add extra dep to init_t interfaces since init_t is in base module right now.

refpolicy/policy/modules/system/init.if

@@ -192,11 +192,108 @@ interface(`init_exec',`
 interface(`init_getpgid',`
 	gen_require(`
 		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
 	')
 
 	allow $1 init_t:process getpgid;
 ')
 
+########################################
+## <summary>
+##	Send init a null signal.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`init_signull',`
+	gen_require(`
+		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
+	')
+
+	allow $1 init_t:process signull;
+')
+
+########################################
+## <summary>
+##	Send init a SIGCHLD signal.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`init_sigchld',`
+	gen_require(`
+		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
+	')
+
+	allow $1 init_t:process sigchld;
+')
+
+########################################
+#
+# init_use_fds(domain)
+#
+interface(`init_use_fds',`
+	gen_require(`
+		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
+	')
+
+	allow $1 init_t:fd use;
+')
+
+########################################
+#
+# init_dontaudit_use_fds(domain)
+#
+interface(`init_dontaudit_use_fds',`
+	gen_require(`
+		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
+	')
+
+	dontaudit $1 init_t:fd use;
+')
+
+########################################
+## <summary>
+##	Send UDP network traffic to init.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`init_udp_send',`
+	gen_require(`
+		type init_t;
+
+		# cjp: remove this when init_t decl is moved back to this module
+		type init_exec_t;
+	')
+
+	allow $1 init_t:udp_socket sendto;
+	allow init_t $1:udp_socket recvfrom;
+')
+
 ########################################
 #
 # init_getattr_initctl(domain)
@@ -259,85 +356,6 @@ interface(`init_dontaudit_rw_initctl',`
 	dontaudit $1 initctl_t:fifo_file { read write };
 ')
 
-########################################
-## <summary>
-##	Send init a null signal.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`init_signull',`
-	gen_require(`
-		type init_t;
-	')
-
-	allow $1 init_t:process signull;
-')
-
-########################################
-## <summary>
-##	Send init a SIGCHLD signal.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`init_sigchld',`
-	gen_require(`
-		type init_t;
-	')
-
-	allow $1 init_t:process sigchld;
-')
-
-########################################
-#
-# init_use_fds(domain)
-#
-interface(`init_use_fds',`
-	gen_require(`
-		type init_t;
-	')
-
-	allow $1 init_t:fd use;
-')
-
-########################################
-#
-# init_dontaudit_use_fds(domain)
-#
-interface(`init_dontaudit_use_fds',`
-	gen_require(`
-		type init_t;
-	')
-
-	dontaudit $1 init_t:fd use;
-')
-
-########################################
-## <summary>
-##	Send UDP network traffic to init.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`init_udp_send',`
-	gen_require(`
-		type init_t;
-	')
-
-	allow $1 init_t:udp_socket sendto;
-	allow init_t $1:udp_socket recvfrom;
-')
-
 ########################################
 ## <summary>
 ##	Make init scripts an entry point for

refpolicy/policy/modules/system/init.te

@@ -21,6 +21,8 @@ attribute direct_init_entry;
 #
 # real declaration moved to mls until
 # range_transition works in loadable modules
+# also remove the extra init_exec_t dependencies
+# in init_t interfaces when the decl gets moved back here.
 gen_require(`
 	type init_t;
 ')