos.root_file_type_transition_fs (typeattr))
+        (call .proc.root_file_type_transition_fs (typeattr))
+        (call .sys.root_file_type_transition_fs (typeattr))))
 
 (in invalid.unconfined
 
diff --git a/src/misc.cil b/src/misc.cil
index 10b706f..1dde37f 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,13 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in fs.unconfined
-
-    (call .dos.boot_file_type_transition_fs (typeattr))
-    (call .dos.root_file_type_transition_fs (typeattr))
-    (call .proc.root_file_type_transition_fs (typeattr))
-    (call .sys.root_file_type_transition_fs (typeattr)))
-
 (in fuse
 
     (filecon "/sys/fs/fuse/connections" dir ())
-- 
cgit v1.2.3