From f210ced209102d187ae788413603ef1ed9d44680 Mon Sep 17 00:00:00 2001
From: Joshua Brindle <method@manicmethod.com>
Date: Sun, 7 Sep 2008 18:42:35 -0400
Subject: [PATCH] Author: Daniel J Walsh Email: dwalsh@redhat.com Subject: Only
 call gen_requires once. Date: Thu, 11 Sep 2008 09:35:54 -0400

Currently audit2allow/sepolgen will create two identical gen_requires
block if you have allow rules and a role statement.

This patch fixes this problem.

Signed-off-by: Joshua Brindle <method@manicmethod.com>
---
 sepolgen/src/sepolgen/policygen.py | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/sepolgen/src/sepolgen/policygen.py b/sepolgen/src/sepolgen/policygen.py
index 7246fd68..55cffeba 100644
--- a/sepolgen/src/sepolgen/policygen.py
+++ b/sepolgen/src/sepolgen/policygen.py
@@ -134,6 +134,10 @@ class PolicyGenerator:
             m.refpolicy = False
 
     def get_module(self):
+        # Generate the requires
+        if self.gen_requires:
+            gen_requires(self.module)
+
         """Return the generated module"""
         return self.module
 
@@ -163,18 +167,10 @@ class PolicyGenerator:
         # Generate the raw allow rules from the filtered list
         self.__add_allow_rules(raw_allow)
 
-        # Generate the requires
-        if self.gen_requires:
-            gen_requires(self.module)
-
     def add_role_types(self, role_type_set):
         for role_type in role_type_set:
             self.module.children.append(role_type)
 
-        # Generate the requires
-        if self.gen_requires:
-            gen_requires(self.module)
-
 def explain_access(av, ml=None, verbosity=SHORT_EXPLANATION):
     """Explain why a policy statement was generated.