[selinux-policy: 2520/3172] Rearrange interfaces in fail2ban.

[Daniel J Walsh]

commit bf140fc32c38d23a1c2990db60ac1330436ddc80
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue Mar 16 13:14:46 2010 -0400

    Rearrange interfaces in fail2ban.

 policy/modules/services/fail2ban.if |   76 +++++++++++++++++-----------------
 1 files changed, 38 insertions(+), 38 deletions(-)
---
diff --git a/policy/modules/services/fail2ban.if b/policy/modules/services/fail2ban.if
index 83d0241..43dd962 100644
--- a/policy/modules/services/fail2ban.if
+++ b/policy/modules/services/fail2ban.if
@@ -18,6 +18,44 @@ interface(`fail2ban_domtrans',`
 	domtrans_pattern($1, fail2ban_exec_t, fail2ban_t)
 ')
 
+#####################################
+## <summary>
+##	Connect to fail2ban over a unix domain
+##	stream socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`fail2ban_stream_connect',`
+	gen_require(`
+		type fail2ban_t, fail2ban_var_run_t;
+	')
+
+	files_search_pids($1)
+	stream_connect_pattern($1, fail2ban_var_run_t, fail2ban_var_run_t, fail2ban_t)
+')
+
+########################################
+## <summary>
+##	Read and write to an fail2ban unix stream socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`fail2ban_rw_stream_sockets',`
+	gen_require(`
+		type fail2ban_t;
+	')
+
+	allow $1 fail2ban_t:unix_stream_socket rw_stream_socket_perms;
+')
+
 ########################################
 ## <summary>
 ##	Read fail2ban lib files.
@@ -98,26 +136,6 @@ interface(`fail2ban_read_pid_files',`
 	allow $1 fail2ban_var_run_t:file read_file_perms;
 ')
 
-#####################################
-## <summary>
-##	Connect to fail2ban over a unix domain
-##	stream socket.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`fail2ban_stream_connect',`
-	gen_require(`
-		type fail2ban_t, fail2ban_var_run_t;
-	')
-
-	files_search_pids($1)
-	stream_connect_pattern($1, fail2ban_var_run_t, fail2ban_var_run_t, fail2ban_t)
-')
-
 ########################################
 ## <summary>
 ##	All of the rules required to administrate 
@@ -155,21 +173,3 @@ interface(`fail2ban_admin',`
 	files_list_pids($1)
 	admin_pattern($1, fail2ban_var_run_t)
 ')
-
-########################################
-## <summary>
-##	Read and write to an fail2ban unix stream socket.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`fail2ban_rw_stream_sockets',`
-	gen_require(`
-		type fail2ban_t;
-	')
-
-	allow $1 fail2ban_t:unix_stream_socket rw_stream_socket_perms;
-')