diff --git a/policy/modules/admin/alsa.te b/policy/modules/admin/alsa.te
index 8bb02f4c7..a8dfe495d 100644
--- a/policy/modules/admin/alsa.te
+++ b/policy/modules/admin/alsa.te
@@ -41,8 +41,6 @@ files_search_var_lib(alsa_t)
 
 kernel_read_system_state(alsa_t)
 
-term_dontaudit_use_console(alsa_t)
-
 dev_read_sound(alsa_t)
 dev_write_sound(alsa_t)
 dev_read_sysfs(alsa_t)
@@ -53,6 +51,8 @@ files_search_home(alsa_t)
 files_read_etc_files(alsa_t)
 files_read_usr_files(alsa_t)
 
+term_dontaudit_use_console(alsa_t)
+
 auth_use_nsswitch(alsa_t)
 
 init_use_fds(alsa_t)
diff --git a/policy/modules/services/mysql.if b/policy/modules/services/mysql.if
index a8f362122..1e4b4d578 100644
--- a/policy/modules/services/mysql.if
+++ b/policy/modules/services/mysql.if
@@ -18,24 +18,6 @@ interface(`mysql_domtrans',`
 	domtrans_pattern($1, mysqld_exec_t, mysqld_t)
 ')
 
-######################################
-## <summary>
-##	Execute MySQL server in the mysql domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`mysql_domtrans_mysql_safe',`
-	gen_require(`
-		type mysqld_safe_t, mysqld_safe_exec_t;
-	')
-
-	domtrans_pattern($1, mysqld_safe_exec_t, mysqld_safe_t)
-')
-
 ########################################
 ## <summary>
 ##	Send a generic signal to MySQL.
@@ -273,6 +255,24 @@ interface(`mysql_write_log',`
 	allow $1 mysqld_log_t:file { write_file_perms setattr };
 ')
 
+######################################
+## <summary>
+##	Execute MySQL server in the mysql domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`mysql_domtrans_mysql_safe',`
+	gen_require(`
+		type mysqld_safe_t, mysqld_safe_exec_t;
+	')
+
+	domtrans_pattern($1, mysqld_safe_exec_t, mysqld_safe_t)
+')
+
 #####################################
 ## <summary>
 ##	Read MySQL PID files.
diff --git a/policy/modules/services/mysql.te b/policy/modules/services/mysql.te
index 83a6e70c5..ec10b8e15 100644
--- a/policy/modules/services/mysql.te
+++ b/policy/modules/services/mysql.te
@@ -167,12 +167,6 @@ allow mysqld_safe_t mysqld_log_t:file manage_file_perms;
 manage_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t)
 delete_sock_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t)
 
-domain_read_all_domains_state(mysqld_safe_t)
-
-files_dontaudit_getattr_all_dirs(mysqld_safe_t)
-
-logging_log_filetrans(mysqld_safe_t, mysqld_log_t, file)
-
 kernel_read_system_state(mysqld_safe_t)
 kernel_read_kernel_sysctls(mysqld_safe_t)
 
@@ -180,8 +174,13 @@ corecmd_exec_bin(mysqld_safe_t)
 
 dev_list_sysfs(mysqld_safe_t)
 
+domain_read_all_domains_state(mysqld_safe_t)
+
 files_read_etc_files(mysqld_safe_t)
 files_read_usr_files(mysqld_safe_t)
+files_dontaudit_getattr_all_dirs(mysqld_safe_t)
+
+logging_log_filetrans(mysqld_safe_t, mysqld_log_t, file)
 
 hostname_exec(mysqld_safe_t)