From e707a708197373873e7ea33aa4ef343c3ae5446a Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Mon, 27 Feb 2012 10:18:00 -0500
Subject: [PATCH] Rearrange role lines from "own" patch.

---
 policy/modules/admin/usermanage.te   | 6 +++---
 policy/modules/system/selinuxutil.te | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te
index 7cac66fb4..c194faf8e 100644
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@@ -6,11 +6,9 @@ policy_module(usermanage, 1.17.0)
 #
 
 attribute_role chfn_roles;
-role chfn_roles types chfn_t;
 role system_r types chfn_t;
 
 attribute_role groupadd_roles;
-role groupadd_roles types groupadd_t;
 
 attribute_role passwd_roles;
 roleattribute system_r passwd_roles;
@@ -19,7 +17,6 @@ attribute_role sysadm_passwd_roles;
 roleattribute system_r sysadm_passwd_roles;
 
 attribute_role useradd_roles;
-role useradd_roles types useradd_t;
 
 type admin_passwd_exec_t;
 files_type(admin_passwd_exec_t)
@@ -28,6 +25,7 @@ type chfn_t;
 type chfn_exec_t;
 domain_obj_id_change_exemption(chfn_t)
 application_domain(chfn_t, chfn_exec_t)
+role chfn_roles types chfn_t;
 
 type crack_t;
 type crack_exec_t;
@@ -44,6 +42,7 @@ type groupadd_t;
 type groupadd_exec_t;
 domain_obj_id_change_exemption(groupadd_t)
 init_system_domain(groupadd_t, groupadd_exec_t)
+role groupadd_roles types groupadd_t;
 
 type passwd_t;
 type passwd_exec_t;
@@ -63,6 +62,7 @@ type useradd_t;
 type useradd_exec_t;
 domain_obj_id_change_exemption(useradd_t)
 init_system_domain(useradd_t, useradd_exec_t)
+role useradd_roles types useradd_t;
 
 ########################################
 #
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index b0b95a9d3..8fbef8ed0 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -13,10 +13,8 @@ attribute can_write_binary_policy;
 attribute can_relabelto_binary_policy;
 
 attribute_role newrole_roles;
-role newrole_roles types newrole_t;
 
 attribute_role run_init_roles;
-role run_init_roles types run_init_t;
 role system_r types run_init_t;
 
 attribute_role semanage_roles;
@@ -62,6 +60,7 @@ application_domain(newrole_t, newrole_exec_t)
 domain_role_change_exemption(newrole_t)
 domain_obj_id_change_exemption(newrole_t)
 domain_interactive_fd(newrole_t)
+role newrole_roles types newrole_t;
 
 #
 # policy_config_t is the type of /etc/security/selinux/*
@@ -93,6 +92,7 @@ type run_init_t;
 type run_init_exec_t;
 application_domain(run_init_t, run_init_exec_t)
 domain_system_change_exemption(run_init_t)
+role run_init_roles types run_init_t;
 
 type semanage_t;
 type semanage_exec_t;