From 72b54e5f988c313fa62de01659914b21526c70fc Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 4 May 2011 09:15:28 -0400
Subject: [PATCH] Rearrange mozilla tmp rules.

---
 policy/modules/apps/mozilla.te | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
index 9c0e5dc35..acec32579 100644
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -27,18 +27,18 @@ typealias mozilla_home_t alias { user_mozilla_home_t staff_mozilla_home_t sysadm
 typealias mozilla_home_t alias { auditadm_mozilla_home_t secadm_mozilla_home_t };
 userdom_user_home_content(mozilla_home_t)
 
-type mozilla_tmpfs_t;
-typealias mozilla_tmpfs_t alias { user_mozilla_tmpfs_t staff_mozilla_tmpfs_t sysadm_mozilla_tmpfs_t };
-typealias mozilla_tmpfs_t alias { auditadm_mozilla_tmpfs_t secadm_mozilla_tmpfs_t };
-files_tmpfs_file(mozilla_tmpfs_t)
-ubac_constrained(mozilla_tmpfs_t)
-
 type mozilla_tmp_t;
 typealias mozilla_tmp_t alias { user_mozilla_tmp_t staff_mozilla_tmp_t sysadm_mozilla_tmp_t };
 typealias mozilla_tmp_t alias { auditadm_mozilla_t secadm_mozilla_t };
 files_tmp_file(mozilla_tmp_t)
 ubac_constrained(mozilla_tmp_t)
 
+type mozilla_tmpfs_t;
+typealias mozilla_tmpfs_t alias { user_mozilla_tmpfs_t staff_mozilla_tmpfs_t sysadm_mozilla_tmpfs_t };
+typealias mozilla_tmpfs_t alias { auditadm_mozilla_tmpfs_t secadm_mozilla_tmpfs_t };
+files_tmpfs_file(mozilla_tmpfs_t)
+ubac_constrained(mozilla_tmpfs_t)
+
 ########################################
 #
 # Local policy
@@ -68,16 +68,16 @@ userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir)
 # Mozpluggerrc
 allow mozilla_t mozilla_conf_t:file read_file_perms;
 
+manage_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
+manage_dirs_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
+files_tmp_filetrans(mozilla_t, mozilla_tmp_t, { file dir })
+
 manage_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 manage_lnk_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 manage_fifo_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 manage_sock_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 fs_tmpfs_filetrans(mozilla_t, mozilla_tmpfs_t, { file lnk_file sock_file fifo_file })
 
-manage_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
-manage_dirs_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
-files_tmp_filetrans(mozilla_t, mozilla_tmp_t, { file dir })
-
 kernel_read_kernel_sysctls(mozilla_t)
 kernel_read_network_state(mozilla_t)
 # Access /proc, sysctl