From 7553f989a3654b480c6d766265c885b900ed2fcd Mon Sep 17 00:00:00 2001
From: Vitezslav Crhonek <vcrhonek@redhat.com>
Date: Tue, 8 Jun 2021 14:09:19 +0200
Subject: [PATCH] selinux: order permissions in av rule as per refpolicy style
 guide

https://github.com/SELinuxProject/refpolicy/wiki/StyleGuide

Signed-off-by: Vitezslav Crhonek <vcrhonek@redhat.com>
---
 openwsman.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwsman.te b/openwsman.te
index 3bcd32c..e00816c 100644
--- a/openwsman.te
+++ b/openwsman.te
@@ -34,7 +34,7 @@ allow openwsman_t self:capability setuid;
 allow openwsman_t self:process { fork };
 allow openwsman_t self:fifo_file rw_fifo_file_perms;
 allow openwsman_t self:unix_stream_socket create_stream_socket_perms;
-allow openwsman_t self:tcp_socket { create_socket_perms accept listen };
+allow openwsman_t self:tcp_socket { accept create_socket_perms listen };
 
 manage_files_pattern(openwsman_t, openwsman_tmp_t, openwsman_tmp_t)
 manage_dirs_pattern(openwsman_t, openwsman_tmp_t, openwsman_tmp_t)