Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

policy/modules/services/nagios.te

@@ -179,7 +179,7 @@ optional_policy(`
 #
 
 allow nrpe_t self:capability { setuid setgid };
-dontaudit nrpe_t self:capability {sys_tty_config sys_resource};
+dontaudit nrpe_t self:capability { sys_tty_config sys_resource };
 allow nrpe_t self:process { setpgid signal_perms setsched setrlimit };
 allow nrpe_t self:fifo_file rw_fifo_file_perms;
 allow nrpe_t self:tcp_socket create_stream_socket_perms;

policy/modules/services/ntop.te

@@ -51,7 +51,7 @@ files_tmp_filetrans(ntop_t, ntop_tmp_t, { file dir })
 
 manage_dirs_pattern(ntop_t, ntop_var_lib_t, ntop_var_lib_t)
 manage_files_pattern(ntop_t, ntop_var_lib_t, ntop_var_lib_t)
-files_var_lib_filetrans(ntop_t, ntop_var_lib_t, { file dir } )
+files_var_lib_filetrans(ntop_t, ntop_var_lib_t, { file dir })
 
 manage_files_pattern(ntop_t, ntop_var_run_t, ntop_var_run_t)
 files_pid_filetrans(ntop_t, ntop_var_run_t, file)

policy/modules/services/nx.te

@@ -89,10 +89,10 @@ seutil_dontaudit_search_config(nx_server_t)
 sysnet_read_config(nx_server_t)
 
 ifdef(`TODO',`
-# clients already have create permissions; the nxclient wants to also have unlink rights
+	# clients already have create permissions; the nxclient wants to also have unlink rights
-allow userdomain xdm_tmp_t:sock_file delete_sock_file_perms;
+	allow userdomain xdm_tmp_t:sock_file delete_sock_file_perms;
-# for a lockfile created by the client process
+	# for a lockfile created by the client process
-allow nx_server_t user_tmpfile:file getattr_file_perms;
+	allow nx_server_t user_tmpfile:file getattr_file_perms;
 ')
 
 ########################################

policy/modules/services/oddjob.te

@@ -100,4 +100,3 @@ userdom_home_filetrans_user_home_dir(oddjob_mkhomedir_t)
 userdom_manage_user_home_dirs(oddjob_mkhomedir_t)
 userdom_manage_user_home_content_dirs(oddjob_mkhomedir_t)
 userdom_manage_user_home_content(oddjob_mkhomedir_t)
-

policy/modules/services/openvpn.te

@@ -46,7 +46,6 @@ files_pid_file(openvpn_var_run_t)
 allow openvpn_t self:capability { dac_read_search dac_override ipc_lock net_bind_service net_admin setgid setuid sys_chroot sys_tty_config };
 allow openvpn_t self:process { signal getsched };
 allow openvpn_t self:fifo_file rw_fifo_file_perms;
-
 allow openvpn_t self:unix_dgram_socket { create_socket_perms sendto };
 allow openvpn_t self:unix_stream_socket { create_stream_socket_perms connectto };
 allow openvpn_t self:udp_socket create_socket_perms;

policy/modules/services/passenger.te

@@ -1,5 +1,4 @@
-
+policy_module(passanger, 1.0.0)
-policy_module(passanger,1.0.0)
 
 ########################################
 #
@@ -30,7 +29,6 @@ permissive passenger_t;
 
 allow passenger_t self:capability { dac_override fsetid fowner chown setuid setgid };
 allow passenger_t self:process signal;
-
 allow passenger_t self:fifo_file rw_fifo_file_perms;
 allow passenger_t self:unix_stream_socket { create_stream_socket_perms connectto };
 

policy/modules/services/piranha.te

@@ -1,4 +1,4 @@
-policy_module(piranha,1.0.0)
+policy_module(piranha, 1.0.0)
 
 ########################################
 #
@@ -65,7 +65,6 @@ init_domtrans_script(piranha_fos_t)
 allow piranha_web_t self:capability { setuid sys_nice kill setgid };
 allow piranha_web_t self:process { getsched setsched signal signull ptrace };
 allow piranha_web_t self:rawip_socket create_socket_perms;
-
 allow piranha_web_t self:netlink_route_socket r_netlink_socket_perms;
 allow piranha_web_t self:sem create_sem_perms;
 allow piranha_web_t self:shm create_shm_perms;
@@ -80,7 +79,7 @@ rw_files_pattern(piranha_web_t, piranha_etc_rw_t, piranha_etc_rw_t)
 
 manage_dirs_pattern(piranha_web_t, piranha_log_t, piranha_log_t)
 manage_files_pattern(piranha_web_t, piranha_log_t, piranha_log_t)
-logging_log_filetrans(piranha_web_t, piranha_log_t, { dir file } )
+logging_log_filetrans(piranha_web_t, piranha_log_t, { dir file })
 
 can_exec(piranha_web_t, piranha_web_tmp_t)
 manage_dirs_pattern(piranha_web_t, piranha_web_tmp_t, piranha_web_tmp_t)
@@ -129,9 +128,7 @@ optional_policy(`
 
 # neede by nanny
 allow piranha_lvs_t self:capability { net_raw sys_nice };
-
 allow piranha_lvs_t self:process signal;
-
 allow piranha_lvs_t self:unix_dgram_socket create_socket_perms;
 allow piranha_lvs_t self:rawip_socket create_socket_perms;
 

policy/modules/services/plymouthd.te

@@ -92,7 +92,7 @@ sysnet_read_config(plymouth_t)
 
 plymouthd_stream_connect(plymouth_t)
 
-ifdef(`hide_broken_symptoms', `
+ifdef(`hide_broken_symptoms',`
 	optional_policy(`
 		hal_dontaudit_write_log(plymouth_t)
 		hal_dontaudit_rw_pipes(plymouth_t)

policy/modules/services/policykit.te

@@ -41,7 +41,6 @@ files_pid_file(policykit_var_run_t)
 allow policykit_t self:capability { dac_override dac_read_search setgid setuid sys_ptrace };
 allow policykit_t self:process { getsched getattr signal };
 allow policykit_t self:fifo_file rw_fifo_file_perms;
-
 allow policykit_t self:unix_dgram_socket create_socket_perms;
 allow policykit_t self:unix_stream_socket { create_stream_socket_perms connectto };
 
@@ -275,4 +274,3 @@ optional_policy(`
 	kernel_search_proc(policykit_resolve_t)
 	hal_read_state(policykit_resolve_t)
 ')
-

policy/modules/services/postfix.te

@@ -8,7 +8,6 @@ policy_module(postfix, 1.12.0)
 ## <desc>
 ##	<p>
 ##	Allow postfix_local domain full write access to mail_spool directories
-## 
 ##	</p>
 ## </desc>
 gen_tunable(allow_postfix_local_write_mail_spool, false)

policy/modules/services/pyzor.te

@@ -5,9 +5,7 @@ policy_module(pyzor, 2.1.0)
 # Declarations
 #
 
-
 ifdef(`distro_redhat',`
-
 	gen_require(`
 		type spamc_t;
 		type spamc_exec_t;
@@ -34,43 +32,41 @@ ifdef(`distro_redhat',`
 	typealias spamd_etc_t alias pyzor_etc_t;
 	typealias spamc_home_t alias pyzor_home_t;
 	typealias spamc_home_t alias user_pyzor_home_t;
-
 ',`
+	type pyzor_t;
+	type pyzor_exec_t;
+	typealias pyzor_t alias { user_pyzor_t staff_pyzor_t sysadm_pyzor_t };
+	typealias pyzor_t alias { auditadm_pyzor_t secadm_pyzor_t };
+	application_domain(pyzor_t, pyzor_exec_t)
+	ubac_constrained(pyzor_t)
+	role system_r types pyzor_t;
 
-type pyzor_t;
+	type pyzor_etc_t;
-type pyzor_exec_t;
+	files_type(pyzor_etc_t)
-typealias pyzor_t alias { user_pyzor_t staff_pyzor_t sysadm_pyzor_t };
-typealias pyzor_t alias { auditadm_pyzor_t secadm_pyzor_t };
-application_domain(pyzor_t, pyzor_exec_t)
-ubac_constrained(pyzor_t)
-role system_r types pyzor_t;
 
-type pyzor_etc_t;
+	type pyzor_home_t;
-files_type(pyzor_etc_t)
+	typealias pyzor_home_t alias { user_pyzor_home_t staff_pyzor_home_t sysadm_pyzor_home_t };
+	typealias pyzor_home_t alias { auditadm_pyzor_home_t secadm_pyzor_home_t };
+	userdom_user_home_content(pyzor_home_t)
 
-type pyzor_home_t;
+	type pyzor_tmp_t;
-typealias pyzor_home_t alias { user_pyzor_home_t staff_pyzor_home_t sysadm_pyzor_home_t };
+	typealias pyzor_tmp_t alias { user_pyzor_tmp_t staff_pyzor_tmp_t sysadm_pyzor_tmp_t };
-typealias pyzor_home_t alias { auditadm_pyzor_home_t secadm_pyzor_home_t };
+	typealias pyzor_tmp_t alias { auditadm_pyzor_tmp_t secadm_pyzor_tmp_t };
-userdom_user_home_content(pyzor_home_t)
+	files_tmp_file(pyzor_tmp_t)
+	ubac_constrained(pyzor_tmp_t)
 
-type pyzor_tmp_t;
+	type pyzor_var_lib_t;
-typealias pyzor_tmp_t alias { user_pyzor_tmp_t staff_pyzor_tmp_t sysadm_pyzor_tmp_t };
+	typealias pyzor_var_lib_t alias { user_pyzor_var_lib_t staff_pyzor_var_lib_t sysadm_pyzor_var_lib_t };
-typealias pyzor_tmp_t alias { auditadm_pyzor_tmp_t secadm_pyzor_tmp_t };
+	typealias pyzor_var_lib_t alias { auditadm_pyzor_var_lib_t secadm_pyzor_var_lib_t };
-files_tmp_file(pyzor_tmp_t)
+	files_type(pyzor_var_lib_t)
-ubac_constrained(pyzor_tmp_t)
+	ubac_constrained(pyzor_var_lib_t)
 
-type pyzor_var_lib_t;
+	type pyzord_t;
-typealias pyzor_var_lib_t alias { user_pyzor_var_lib_t staff_pyzor_var_lib_t sysadm_pyzor_var_lib_t };
+	type pyzord_exec_t;
-typealias pyzor_var_lib_t alias { auditadm_pyzor_var_lib_t secadm_pyzor_var_lib_t };
+	init_daemon_domain(pyzord_t, pyzord_exec_t)
-files_type(pyzor_var_lib_t)
-ubac_constrained(pyzor_var_lib_t)
 
-type pyzord_t;
+	type pyzord_log_t;
-type pyzord_exec_t;
+	logging_log_file(pyzord_log_t)
-init_daemon_domain(pyzord_t, pyzord_exec_t)
-
-type pyzord_log_t;
-logging_log_file(pyzord_log_t)
 ')
 
 ########################################
@@ -149,7 +145,7 @@ can_exec(pyzord_t, pyzor_exec_t)
 
 manage_files_pattern(pyzord_t, pyzord_log_t, pyzord_log_t)
 allow pyzord_t pyzord_log_t:dir setattr;
-logging_log_filetrans(pyzord_t, pyzord_log_t, { file dir } )
+logging_log_filetrans(pyzord_t, pyzord_log_t, { file dir })
 
 kernel_read_kernel_sysctls(pyzord_t)
 kernel_read_system_state(pyzord_t)

policy/modules/services/qpidd.te

@@ -1,4 +1,4 @@
-policy_module(qpidd,1.0.0)
+policy_module(qpidd, 1.0.0)
 
 ########################################
 #
@@ -32,7 +32,7 @@ allow qpidd_t self:unix_stream_socket create_stream_socket_perms;
 
 manage_dirs_pattern(qpidd_t, qpidd_var_lib_t,  qpidd_var_lib_t)
 manage_files_pattern(qpidd_t, qpidd_var_lib_t,  qpidd_var_lib_t)
-files_var_lib_filetrans(qpidd_t, qpidd_var_lib_t, { file dir } )
+files_var_lib_filetrans(qpidd_t, qpidd_var_lib_t, { file dir })
 
 manage_dirs_pattern(qpidd_t, qpidd_var_run_t,  qpidd_var_run_t)
 manage_files_pattern(qpidd_t, qpidd_var_run_t,  qpidd_var_run_t)