diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 4d03eebc4..8418a63cf 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -1931,84 +1931,6 @@ interface(`fs_cifs_domtrans',`
domain_auto_transition_pattern($1, cifs_t, $2)
')
-########################################
-##
-## Create, read, write, and delete directories
-## on an eCryptfs filesystem.
-##
-##
-##
-## Domain allowed access.
-##
-##
-##
-#
-interface(`fs_manage_ecryptfs_dirs',`
- gen_require(`
- type ecryptfs_t;
- ')
-
- allow $1 ecryptfs_t:dir manage_dir_perms;
-')
-
-########################################
-##
-## Create, read, write, and delete files
-## on an eCryptfs filesystem.
-##
-##
-##
-## Domain allowed access.
-##
-##
-##
-#
-interface(`fs_manage_ecryptfs_files',`
- gen_require(`
- type ecryptfs_t;
- ')
-
- manage_files_pattern($1, ecryptfs_t, ecryptfs_t)
-')
-
-########################################
-##
-## Create, read, write, and delete named sockets
-## on an eCryptfs filesystem.
-##
-##
-##
-## Domain allowed access.
-##
-##
-#
-interface(`fs_manage_ecryptfs_named_sockets',`
- gen_require(`
- type ecryptfs_t;
- ')
-
- manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t)
-')
-
-########################################
-##
-## Read symbolic links on an eCryptfs filesystem.
-##
-##
-##
-## Domain allowed access.
-##
-##
-#
-interface(`fs_list_ecryptfs',`
- gen_require(`
- type ecryptfs_t;
- ')
-
- allow $1 ecryptfs_t:dir list_dir_perms;
- read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t)
-')
-
#######################################
##
## Create, read, write, and delete dirs
@@ -2273,6 +2195,84 @@ interface(`fs_manage_dos_files',`
manage_files_pattern($1, dosfs_t, dosfs_t)
')
+########################################
+##
+## Read symbolic links on an eCryptfs filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`fs_list_ecryptfs',`
+ gen_require(`
+ type ecryptfs_t;
+ ')
+
+ allow $1 ecryptfs_t:dir list_dir_perms;
+ read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t)
+')
+
+########################################
+##
+## Create, read, write, and delete directories
+## on an eCryptfs filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`fs_manage_ecryptfs_dirs',`
+ gen_require(`
+ type ecryptfs_t;
+ ')
+
+ allow $1 ecryptfs_t:dir manage_dir_perms;
+')
+
+########################################
+##
+## Create, read, write, and delete files
+## on an eCryptfs filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`fs_manage_ecryptfs_files',`
+ gen_require(`
+ type ecryptfs_t;
+ ')
+
+ manage_files_pattern($1, ecryptfs_t, ecryptfs_t)
+')
+
+########################################
+##
+## Create, read, write, and delete named sockets
+## on an eCryptfs filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`fs_manage_ecryptfs_named_sockets',`
+ gen_require(`
+ type ecryptfs_t;
+ ')
+
+ manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t)
+')
+
########################################
##
## Get the attributes of efivarfs filesystems.