From 5d29c35b89cf0afe76ba29e7af1778f98db87646 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@ieee.org>
Date: Thu, 28 Jan 2021 11:27:54 -0500
Subject: [PATCH] samba: Move service interface definitions.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>
---
 policy/modules/services/samba.if | 152 +++++++++++++++----------------
 1 file changed, 76 insertions(+), 76 deletions(-)

diff --git a/policy/modules/services/samba.if b/policy/modules/services/samba.if
index 5e01db233..6af30d0c3 100644
--- a/policy/modules/services/samba.if
+++ b/policy/modules/services/samba.if
@@ -328,6 +328,82 @@ interface(`samba_read_share_files',`
 	read_files_pattern($1, samba_share_t, samba_share_t)
 ')
 
+########################################
+## <summary>
+##	start samba daemon
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`samba_start',`
+	gen_require(`
+		type samba_unit_t;
+	')
+
+	allow $1 samba_unit_t:file getattr;
+	allow $1 samba_unit_t:service start;
+')
+
+########################################
+## <summary>
+##	stop samba daemon
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`samba_stop',`
+	gen_require(`
+		type samba_unit_t;
+	')
+
+	allow $1 samba_unit_t:file getattr;
+	allow $1 samba_unit_t:service stop;
+')
+
+########################################
+## <summary>
+##	get status of samba daemon
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`samba_status',`
+	gen_require(`
+		type samba_unit_t;
+	')
+
+	allow $1 samba_unit_t:file getattr;
+	allow $1 samba_unit_t:service status;
+')
+
+########################################
+## <summary>
+##	reload samba daemon
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`samba_reload',`
+	gen_require(`
+		type samba_unit_t;
+	')
+
+	allow $1 samba_unit_t:file getattr;
+	allow $1 samba_unit_t:service reload;
+')
+
 ########################################
 ## <summary>
 ##	Search samba var directories.
@@ -729,79 +805,3 @@ interface(`samba_admin',`
 	files_list_tmp($1)
 	admin_pattern($1, { swat_tmp_t smbd_tmp_t winbind_tmp_t })
 ')
-
-########################################
-## <summary>
-##	start samba daemon
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`samba_start',`
-	gen_require(`
-		type samba_unit_t;
-	')
-
-	allow $1 samba_unit_t:file getattr;
-	allow $1 samba_unit_t:service start;
-')
-
-########################################
-## <summary>
-##	stop samba daemon
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`samba_stop',`
-	gen_require(`
-		type samba_unit_t;
-	')
-
-	allow $1 samba_unit_t:file getattr;
-	allow $1 samba_unit_t:service stop;
-')
-
-########################################
-## <summary>
-##	get status of samba daemon
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`samba_status',`
-	gen_require(`
-		type samba_unit_t;
-	')
-
-	allow $1 samba_unit_t:file getattr;
-	allow $1 samba_unit_t:service status;
-')
-
-########################################
-## <summary>
-##	reload samba daemon
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`samba_reload',`
-	gen_require(`
-		type samba_unit_t;
-	')
-
-	allow $1 samba_unit_t:file getattr;
-	allow $1 samba_unit_t:service reload;
-')