trunk: whitespace fixes

2009-06-26 14:40:13 +00:00 · 2009-06-26 14:40:13 +00:00 · 3f67f722bb
commit 3f67f722bb
parent 20272c2b27
157 changed files with 796 additions and 797 deletions
--- a/policy/modules/admin/amanda.te
+++ b/policy/modules/admin/amanda.te
@ -97,8 +97,8 @@ allow amanda_t amanda_gnutarlists_t:dir rw_dir_perms;
 allow amanda_t amanda_gnutarlists_t:file manage_file_perms;
 allow amanda_t amanda_gnutarlists_t:lnk_file manage_lnk_file_perms;
-manage_dirs_pattern(amanda_t,amanda_var_lib_t,amanda_var_lib_t)
+manage_dirs_pattern(amanda_t, amanda_var_lib_t, amanda_var_lib_t)
-manage_files_pattern(amanda_t,amanda_var_lib_t,amanda_var_lib_t)
+manage_files_pattern(amanda_t, amanda_var_lib_t, amanda_var_lib_t)
 manage_files_pattern(amanda_t, amanda_log_t, amanda_log_t)
 manage_dirs_pattern(amanda_t, amanda_log_t, amanda_log_t)
--- a/policy/modules/admin/dpkg.if
+++ b/policy/modules/admin/dpkg.if
@ -38,7 +38,7 @@ interface(`dpkg_domtrans_script',`
 	')
 	# transition to dpkg script:
-	corecmd_shell_domtrans($1,dpkg_script_t)
+	corecmd_shell_domtrans($1, dpkg_script_t)
 	allow dpkg_script_t $1:fd use;
 	allow dpkg_script_t $1:fifo_file rw_file_perms;
 	allow dpkg_script_t $1:process sigchld;
--- a/policy/modules/admin/kudzu.te
+++ b/policy/modules/admin/kudzu.te
@ -89,7 +89,7 @@ files_search_var(kudzu_t)
 files_search_locks(kudzu_t)
 files_manage_etc_files(kudzu_t)
 files_manage_etc_runtime_files(kudzu_t)
-files_etc_filetrans_etc_runtime(kudzu_t,file)
+files_etc_filetrans_etc_runtime(kudzu_t, file)
 files_manage_mnt_files(kudzu_t)
 files_manage_mnt_symlinks(kudzu_t)
 files_dontaudit_search_src(kudzu_t)
--- a/policy/modules/admin/logwatch.te
+++ b/policy/modules/admin/logwatch.te
@ -34,7 +34,7 @@ manage_dirs_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 manage_files_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 allow logwatch_t logwatch_lock_t:file manage_file_perms;
-files_lock_filetrans(logwatch_t,logwatch_lock_t,file)
+files_lock_filetrans(logwatch_t, logwatch_lock_t, file)
 manage_dirs_pattern(logwatch_t, logwatch_tmp_t, logwatch_tmp_t)
 manage_files_pattern(logwatch_t, logwatch_tmp_t, logwatch_tmp_t)
--- a/policy/modules/admin/mrtg.te
+++ b/policy/modules/admin/mrtg.te
@ -54,7 +54,7 @@ manage_files_pattern(mrtg_t, mrtg_var_lib_t, mrtg_var_lib_t)
 manage_lnk_files_pattern(mrtg_t, mrtg_var_lib_t, mrtg_var_lib_t)
 allow mrtg_t mrtg_var_run_t:file manage_file_perms;
-files_pid_filetrans(mrtg_t,mrtg_var_run_t,file)
+files_pid_filetrans(mrtg_t, mrtg_var_run_t, file)
 kernel_read_system_state(mrtg_t)
 kernel_read_network_state(mrtg_t)
--- a/policy/modules/admin/portage.if
+++ b/policy/modules/admin/portage.if
@ -99,7 +99,7 @@ interface(`portage_compile_domain',`
 	allow $1 self:dbus send_msg;
 	allow $1 portage_devpts_t:chr_file { rw_chr_file_perms setattr };
-	term_create_pty($1,portage_devpts_t)
+	term_create_pty($1, portage_devpts_t)
 	# write compile logs
 	allow $1 portage_log_t:dir setattr;
--- a/policy/modules/admin/rpm.if
+++ b/policy/modules/admin/rpm.if
@ -36,7 +36,7 @@ interface(`rpm_domtrans_script',`
 	')
 	# transition to rpm script:
-	corecmd_shell_domtrans($1,rpm_script_t)
+	corecmd_shell_domtrans($1, rpm_script_t)
 	allow rpm_script_t $1:fd use;
 	allow rpm_script_t $1:fifo_file rw_file_perms;
 	allow rpm_script_t $1:process sigchld;
--- a/policy/modules/admin/su.if
+++ b/policy/modules/admin/su.if
@ -166,7 +166,7 @@ template(`su_role_template',`
 	')
 	type $1_su_t, su_domain_type;
-	domain_entry_file($1_su_t,su_exec_t)
+	domain_entry_file($1_su_t, su_exec_t)
 	domain_type($1_su_t)
 	domain_interactive_fd($1_su_t)
 	ubac_constrained($1_su_t)
--- a/policy/modules/admin/sxid.te
+++ b/policy/modules/admin/sxid.te
@ -29,7 +29,7 @@ allow sxid_t self:tcp_socket create_stream_socket_perms;
 allow sxid_t self:udp_socket create_socket_perms;
 allow sxid_t sxid_log_t:file manage_file_perms;
-logging_log_filetrans(sxid_t,sxid_log_t,file)
+logging_log_filetrans(sxid_t, sxid_log_t, file)
 manage_dirs_pattern(sxid_t, sxid_tmp_t, sxid_tmp_t)
 manage_files_pattern(sxid_t, sxid_tmp_t, sxid_tmp_t)
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@ -49,7 +49,7 @@ files_tmp_file(sysadm_passwd_tmp_t)
 type useradd_t;
 type useradd_exec_t;
 domain_obj_id_change_exemption(useradd_t)
-init_system_domain(useradd_t,useradd_exec_t)
+init_system_domain(useradd_t, useradd_exec_t)
 role system_r types useradd_t;
 ########################################
@ -210,7 +210,7 @@ files_manage_etc_files(groupadd_t)
 files_relabel_etc_files(groupadd_t)
 files_read_etc_runtime_files(groupadd_t)
-# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
+# Execute /usr/bin/{passwd, chfn, chsh} and /usr/sbin/{useradd, vipw}.
 corecmd_exec_bin(groupadd_t)
 logging_send_audit_msgs(groupadd_t)
--- a/policy/modules/apps/evolution.te
+++ b/policy/modules/apps/evolution.te
@ -480,7 +480,7 @@ userdom_search_user_home_dirs(evolution_exchange_t)
 # until properly implemented
 userdom_dontaudit_read_user_home_content_files(evolution_exchange_t)
-xserver_user_x_domain_template(evolution_exchange,evolution_exchange_t, evolution_exchange_tmpfs_t)
+xserver_user_x_domain_template(evolution_exchange, evolution_exchange_t, evolution_exchange_tmpfs_t)
 # Access evolution home
 tunable_policy(`use_nfs_home_dirs',`
--- a/policy/modules/apps/slocate.if
+++ b/policy/modules/apps/slocate.if
@ -35,7 +35,7 @@ interface(`locate_read_lib_files',`
 		type locate_var_lib_t;
 	')
-	read_files_pattern($1,locate_var_lib_t,locate_var_lib_t)
+	read_files_pattern($1, locate_var_lib_t, locate_var_lib_t)
 	allow $1 locate_var_lib_t:dir list_dir_perms;
 	files_search_var_lib($1)
 ')
--- a/policy/modules/apps/wireshark.te
+++ b/policy/modules/apps/wireshark.te
@ -54,7 +54,7 @@ corecmd_search_bin(wireshark_t)
 manage_dirs_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
 manage_files_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
 manage_lnk_files_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
-userdom_user_home_dir_filetrans(wireshark_t, wireshark_home_t,dir)
+userdom_user_home_dir_filetrans(wireshark_t, wireshark_home_t, dir)
 # Store temporary files
 manage_dirs_pattern(wireshark_t, wireshark_tmp_t, wireshark_tmp_t)
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@ -70,7 +70,7 @@ interface(`corecmd_bin_entry_type',`
 		type bin_t;
 	')
-	domain_entry_file($1,bin_t)
+	domain_entry_file($1, bin_t)
 ')
 ########################################
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@ -230,7 +230,7 @@ type netif_t, netif_type;
 sid netif gen_context(system_u:object_r:netif_t,s0 - mls_systemhigh)
 build_option(`enable_mls',`
-network_interface(lo, lo,s0 - mls_systemhigh)
+network_interface(lo, lo, s0 - mls_systemhigh)
 ',`
 typealias netif_t alias { lo_netif_t netif_lo_t };
 ')
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@ -68,8 +68,8 @@ interface(`dev_relabel_all_dev_nodes',`
 	relabelfrom_lnk_files_pattern($1, device_t, { device_t device_node })
 	relabelfrom_fifo_files_pattern($1, device_t, device_node)
 	relabelfrom_sock_files_pattern($1, device_t, device_node)
-	relabel_blk_files_pattern($1,device_t,{ device_t device_node })
+	relabel_blk_files_pattern($1, device_t,{ device_t device_node })
-	relabel_chr_files_pattern($1,device_t,{ device_t device_node })
+	relabel_chr_files_pattern($1, device_t,{ device_t device_node })
 ')
 ########################################
@ -1247,7 +1247,7 @@ interface(`dev_create_cardmgr_dev',`
 	create_chr_files_pattern($1, device_t, cardmgr_dev_t)
 	create_blk_files_pattern($1, device_t, cardmgr_dev_t)
-	filetrans_pattern($1,device_t, cardmgr_dev_t, { chr_file blk_file })
+	filetrans_pattern($1, device_t, cardmgr_dev_t, { chr_file blk_file })
 ')
 ########################################
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@ -2138,7 +2138,7 @@ interface(`files_create_boot_flag',`
 	')
 	allow $1 etc_runtime_t:file manage_file_perms;
-	filetrans_pattern($1,root_t,etc_runtime_t,file)
+	filetrans_pattern($1, root_t, etc_runtime_t, file)
 ')
 ########################################
@ -4662,7 +4662,7 @@ interface(`files_rw_generic_pids',`
 		type var_t, var_run_t;
 	')
-	list_dirs_pattern($1,var_t,var_run_t)
+	list_dirs_pattern($1, var_t, var_run_t)
 	rw_files_pattern($1, var_run_t, var_run_t)
 ')
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@ -103,7 +103,7 @@ interface(`fs_exec_noxattr',`
 		attribute noxattrfs;
 	')
-	can_exec($1,noxattrfs)
+	can_exec($1, noxattrfs)
 ')
 ########################################
@ -1455,7 +1455,7 @@ interface(`fs_read_fusefs_files',`
 		type fusefs_t;
 	')
-	read_files_pattern($1,fusefs_t,fusefs_t)
+	read_files_pattern($1, fusefs_t, fusefs_t)
 ')
 ########################################
--- a/policy/modules/services/afs.te
+++ b/policy/modules/services/afs.te
@ -65,7 +65,7 @@ allow afs_bosserver_t self:process { setsched signal_perms };
 allow afs_bosserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_bosserver_t self:udp_socket create_socket_perms;
-can_exec(afs_bosserver_t,afs_bosserver_exec_t)
+can_exec(afs_bosserver_t, afs_bosserver_exec_t)
 manage_dirs_pattern(afs_bosserver_t, afs_config_t, afs_config_t)
 manage_files_pattern(afs_bosserver_t, afs_config_t, afs_config_t)
@ -236,7 +236,7 @@ allow afs_ptserver_t self:unix_stream_socket create_stream_socket_perms;
 allow afs_ptserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_ptserver_t self:udp_socket create_socket_perms;
-read_files_pattern(afs_ptserver_t,afs_config_t,afs_config_t)
+read_files_pattern(afs_ptserver_t, afs_config_t, afs_config_t)
 allow afs_ptserver_t afs_config_t:dir list_dir_perms;
 manage_dirs_pattern(afs_ptserver_t, afs_logfile_t, afs_logfile_t)
@ -274,14 +274,14 @@ allow afs_vlserver_t self:unix_stream_socket create_stream_socket_perms;
 allow afs_vlserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_vlserver_t self:udp_socket create_socket_perms;
-read_files_pattern(afs_vlserver_t,afs_config_t,afs_config_t)
+read_files_pattern(afs_vlserver_t, afs_config_t, afs_config_t)
 allow afs_vlserver_t afs_config_t:dir list_dir_perms;
 manage_dirs_pattern(afs_vlserver_t, afs_logfile_t, afs_logfile_t)
 manage_files_pattern(afs_vlserver_t, afs_logfile_t, afs_logfile_t)
 manage_files_pattern(afs_vlserver_t, afs_dbdir_t, afs_vl_db_t)
-filetrans_pattern(afs_vlserver_t, afs_dbdir_t,afs_vl_db_t, file)
+filetrans_pattern(afs_vlserver_t, afs_dbdir_t, afs_vl_db_t, file)
 corenet_all_recvfrom_unlabeled(afs_vlserver_t)
 corenet_all_recvfrom_netlabel(afs_vlserver_t)
--- a/policy/modules/services/amavis.te
+++ b/policy/modules/services/amavis.te
@ -78,7 +78,7 @@ files_search_spool(amavis_t)
 # tmp files
 manage_files_pattern(amavis_t, amavis_tmp_t, amavis_tmp_t)
 allow amavis_t amavis_tmp_t:dir setattr;
-files_tmp_filetrans(amavis_t,amavis_tmp_t,file)
+files_tmp_filetrans(amavis_t, amavis_tmp_t, file)
 # var/lib files for amavis
 manage_dirs_pattern(amavis_t, amavis_var_lib_t, amavis_var_lib_t)
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@ -79,8 +79,8 @@ template(`apache_content_template',`
 	read_lnk_files_pattern(httpd_$1_script_t, httpd_$1_script_ra_t, httpd_$1_script_ra_t)
 	allow httpd_$1_script_t httpd_$1_script_ro_t:dir list_dir_perms;
-	read_files_pattern(httpd_$1_script_t,httpd_$1_script_ro_t,httpd_$1_script_ro_t)
+	read_files_pattern(httpd_$1_script_t, httpd_$1_script_ro_t, httpd_$1_script_ro_t)
-	read_lnk_files_pattern(httpd_$1_script_t,httpd_$1_script_ro_t,httpd_$1_script_ro_t)
+	read_lnk_files_pattern(httpd_$1_script_t, httpd_$1_script_ro_t, httpd_$1_script_ro_t)
 	manage_dirs_pattern(httpd_$1_script_t, httpd_$1_script_rw_t, httpd_$1_script_rw_t)
 	manage_files_pattern(httpd_$1_script_t, httpd_$1_script_rw_t, httpd_$1_script_rw_t)
@ -268,33 +268,33 @@ interface(`apache_role',`
 	allow $2 httpd_user_htaccess_t:file { manage_file_perms relabelto relabelfrom };
-	manage_dirs_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_dirs_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_lnk_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_lnk_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_dirs_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_dirs_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_dirs_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_dirs_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_lnk_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_lnk_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_dirs_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_dirs_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_dirs_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_dirs_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_lnk_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_lnk_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_dirs_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_dirs_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_dirs_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_dirs_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	manage_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	manage_lnk_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_lnk_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_dirs_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_dirs_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
 	tunable_policy(`httpd_enable_cgi',`
 		# If a user starts a script by hand it gets the proper context
@ -735,7 +735,7 @@ interface(`apache_exec_modules',`
 	allow $1 httpd_modules_t:dir list_dir_perms;
 	allow $1 httpd_modules_t:lnk_file read_lnk_file_perms;
-	can_exec($1,httpd_modules_t)
+	can_exec($1, httpd_modules_t)
 ')
 ########################################
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@ -430,7 +430,7 @@ tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
 ')
 tunable_policy(`httpd_ssi_exec',`
-	corecmd_shell_domtrans(httpd_t,httpd_sys_script_t)
+	corecmd_shell_domtrans(httpd_t, httpd_sys_script_t)
 	allow httpd_sys_script_t httpd_t:fd use;
 	allow httpd_sys_script_t httpd_t:fifo_file rw_file_perms;
 	allow httpd_sys_script_t httpd_t:process sigchld;
--- a/policy/modules/services/apcupsd.te
+++ b/policy/modules/services/apcupsd.te
@ -37,7 +37,7 @@ allow apcupsd_t self:unix_stream_socket create_stream_socket_perms;
 allow apcupsd_t self:tcp_socket create_stream_socket_perms;
 allow apcupsd_t apcupsd_lock_t:file manage_file_perms;
-files_lock_filetrans(apcupsd_t,apcupsd_lock_t,file)
+files_lock_filetrans(apcupsd_t, apcupsd_lock_t, file)
 allow apcupsd_t apcupsd_log_t:dir setattr;
 manage_files_pattern(apcupsd_t, apcupsd_log_t, apcupsd_log_t)
@ -47,7 +47,7 @@ manage_files_pattern(apcupsd_t, apcupsd_tmp_t, apcupsd_tmp_t)
 files_tmp_filetrans(apcupsd_t, apcupsd_tmp_t, file)
 manage_files_pattern(apcupsd_t, apcupsd_var_run_t, apcupsd_var_run_t)
-files_pid_filetrans(apcupsd_t,apcupsd_var_run_t, file)
+files_pid_filetrans(apcupsd_t, apcupsd_var_run_t, file)
 kernel_read_system_state(apcupsd_t)
@ -73,7 +73,7 @@ files_read_etc_files(apcupsd_t)
 files_search_locks(apcupsd_t)
 # Creates /etc/nologin
 files_manage_etc_runtime_files(apcupsd_t)
-files_etc_filetrans_etc_runtime(apcupsd_t,file)
+files_etc_filetrans_etc_runtime(apcupsd_t, file)
 # https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240805
 term_use_unallocated_ttys(apcupsd_t)
--- a/policy/modules/services/apm.te
+++ b/policy/modules/services/apm.te
@ -67,7 +67,7 @@ allow apmd_t self:unix_dgram_socket create_socket_perms;
 allow apmd_t self:unix_stream_socket create_stream_socket_perms;
 allow apmd_t apmd_log_t:file manage_file_perms;
-logging_log_filetrans(apmd_t,apmd_log_t,file)
+logging_log_filetrans(apmd_t, apmd_log_t, file)
 manage_dirs_pattern(apmd_t, apmd_tmp_t, apmd_tmp_t)
 manage_files_pattern(apmd_t, apmd_tmp_t, apmd_tmp_t)
@ -139,7 +139,7 @@ userdom_dontaudit_search_user_home_content(apmd_t) # Excessive?
 ifdef(`distro_redhat',`
 	allow apmd_t apmd_lock_t:file manage_file_perms;
-	files_lock_filetrans(apmd_t,apmd_lock_t,file)
+	files_lock_filetrans(apmd_t, apmd_lock_t, file)
 	can_exec(apmd_t, apmd_var_run_t)
--- a/policy/modules/services/avahi.te
+++ b/policy/modules/services/avahi.te
@ -40,7 +40,7 @@ files_var_lib_filetrans(avahi_t, avahi_var_lib_t, { dir file })
 manage_files_pattern(avahi_t, avahi_var_run_t, avahi_var_run_t)
 manage_sock_files_pattern(avahi_t, avahi_var_run_t, avahi_var_run_t)
 allow avahi_t avahi_var_run_t:dir setattr;
-files_pid_filetrans(avahi_t,avahi_var_run_t,file)
+files_pid_filetrans(avahi_t, avahi_var_run_t, file)
 kernel_read_kernel_sysctls(avahi_t)
 kernel_list_proc(avahi_t)
--- a/policy/modules/services/bind.te
+++ b/policy/modules/services/bind.te
@ -151,7 +151,7 @@ userdom_dontaudit_search_user_home_dirs(named_t)
 tunable_policy(`named_write_master_zones',`
 	manage_dirs_pattern(named_t, named_zone_t, named_zone_t)
-	manage_files_pattern(named_t, named_zone_t,named_zone_t)
+	manage_files_pattern(named_t, named_zone_t, named_zone_t)
 	manage_lnk_files_pattern(named_t, named_zone_t, named_zone_t)
 ')
--- a/policy/modules/services/bluetooth.te
+++ b/policy/modules/services/bluetooth.te
@ -77,7 +77,7 @@ filetrans_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t, { dir file
 can_exec(bluetooth_t, bluetooth_helper_exec_t)
 allow bluetooth_t bluetooth_lock_t:file manage_file_perms;
-files_lock_filetrans(bluetooth_t,bluetooth_lock_t,file)
+files_lock_filetrans(bluetooth_t, bluetooth_lock_t, file)
 manage_dirs_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
 manage_files_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
--- a/policy/modules/services/canna.if
+++ b/policy/modules/services/canna.if
@ -16,7 +16,7 @@ interface(`canna_stream_connect',`
 	')
 	files_search_pids($1)
-	stream_connect_pattern($1, canna_var_run_t, canna_var_run_t,canna_t)
+	stream_connect_pattern($1, canna_var_run_t, canna_var_run_t, canna_t)
 ')
 ########################################
--- a/policy/modules/services/clamav.te
+++ b/policy/modules/services/clamav.te
@ -120,7 +120,7 @@ cron_rw_pipes(clamd_t)
 optional_policy(`
 	amavis_read_lib_files(clamd_t)
 	amavis_read_spool_files(clamd_t)
-	amavis_spool_filetrans(clamd_t,clamd_var_run_t,sock_file)
+	amavis_spool_filetrans(clamd_t, clamd_var_run_t, sock_file)
 	amavis_create_pid_files(clamd_t)
 ')
--- a/policy/modules/services/courier.if
+++ b/policy/modules/services/courier.if
@ -35,7 +35,7 @@ template(`courier_domain_template',`
 	can_exec(courier_$1_t, courier_$1_exec_t)
-	read_files_pattern(courier_$1_t,courier_etc_t,courier_etc_t)
+	read_files_pattern(courier_$1_t, courier_etc_t, courier_etc_t)
 	allow courier_$1_t courier_etc_t:dir list_dir_perms;
 	manage_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@ -34,7 +34,7 @@ template(`cron_common_crontab_template',`
 	allow $1_t self:process signal_perms;
 	allow $1_t $1_tmp_t:file manage_file_perms;
-	files_tmp_filetrans($1_t,$1_tmp_t,file)
+	files_tmp_filetrans($1_t,$1_tmp_t, file)
 	# create files in /var/spool/cron
 	# cjp: change this to a role transition
@ -411,7 +411,7 @@ interface(`cron_anacron_domtrans_system_job',`
 		type system_cronjob_t, anacron_exec_t;
 	')
-	domtrans_pattern($1,anacron_exec_t,system_cronjob_t)
+	domtrans_pattern($1, anacron_exec_t, system_cronjob_t)
 ')
 ########################################
--- a/policy/modules/services/cron.te
+++ b/policy/modules/services/cron.te
@ -90,7 +90,7 @@ type system_cronjob_tmp_t alias system_crond_tmp_t;
 files_tmp_file(system_cronjob_tmp_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(crond_t,crond_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(crond_t, crond_exec_t, s0 - mcs_systemhigh)
 ')
 type unconfined_cronjob_t;
@ -147,7 +147,7 @@ allow crond_t self:msg { send receive };
 allow crond_t self:key { search write link };
 allow crond_t crond_var_run_t:file manage_file_perms;
-files_pid_filetrans(crond_t,crond_var_run_t,file)
+files_pid_filetrans(crond_t, crond_var_run_t, file)
 allow crond_t cron_spool_t:dir rw_dir_perms;
 allow crond_t cron_spool_t:file read_file_perms;
@ -306,7 +306,7 @@ allow system_cronjob_t crond_t:process sigchld;
 # Write /var/lock/makewhatis.lock.
 allow system_cronjob_t system_cronjob_lock_t:file manage_file_perms;
-files_lock_filetrans(system_cronjob_t,system_cronjob_lock_t,file)
+files_lock_filetrans(system_cronjob_t, system_cronjob_lock_t, file)
 # write temporary files
 manage_files_pattern(system_cronjob_t, crond_tmp_t, system_cronjob_tmp_t)
--- a/policy/modules/services/cups.te
+++ b/policy/modules/services/cups.te
@ -66,11 +66,11 @@ type ptal_var_run_t;
 files_pid_file(ptal_var_run_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(cupsd_t,cupsd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(cupsd_t, cupsd_exec_t, s0 - mcs_systemhigh)
 ')
 ifdef(`enable_mls',`
-	init_ranged_daemon_domain(cupsd_t,cupsd_exec_t,mls_systemhigh)
+	init_ranged_daemon_domain(cupsd_t, cupsd_exec_t, mls_systemhigh)
 ')
 ########################################
--- a/policy/modules/services/ddclient.te
+++ b/policy/modules/services/ddclient.te
@ -42,7 +42,7 @@ allow ddclient_t self:udp_socket create_socket_perms;
 allow ddclient_t ddclient_etc_t:file read_file_perms;
 allow ddclient_t ddclient_log_t:file manage_file_perms;
-logging_log_filetrans(ddclient_t,ddclient_log_t,file)
+logging_log_filetrans(ddclient_t, ddclient_log_t, file)
 manage_dirs_pattern(ddclient_t, ddclient_var_t, ddclient_var_t)
 manage_files_pattern(ddclient_t, ddclient_var_t, ddclient_var_t)
--- a/policy/modules/services/dnsmasq.te
+++ b/policy/modules/services/dnsmasq.te
@ -36,7 +36,7 @@ allow dnsmasq_t self:rawip_socket create_socket_perms;
 # dhcp leases
 manage_files_pattern(dnsmasq_t, dnsmasq_lease_t, dnsmasq_lease_t)
-files_var_lib_filetrans(dnsmasq_t,dnsmasq_lease_t,file)
+files_var_lib_filetrans(dnsmasq_t, dnsmasq_lease_t, file)
 manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, dnsmasq_var_run_t)
 files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, file)
--- a/policy/modules/services/exim.te
+++ b/policy/modules/services/exim.te
@ -60,7 +60,7 @@ allow exim_t self:unix_stream_socket create_stream_socket_perms;
 allow exim_t self:tcp_socket create_stream_socket_perms;
 allow exim_t self:udp_socket create_socket_perms;
-can_exec(exim_t,exim_exec_t)
+can_exec(exim_t, exim_exec_t)
 manage_files_pattern(exim_t, exim_log_t, exim_log_t)
 logging_log_filetrans(exim_t, exim_log_t, { file dir })
--- a/policy/modules/services/gpm.te
+++ b/policy/modules/services/gpm.te
@ -39,7 +39,7 @@ manage_files_pattern(gpm_t, gpm_tmp_t, gpm_tmp_t)
 files_tmp_filetrans(gpm_t, gpm_tmp_t, { file dir })
 allow gpm_t gpm_var_run_t:file manage_file_perms;
-files_pid_filetrans(gpm_t,gpm_var_run_t,file)
+files_pid_filetrans(gpm_t, gpm_var_run_t, file)
 allow gpm_t gpmctl_t:sock_file manage_sock_file_perms;
 allow gpm_t gpmctl_t:fifo_file manage_fifo_file_perms;
--- a/policy/modules/services/inetd.te
+++ b/policy/modules/services/inetd.te
@ -31,7 +31,7 @@ type inetd_child_var_run_t;
 files_pid_file(inetd_child_var_run_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(inetd_t, inetd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(inetd_t, inetd_exec_t, s0 - mcs_systemhigh)
 ')
 ########################################
--- a/policy/modules/services/kerberos.te
+++ b/policy/modules/services/kerberos.te
@ -84,7 +84,7 @@ allow kadmind_t self:tcp_socket connected_stream_socket_perms;
 allow kadmind_t self:udp_socket create_socket_perms;
 allow kadmind_t kadmind_log_t:file manage_file_perms;
-logging_log_filetrans(kadmind_t,kadmind_log_t,file)
+logging_log_filetrans(kadmind_t, kadmind_log_t, file)
 allow kadmind_t krb5_conf_t:file read_file_perms;
 dontaudit kadmind_t krb5_conf_t:file write;
--- a/policy/modules/services/ldap.te
+++ b/policy/modules/services/ldap.te
@ -61,7 +61,7 @@ manage_lnk_files_pattern(slapd_t, slapd_db_t, slapd_db_t)
 allow slapd_t slapd_etc_t:file read_file_perms;
 allow slapd_t slapd_lock_t:file manage_file_perms;
-files_lock_filetrans(slapd_t,slapd_lock_t,file)
+files_lock_filetrans(slapd_t, slapd_lock_t, file)
 # Allow access to write the replication log (should tighten this)
 manage_dirs_pattern(slapd_t, slapd_replog_t, slapd_replog_t)
--- a/policy/modules/services/lpd.te
+++ b/policy/modules/services/lpd.te
@ -148,7 +148,7 @@ files_tmp_filetrans(lpd_t, lpd_tmp_t, { file dir })
 manage_files_pattern(lpd_t, lpd_var_run_t, lpd_var_run_t)
 manage_sock_files_pattern(lpd_t, lpd_var_run_t, lpd_var_run_t)
-files_pid_filetrans(lpd_t, lpd_var_run_t,file)
+files_pid_filetrans(lpd_t, lpd_var_run_t, file)
 # Write to /var/spool/lpd.
 manage_files_pattern(lpd_t, print_spool_t, print_spool_t)
@ -304,14 +304,14 @@ tunable_policy(`use_lpd_server',`
 	manage_files_pattern(lpr_t, lpr_tmp_t, lpr_tmp_t)
 	files_tmp_filetrans(lpr_t, lpr_tmp_t, { file dir })
-	manage_files_pattern(lpr_t,print_spool_t,print_spool_t)
+	manage_files_pattern(lpr_t, print_spool_t, print_spool_t)
-	filetrans_pattern(lpr_t,print_spool_t,print_spool_t,file)
+	filetrans_pattern(lpr_t, print_spool_t, print_spool_t, file)
 	# Read and write shared files in the spool directory.
 	allow lpr_t print_spool_t:file rw_file_perms;
 	allow lpr_t printconf_t:dir list_dir_perms;
-	read_files_pattern(lpr_t,printconf_t,printconf_t)
+	read_files_pattern(lpr_t, printconf_t, printconf_t)
-	read_lnk_files_pattern(lpr_t,printconf_t,printconf_t)
+	read_lnk_files_pattern(lpr_t, printconf_t, printconf_t)
 ')
 tunable_policy(`use_nfs_home_dirs',`
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@ -16,7 +16,7 @@ interface(`memcached_domtrans',`
 		type memcached_exec_t;
 	')
-	domtrans_pattern($1,memcached_exec_t,memcached_t)
+	domtrans_pattern($1, memcached_exec_t, memcached_t)
 ')
 ########################################
--- a/policy/modules/services/memcached.te
+++ b/policy/modules/services/memcached.te
@ -40,7 +40,7 @@ corenet_udp_bind_memcache_port(memcached_t)
 manage_dirs_pattern(memcached_t, memcached_var_run_t, memcached_var_run_t)
 manage_files_pattern(memcached_t, memcached_var_run_t, memcached_var_run_t)
-files_pid_filetrans(memcached_t,memcached_var_run_t, { file dir })
+files_pid_filetrans(memcached_t, memcached_var_run_t, { file dir })
 files_read_etc_files(memcached_t)
--- a/policy/modules/services/mta.if
+++ b/policy/modules/services/mta.if
@ -257,7 +257,7 @@ interface(`mta_sendmail_mailserver',`
 		type sendmail_exec_t;
 	')
-	init_system_domain($1,sendmail_exec_t)
+	init_system_domain($1, sendmail_exec_t)
 	typeattribute $1 mailserver_domain;
 ')
--- a/policy/modules/services/munin.te
+++ b/policy/modules/services/munin.te
@ -101,7 +101,7 @@ optional_policy(`
 ')
 optional_policy(`
-	cron_system_entry(munin_t,munin_exec_t)
+	cron_system_entry(munin_t, munin_exec_t)
 ')
 optional_policy(`
--- a/policy/modules/services/networkmanager.te
+++ b/policy/modules/services/networkmanager.te
@ -57,7 +57,7 @@ files_search_tmp(NetworkManager_t)
 manage_dirs_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
 manage_files_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
 manage_sock_files_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
-files_pid_filetrans(NetworkManager_t,NetworkManager_var_run_t, { dir file sock_file })
+files_pid_filetrans(NetworkManager_t, NetworkManager_var_run_t, { dir file sock_file })
 kernel_read_system_state(NetworkManager_t)
 kernel_read_network_state(NetworkManager_t)
--- a/policy/modules/services/nis.te
+++ b/policy/modules/services/nis.te
@ -225,7 +225,7 @@ allow ypserv_t self:netlink_route_socket r_netlink_socket_perms;
 allow ypserv_t self:tcp_socket connected_stream_socket_perms;
 allow ypserv_t self:udp_socket create_socket_perms;
-manage_files_pattern(ypserv_t,var_yp_t,var_yp_t)
+manage_files_pattern(ypserv_t, var_yp_t, var_yp_t)
 allow ypserv_t ypserv_conf_t:file read_file_perms;
--- a/policy/modules/services/ntp.te
+++ b/policy/modules/services/ntp.te
@ -52,13 +52,13 @@ allow ntpd_t self:udp_socket create_socket_perms;
 manage_files_pattern(ntpd_t, ntp_drift_t, ntp_drift_t)
-can_exec(ntpd_t,ntpd_exec_t)
+can_exec(ntpd_t, ntpd_exec_t)
 read_files_pattern(ntpd_t, ntpd_key_t, ntpd_key_t)
 allow ntpd_t ntpd_log_t:dir setattr;
-manage_files_pattern(ntpd_t,ntpd_log_t,ntpd_log_t)
+manage_files_pattern(ntpd_t, ntpd_log_t, ntpd_log_t)
-logging_log_filetrans(ntpd_t,ntpd_log_t,{ file dir })
+logging_log_filetrans(ntpd_t, ntpd_log_t, { file dir })
 # for some reason it creates a file in /tmp
 manage_dirs_pattern(ntpd_t, ntpd_tmp_t, ntpd_tmp_t)
--- a/policy/modules/services/nx.te
+++ b/policy/modules/services/nx.te
@ -35,7 +35,7 @@ allow nx_server_t self:tcp_socket create_socket_perms;
 allow nx_server_t self:udp_socket create_socket_perms;
 allow nx_server_t nx_server_devpts_t:chr_file { rw_chr_file_perms setattr };
-term_create_pty(nx_server_t,nx_server_devpts_t)
+term_create_pty(nx_server_t, nx_server_devpts_t)
 manage_dirs_pattern(nx_server_t, nx_server_tmp_t, nx_server_tmp_t)
 manage_files_pattern(nx_server_t, nx_server_tmp_t, nx_server_tmp_t)
--- a/policy/modules/services/openca.if
+++ b/policy/modules/services/openca.if
@ -16,7 +16,7 @@ interface(`openca_domtrans',`
 		type openca_ca_t, openca_ca_exec_t, openca_usr_share_t;
 	')
-	domtrans_pattern($1,openca_ca_exec_t,openca_ca_t)
+	domtrans_pattern($1, openca_ca_exec_t, openca_ca_t)
 	allow $1 openca_usr_share_t:dir search_dir_perms;
 	files_search_usr($1)
 ')
--- a/policy/modules/services/postfix.if
+++ b/policy/modules/services/postfix.if
@ -365,7 +365,7 @@ interface(`postfix_exec_master',`
 		type postfix_master_exec_t;
 	')
-	can_exec($1,postfix_master_exec_t)
+	can_exec($1, postfix_master_exec_t)
 ')
 ########################################
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@ -106,7 +106,7 @@ allow postfix_master_t self:udp_socket create_socket_perms;
 allow postfix_master_t postfix_etc_t:file rw_file_perms;
-can_exec(postfix_master_t,postfix_exec_t)
+can_exec(postfix_master_t, postfix_exec_t)
 allow postfix_master_t postfix_data_t:dir manage_dir_perms;
 allow postfix_master_t postfix_data_t:file manage_file_perms;
@ -363,7 +363,7 @@ optional_policy(`
 allow postfix_pickup_t self:tcp_socket create_socket_perms;
-stream_connect_pattern(postfix_pickup_t,postfix_private_t,postfix_private_t,postfix_master_t)
+stream_connect_pattern(postfix_pickup_t, postfix_private_t, postfix_private_t, postfix_master_t)
 rw_fifo_files_pattern(postfix_pickup_t, postfix_public_t, postfix_public_t)
 rw_sock_files_pattern(postfix_pickup_t, postfix_public_t, postfix_public_t)
@ -445,7 +445,7 @@ allow postfix_postqueue_t self:tcp_socket create;
 allow postfix_postqueue_t self:udp_socket { create ioctl };
 # wants to write to /var/spool/postfix/public/showq
-stream_connect_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t,postfix_master_t)
+stream_connect_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t, postfix_master_t)
 # write to /var/spool/postfix/public/qmgr
 write_fifo_files_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t)
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@ -178,7 +178,7 @@ allow postgresql_t postgresql_exec_t:lnk_file { getattr read };
 can_exec(postgresql_t, postgresql_exec_t )
 allow postgresql_t postgresql_lock_t:file manage_file_perms;
-files_lock_filetrans(postgresql_t,postgresql_lock_t,file)
+files_lock_filetrans(postgresql_t, postgresql_lock_t, file)
 manage_files_pattern(postgresql_t, postgresql_log_t, postgresql_log_t)
 logging_log_filetrans(postgresql_t, postgresql_log_t, { file dir })
@ -268,7 +268,7 @@ optional_policy(`
 optional_policy(`
 	cron_search_spool(postgresql_t)
-	cron_system_entry(postgresql_t,postgresql_exec_t)
+	cron_system_entry(postgresql_t, postgresql_exec_t)
 ')
 optional_policy(`
--- a/policy/modules/services/procmail.te
+++ b/policy/modules/services/procmail.te
@ -30,7 +30,7 @@ allow procmail_t self:unix_dgram_socket create_socket_perms;
 allow procmail_t self:tcp_socket create_stream_socket_perms;
 allow procmail_t self:udp_socket create_socket_perms;
-can_exec(procmail_t,procmail_exec_t)
+can_exec(procmail_t, procmail_exec_t)
 # Write log to /var/log/procmail.log or /var/log/procmail/.*
 allow procmail_t procmail_log_t:dir setattr;
--- a/policy/modules/services/pyzor.te
+++ b/policy/modules/services/pyzor.te
@ -36,7 +36,7 @@ ubac_constrained(pyzor_var_lib_t)
 type pyzord_t;
 type pyzord_exec_t;
-init_daemon_domain(pyzord_t,pyzord_exec_t)
+init_daemon_domain(pyzord_t, pyzord_exec_t)
 type pyzord_log_t;
 logging_log_file(pyzord_log_t)
@ -54,7 +54,7 @@ manage_lnk_files_pattern(pyzor_t, pyzor_home_t, pyzor_home_t)
 userdom_user_home_dir_filetrans(pyzor_t, pyzor_home_t, { dir file lnk_file })
 allow pyzor_t pyzor_var_lib_t:dir list_dir_perms;
-read_files_pattern(pyzor_t,pyzor_var_lib_t,pyzor_var_lib_t)
+read_files_pattern(pyzor_t, pyzor_var_lib_t, pyzor_var_lib_t)
 files_search_var_lib(pyzor_t)
 manage_files_pattern(pyzor_t, pyzor_tmp_t, pyzor_tmp_t)
--- a/policy/modules/services/rhgb.te
+++ b/policy/modules/services/rhgb.te
@ -32,7 +32,7 @@ allow rhgb_t self:udp_socket create_socket_perms;
 allow rhgb_t self:netlink_route_socket r_netlink_socket_perms;
 allow rhgb_t rhgb_devpts_t:chr_file { rw_chr_file_perms setattr };
-term_create_pty(rhgb_t,rhgb_devpts_t)
+term_create_pty(rhgb_t, rhgb_devpts_t)
 manage_dirs_pattern(rhgb_t, rhgb_tmpfs_t, rhgb_tmpfs_t)
 manage_files_pattern(rhgb_t, rhgb_tmpfs_t, rhgb_tmpfs_t)
--- a/policy/modules/services/rwho.if
+++ b/policy/modules/services/rwho.if
@ -111,7 +111,7 @@ interface(`rwho_manage_spool_files',`
 		type rwho_spool_t;
 	')
-	manage_files_pattern($1,rwho_spool_t,rwho_spool_t)
+	manage_files_pattern($1, rwho_spool_t, rwho_spool_t)
 	files_search_spool($1)
 ')
--- a/policy/modules/services/samba.te
+++ b/policy/modules/services/samba.te
@ -537,7 +537,7 @@ corecmd_list_bin(smbmount_t)
 files_list_mnt(smbmount_t)
 files_mounton_mnt(smbmount_t)
 files_manage_etc_runtime_files(smbmount_t)
-files_etc_filetrans_etc_runtime(smbmount_t,file)
+files_etc_filetrans_etc_runtime(smbmount_t, file)
 files_read_etc_files(smbmount_t)
 auth_use_nsswitch(smbmount_t)
@ -672,7 +672,7 @@ files_list_var_lib(winbind_t)
 rw_files_pattern(winbind_t, smbd_tmp_t, smbd_tmp_t)
 allow winbind_t winbind_log_t:file manage_file_perms;
-logging_log_filetrans(winbind_t,winbind_log_t,file)
+logging_log_filetrans(winbind_t, winbind_log_t, file)
 manage_dirs_pattern(winbind_t, winbind_tmp_t, winbind_tmp_t)
 manage_files_pattern(winbind_t, winbind_tmp_t, winbind_tmp_t)
--- a/policy/modules/services/setroubleshoot.te
+++ b/policy/modules/services/setroubleshoot.te
@ -48,7 +48,7 @@ logging_log_filetrans(setroubleshootd_t, setroubleshoot_var_log_t, { file dir })
 # pid file
 manage_files_pattern(setroubleshootd_t, setroubleshoot_var_run_t, setroubleshoot_var_run_t)
 manage_sock_files_pattern(setroubleshootd_t, setroubleshoot_var_run_t, setroubleshoot_var_run_t)
-files_pid_filetrans(setroubleshootd_t,setroubleshoot_var_run_t, { file sock_file })
+files_pid_filetrans(setroubleshootd_t, setroubleshoot_var_run_t, { file sock_file })
 kernel_read_kernel_sysctls(setroubleshootd_t)
 kernel_read_system_state(setroubleshootd_t)
--- a/policy/modules/services/snmp.te
+++ b/policy/modules/services/snmp.te
@ -35,7 +35,7 @@ allow snmpd_t self:tcp_socket create_stream_socket_perms;
 allow snmpd_t self:udp_socket connected_stream_socket_perms;
 allow snmpd_t snmpd_log_t:file manage_file_perms;
-logging_log_filetrans(snmpd_t,snmpd_log_t,file)
+logging_log_filetrans(snmpd_t, snmpd_log_t, file)
 manage_dirs_pattern(snmpd_t, snmpd_var_lib_t, snmpd_var_lib_t)
 manage_files_pattern(snmpd_t, snmpd_var_lib_t, snmpd_var_lib_t)
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@ -42,7 +42,7 @@ files_tmp_file(sshd_tmp_t)
 files_poly_parent(sshd_tmp_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(sshd_t,sshd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(sshd_t, sshd_exec_t, s0 - mcs_systemhigh)
 ')
 type ssh_t;
@ -112,8 +112,8 @@ manage_fifo_files_pattern(ssh_t, ssh_tmpfs_t, ssh_tmpfs_t)
 manage_sock_files_pattern(ssh_t, ssh_tmpfs_t, ssh_tmpfs_t)
 fs_tmpfs_filetrans(ssh_t, ssh_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
-manage_dirs_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_dirs_pattern(ssh_t, home_ssh_t, home_ssh_t)
-manage_sock_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_sock_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
 userdom_user_home_dir_filetrans(ssh_t, home_ssh_t, { dir sock_file })
 # Allow the ssh program to communicate with ssh-agent.
@ -122,13 +122,13 @@ stream_connect_pattern(ssh_t, ssh_agent_tmp_t, ssh_agent_tmp_t, ssh_agent_type)
 allow ssh_t sshd_t:unix_stream_socket connectto;
 # ssh client can manage the keys and config
-manage_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
-read_lnk_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+read_lnk_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
 # ssh servers can read the user keys and config
 allow ssh_server home_ssh_t:dir list_dir_perms;
-read_files_pattern(ssh_server,home_ssh_t,home_ssh_t)
+read_files_pattern(ssh_server, home_ssh_t, home_ssh_t)
-read_lnk_files_pattern(ssh_server,home_ssh_t,home_ssh_t)
+read_lnk_files_pattern(ssh_server, home_ssh_t, home_ssh_t)
 kernel_read_kernel_sysctls(ssh_t)
--- a/policy/modules/services/ucspitcp.te
+++ b/policy/modules/services/ucspitcp.te
@ -89,6 +89,6 @@ files_read_etc_files(ucspitcp_t)
 sysnet_read_config(ucspitcp_t)
 optional_policy(`
-	daemontools_service_domain(ucspitcp_t,ucspitcp_exec_t)
+	daemontools_service_domain(ucspitcp_t, ucspitcp_exec_t)
 	daemontools_read_svc(ucspitcp_t)
 ')
--- a/policy/modules/services/watchdog.te
+++ b/policy/modules/services/watchdog.te
@ -71,7 +71,7 @@ domain_kill_all_domains(watchdog_t)
 files_read_etc_files(watchdog_t)
 # for updating mtab on umount
 files_manage_etc_runtime_files(watchdog_t)
-files_etc_filetrans_etc_runtime(watchdog_t,file)
+files_etc_filetrans_etc_runtime(watchdog_t, file)
 fs_unmount_xattr_fs(watchdog_t)
 fs_getattr_all_fs(watchdog_t)
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@ -85,7 +85,7 @@ interface(`xserver_role',`
 	allow $2 xauth_t:process signal;
 	# allow ps to show xauth
-	ps_process_pattern($2,xauth_t)
+	ps_process_pattern($2, xauth_t)
 	allow $2 xauth_home_t:file manage_file_perms;
 	allow $2 xauth_home_t:file { relabelfrom relabelto };
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@ -191,7 +191,7 @@ type xserver_exec_t;
 typealias xserver_t alias { user_xserver_t staff_xserver_t sysadm_xserver_t };
 typealias xserver_t alias { auditadm_xserver_t secadm_xserver_t };
 xserver_object_types_template(xdm)
-xserver_common_x_domain_template(xdm,xdm_t)
+xserver_common_x_domain_template(xdm, xdm_t)
 init_system_domain(xserver_t, xserver_exec_t)
 ubac_constrained(xserver_t)
@ -215,8 +215,8 @@ type xserver_log_t;
 logging_log_file(xserver_log_t)
 ifdef(`enable_mcs',`
-	init_ranged_domain(xdm_t,xdm_exec_t,s0 - mcs_systemhigh)
+	init_ranged_domain(xdm_t, xdm_exec_t, s0 - mcs_systemhigh)
-	init_ranged_daemon_domain(xdm_t,xdm_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(xdm_t, xdm_exec_t, s0 - mcs_systemhigh)
 ')
 optional_policy(`
@ -360,11 +360,11 @@ allow xdm_t xserver_t:process { noatsecure siginh rlimitinh signal sigkill };
 allow xdm_t xserver_t:shm rw_shm_perms;
 # connect to xdm xserver over stream socket
-stream_connect_pattern(xdm_t,xserver_tmp_t,xserver_tmp_t,xserver_t)
+stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
 # Remove /tmp/.X11-unix/X0.
-delete_files_pattern(xdm_t,xserver_tmp_t,xserver_tmp_t)
+delete_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
-delete_sock_files_pattern(xdm_t,xserver_tmp_t,xserver_tmp_t)
+delete_sock_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
 manage_dirs_pattern(xdm_t, xserver_log_t, xserver_log_t)
 manage_files_pattern(xdm_t, xserver_log_t, xserver_log_t)
@ -473,7 +473,7 @@ userdom_read_user_home_content_files(xdm_t)
 userdom_read_all_users_state(xdm_t)
 userdom_signal_all_users(xdm_t)
-xserver_rw_session(xdm_t,xdm_tmpfs_t)
+xserver_rw_session(xdm_t, xdm_tmpfs_t)
 xserver_unconfined(xdm_t)
 tunable_policy(`use_nfs_home_dirs',`
@ -622,7 +622,7 @@ manage_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
 manage_sock_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
 files_tmp_filetrans(xserver_t, xserver_tmp_t, { file dir sock_file })
-filetrans_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t,sock_file)
+filetrans_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t, sock_file)
 manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
 manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
@ -637,7 +637,7 @@ files_search_var_lib(xserver_t)
 # Create files in /var/log with the xserver_log_t type.
 manage_files_pattern(xserver_t, xserver_log_t, xserver_log_t)
-logging_log_filetrans(xserver_t, xserver_log_t,file)
+logging_log_filetrans(xserver_t, xserver_log_t, file)
 kernel_read_system_state(xserver_t)
 kernel_read_device_sysctls(xserver_t)
--- a/policy/modules/system/application.te
+++ b/policy/modules/system/application.te
@ -1,5 +1,5 @@
-policy_module(application,1.1.0)
+policy_module(application, 1.1.0)
 # Attribute of user applications
 attribute application_domain_type;
@ -11,4 +11,3 @@ optional_policy(`
 	ssh_sigchld(application_domain_type)
 	ssh_rw_stream_sockets(application_domain_type)
 ')
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@ -125,7 +125,7 @@ interface(`auth_login_entry_type',`
 		type login_exec_t;
 	')
-	domain_entry_file($1,login_exec_t)
+	domain_entry_file($1, login_exec_t)
 ')
 ########################################
@ -149,7 +149,7 @@ interface(`auth_domtrans_login_program',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,login_exec_t,$2)
+	domtrans_pattern($1, login_exec_t,$2)
 ')
 ########################################
@ -276,7 +276,7 @@ interface(`auth_var_filetrans_cache',`
 		type auth_cache_t;
 	')
-	files_var_filetrans($1,auth_cache_t,{ file dir } )
+	files_var_filetrans($1, auth_cache_t, { file dir } )
 ')
 ########################################
@ -369,7 +369,7 @@ interface(`auth_domtrans_upd_passwd',`
 		type updpwd_t, updpwd_exec_t;
 	')
-	domtrans_pattern($1,updpwd_exec_t,updpwd_t)
+	domtrans_pattern($1, updpwd_exec_t, updpwd_t)
 	auth_dontaudit_read_shadow($1)
 ')
@ -585,7 +585,7 @@ interface(`auth_etc_filetrans_shadow',`
 		type shadow_t;
 	')
-	files_etc_filetrans($1,shadow_t,file)
+	files_etc_filetrans($1, shadow_t, file)
 ')
 #######################################
@ -743,7 +743,7 @@ interface(`auth_domtrans_pam',`
 		type pam_t, pam_exec_t;
 	')
-	domtrans_pattern($1,pam_exec_t,pam_t)
+	domtrans_pattern($1, pam_exec_t, pam_t)
 ')
 ########################################
@ -803,7 +803,7 @@ interface(`auth_exec_pam',`
 		type pam_exec_t;
 	')
-	can_exec($1,pam_exec_t)
+	can_exec($1, pam_exec_t)
 ')
 ########################################
@ -921,7 +921,7 @@ interface(`auth_domtrans_pam_console',`
 		type pam_console_t, pam_console_exec_t;
 	')
-	domtrans_pattern($1,pam_console_exec_t,pam_console_t)
+	domtrans_pattern($1, pam_console_exec_t, pam_console_t)
 ')
 ########################################
@ -1001,8 +1001,8 @@ interface(`auth_manage_pam_console_data',`
 	')
 	files_search_pids($1)
-	manage_files_pattern($1,pam_var_console_t,pam_var_console_t)
+	manage_files_pattern($1, pam_var_console_t, pam_var_console_t)
-	manage_lnk_files_pattern($1,pam_var_console_t,pam_var_console_t)
+	manage_lnk_files_pattern($1, pam_var_console_t, pam_var_console_t)
 ')
 #######################################
@ -1022,7 +1022,7 @@ interface(`auth_delete_pam_console_data',`
 	files_search_var($1)
 	files_search_pids($1)
-	delete_files_pattern($1,pam_var_console_t,pam_var_console_t)
+	delete_files_pattern($1, pam_var_console_t, pam_var_console_t)
 ')
 ########################################
@ -1168,7 +1168,7 @@ interface(`auth_domtrans_utempter',`
 		type utempter_t, utempter_exec_t;
 	')
-	domtrans_pattern($1,utempter_exec_t,utempter_t)
+	domtrans_pattern($1, utempter_exec_t, utempter_t)
 ')
 ########################################
@ -1343,7 +1343,7 @@ interface(`auth_log_filetrans_login_records',`
 		type wtmp_t;
 	')
-	logging_log_filetrans($1,wtmp_t,file)
+	logging_log_filetrans($1, wtmp_t, file)
 ')
 ########################################
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@ -31,7 +31,7 @@ application_executable_file(login_exec_t)
 type pam_console_t;
 type pam_console_exec_t;
-init_system_domain(pam_console_t,pam_console_exec_t)
+init_system_domain(pam_console_t, pam_console_exec_t)
 role system_r types pam_console_t;
 type pam_t;
@ -39,7 +39,7 @@ domain_type(pam_t)
 role system_r types pam_t;
 type pam_exec_t;
-domain_entry_file(pam_t,pam_exec_t)
+domain_entry_file(pam_t, pam_exec_t)
 type pam_tmp_t;
 files_tmp_file(pam_tmp_t)
@ -59,13 +59,13 @@ neverallow ~can_relabelto_shadow_passwords shadow_t:file relabelto;
 type updpwd_t;
 type updpwd_exec_t;
 domain_type(updpwd_t)
-domain_entry_file(updpwd_t,updpwd_exec_t)
+domain_entry_file(updpwd_t, updpwd_exec_t)
 domain_obj_id_change_exemption(updpwd_t)
 role system_r types updpwd_t;
 type utempter_t;
 type utempter_exec_t;
-application_domain(utempter_t,utempter_exec_t)
+application_domain(utempter_t, utempter_exec_t)
 #
 # var_auth_t is the type of /var/lib/auth, usually
@ -147,8 +147,8 @@ allow pam_t self:sem create_sem_perms;
 allow pam_t self:msgq create_msgq_perms;
 allow pam_t self:msg { send receive };
-delete_files_pattern(pam_t,pam_var_run_t,pam_var_run_t)
+delete_files_pattern(pam_t, pam_var_run_t, pam_var_run_t)
-read_files_pattern(pam_t,pam_var_run_t,pam_var_run_t)
+read_files_pattern(pam_t, pam_var_run_t, pam_var_run_t)
 files_list_pids(pam_t)
 allow pam_t pam_tmp_t:dir manage_dir_perms;
@ -193,8 +193,8 @@ dontaudit pam_console_t self:capability sys_tty_config;
 allow pam_console_t self:process { sigchld sigkill sigstop signull signal };
 # for /var/run/console.lock checking
-read_files_pattern(pam_console_t,pam_var_console_t,pam_var_console_t)
+read_files_pattern(pam_console_t, pam_var_console_t, pam_var_console_t)
-read_lnk_files_pattern(pam_console_t,pam_var_console_t,pam_var_console_t)
+read_lnk_files_pattern(pam_console_t, pam_var_console_t, pam_var_console_t)
 dontaudit pam_console_t pam_var_console_t:file write;
 kernel_read_kernel_sysctls(pam_console_t)
--- a/policy/modules/system/clock.if
+++ b/policy/modules/system/clock.if
@ -15,7 +15,7 @@ interface(`clock_domtrans',`
 		type hwclock_t, hwclock_exec_t;
 	')
-	domtrans_pattern($1,hwclock_exec_t,hwclock_t)
+	domtrans_pattern($1, hwclock_exec_t, hwclock_t)
 ')
 ########################################
@ -59,7 +59,7 @@ interface(`clock_exec',`
 		type hwclock_exec_t;
 	')
-	can_exec($1,hwclock_exec_t)
+	can_exec($1, hwclock_exec_t)
 ')
 ########################################
--- a/policy/modules/system/clock.te
+++ b/policy/modules/system/clock.te
@ -11,7 +11,7 @@ files_type(adjtime_t)
 type hwclock_t;
 type hwclock_exec_t;
-init_system_domain(hwclock_t,hwclock_exec_t)
+init_system_domain(hwclock_t, hwclock_exec_t)
 role system_r types hwclock_t;
 ########################################
--- a/policy/modules/system/daemontools.te
+++ b/policy/modules/system/daemontools.te
@ -1,5 +1,5 @@
-policy_module(daemontools,1.2.0)
+policy_module(daemontools, 1.2.0)
 ########################################
 #
@ -14,18 +14,18 @@ files_type(svc_log_t)
 type svc_multilog_t;
 type svc_multilog_exec_t;
-application_domain(svc_multilog_t,svc_multilog_exec_t)
+application_domain(svc_multilog_t, svc_multilog_exec_t)
 role system_r types svc_multilog_t;
 type svc_run_t;
 type svc_run_exec_t;
-application_domain(svc_run_t,svc_run_exec_t)
+application_domain(svc_run_t, svc_run_exec_t)
 role system_r types svc_run_t;
 type svc_start_t;
 type svc_start_exec_t;
-init_domain(svc_start_t,svc_start_exec_t)
+init_domain(svc_start_t, svc_start_exec_t)
-init_system_domain(svc_start_t,svc_start_exec_t)
+init_system_domain(svc_start_t, svc_start_exec_t)
 role system_r types svc_start_t;
 type svc_svc_t;
@ -37,7 +37,7 @@ files_type(svc_svc_t)
 #
 # multilog creates /service/*/log/status
-manage_files_pattern(svc_multilog_t,svc_svc_t,svc_svc_t)
+manage_files_pattern(svc_multilog_t, svc_svc_t, svc_svc_t)
 init_use_fds(svc_multilog_t)
--- a/policy/modules/system/fstools.if
+++ b/policy/modules/system/fstools.if
@ -16,7 +16,7 @@ interface(`fstools_domtrans',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,fsadm_exec_t,fsadm_t)
+	domtrans_pattern($1, fsadm_exec_t, fsadm_t)
 ')
 ########################################
@ -60,7 +60,7 @@ interface(`fstools_exec',`
 		type fsadm_exec_t;
 	')
-	can_exec($1,fsadm_exec_t)
+	can_exec($1, fsadm_exec_t)
 ')
 ########################################
--- a/policy/modules/system/fstools.te
+++ b/policy/modules/system/fstools.te
@ -8,7 +8,7 @@ policy_module(fstools, 1.12.1)
 type fsadm_t;
 type fsadm_exec_t;
-init_system_domain(fsadm_t,fsadm_exec_t)
+init_system_domain(fsadm_t, fsadm_exec_t)
 role system_r types fsadm_t;
 type fsadm_log_t;
@ -48,8 +48,8 @@ files_tmp_filetrans(fsadm_t, fsadm_tmp_t, { file dir })
 # log files
 allow fsadm_t fsadm_log_t:dir setattr;
-manage_files_pattern(fsadm_t,fsadm_log_t,fsadm_log_t)
+manage_files_pattern(fsadm_t, fsadm_log_t, fsadm_log_t)
-logging_log_filetrans(fsadm_t,fsadm_log_t,file)
+logging_log_filetrans(fsadm_t, fsadm_log_t, file)
 # Enable swapping to files
 allow fsadm_t swapfile_t:file { rw_file_perms swapon };
@ -127,7 +127,7 @@ files_manage_lost_found(fsadm_t)
 files_manage_isid_type_dirs(fsadm_t)
 # Write to /etc/mtab.
 files_manage_etc_runtime_files(fsadm_t)
-files_etc_filetrans_etc_runtime(fsadm_t,file)
+files_etc_filetrans_etc_runtime(fsadm_t, file)
 # Access to /initrd devices
 files_rw_isid_type_dirs(fsadm_t)
 files_rw_isid_type_blk_files(fsadm_t)
@ -174,7 +174,7 @@ optional_policy(`
 optional_policy(`
 	# for smartctl cron jobs
-	cron_system_entry(fsadm_t,fsadm_exec_t)
+	cron_system_entry(fsadm_t, fsadm_exec_t)
 ')
 optional_policy(`
--- a/policy/modules/system/getty.if
+++ b/policy/modules/system/getty.if
@ -16,7 +16,7 @@ interface(`getty_domtrans',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,getty_exec_t,getty_t)
+	domtrans_pattern($1, getty_exec_t, getty_t)
 ')
 ########################################
--- a/policy/modules/system/getty.te
+++ b/policy/modules/system/getty.te
@ -8,7 +8,7 @@ policy_module(getty, 1.7.0)
 type getty_t;
 type getty_exec_t;
-init_domain(getty_t,getty_exec_t)
+init_domain(getty_t, getty_exec_t)
 init_system_domain(getty_t, getty_exec_t)
 domain_interactive_fd(getty_t)
@ -39,22 +39,22 @@ dontaudit getty_t self:capability sys_tty_config;
 allow getty_t self:process { getpgid setpgid getsession signal_perms };
 allow getty_t self:fifo_file rw_fifo_file_perms;
-read_files_pattern(getty_t,getty_etc_t,getty_etc_t)
+read_files_pattern(getty_t, getty_etc_t, getty_etc_t)
-read_lnk_files_pattern(getty_t,getty_etc_t,getty_etc_t)
+read_lnk_files_pattern(getty_t, getty_etc_t, getty_etc_t)
-files_etc_filetrans(getty_t,getty_etc_t,{ file dir })
+files_etc_filetrans(getty_t, getty_etc_t,{ file dir })
 allow getty_t getty_lock_t:file manage_file_perms;
-files_lock_filetrans(getty_t,getty_lock_t,file)
+files_lock_filetrans(getty_t, getty_lock_t, file)
 allow getty_t getty_log_t:file manage_file_perms;
-logging_log_filetrans(getty_t,getty_log_t,file)
+logging_log_filetrans(getty_t, getty_log_t, file)
 allow getty_t getty_tmp_t:file manage_file_perms;
 allow getty_t getty_tmp_t:dir manage_dir_perms;
-files_tmp_filetrans(getty_t,getty_tmp_t,{ file dir })
+files_tmp_filetrans(getty_t, getty_tmp_t, { file dir })
-manage_files_pattern(getty_t,getty_var_run_t,getty_var_run_t)
+manage_files_pattern(getty_t, getty_var_run_t, getty_var_run_t)
-files_pid_filetrans(getty_t,getty_var_run_t,file)
+files_pid_filetrans(getty_t, getty_var_run_t, file)
 kernel_list_proc(getty_t)
 kernel_read_proc_symlinks(getty_t)
--- a/policy/modules/system/hostname.if
+++ b/policy/modules/system/hostname.if
@ -16,7 +16,7 @@ interface(`hostname_domtrans',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,hostname_exec_t,hostname_t)
+	domtrans_pattern($1, hostname_exec_t, hostname_t)
 ')
 ########################################
@ -61,5 +61,5 @@ interface(`hostname_exec',`
 	')
 	corecmd_search_bin($1)
-	can_exec($1,hostname_exec_t)
+	can_exec($1, hostname_exec_t)
 ')
--- a/policy/modules/system/hostname.te
+++ b/policy/modules/system/hostname.te
@ -8,7 +8,7 @@ policy_module(hostname, 1.6.0)
 type hostname_t;
 type hostname_exec_t;
-init_system_domain(hostname_t,hostname_exec_t)
+init_system_domain(hostname_t, hostname_exec_t)
 role system_r types hostname_t;
 ########################################
--- a/policy/modules/system/hotplug.if
+++ b/policy/modules/system/hotplug.if
@ -19,7 +19,7 @@ interface(`hotplug_domtrans',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,hotplug_exec_t,hotplug_t)
+	domtrans_pattern($1, hotplug_exec_t, hotplug_t)
 ')
 ########################################
@ -38,7 +38,7 @@ interface(`hotplug_exec',`
 	')
 	corecmd_search_bin($1)
-	can_exec($1,hotplug_exec_t)
+	can_exec($1, hotplug_exec_t)
 ')
 ########################################
@ -151,8 +151,8 @@ interface(`hotplug_read_config',`
 	files_search_etc($1)
 	allow $1 hotplug_etc_t:dir list_dir_perms;
-	read_files_pattern($1,hotplug_etc_t,hotplug_etc_t)
+	read_files_pattern($1, hotplug_etc_t, hotplug_etc_t)
-	read_lnk_files_pattern($1,hotplug_etc_t,hotplug_etc_t)
+	read_lnk_files_pattern($1, hotplug_etc_t, hotplug_etc_t)
 ')
 ########################################
--- a/policy/modules/system/hotplug.te
+++ b/policy/modules/system/hotplug.te
@ -8,12 +8,12 @@ policy_module(hotplug, 1.11.2)
 type hotplug_t;
 type hotplug_exec_t;
-kernel_domtrans_to(hotplug_t,hotplug_exec_t)
+kernel_domtrans_to(hotplug_t, hotplug_exec_t)
-init_daemon_domain(hotplug_t,hotplug_exec_t)
+init_daemon_domain(hotplug_t, hotplug_exec_t)
 type hotplug_etc_t;
 files_config_file(hotplug_etc_t)
-init_daemon_domain(hotplug_t,hotplug_etc_t)
+init_daemon_domain(hotplug_t, hotplug_etc_t)
 type hotplug_var_run_t;
 files_pid_file(hotplug_var_run_t)
@ -33,15 +33,15 @@ allow hotplug_t self:netlink_route_socket r_netlink_socket_perms;
 allow hotplug_t self:udp_socket create_socket_perms;
 allow hotplug_t self:tcp_socket connected_stream_socket_perms;
-read_files_pattern(hotplug_t,hotplug_etc_t,hotplug_etc_t)
+read_files_pattern(hotplug_t, hotplug_etc_t, hotplug_etc_t)
-read_lnk_files_pattern(hotplug_t,hotplug_etc_t,hotplug_etc_t)
+read_lnk_files_pattern(hotplug_t, hotplug_etc_t, hotplug_etc_t)
-can_exec(hotplug_t,hotplug_etc_t)
+can_exec(hotplug_t, hotplug_etc_t)
 allow hotplug_t hotplug_etc_t:dir list_dir_perms;
-can_exec(hotplug_t,hotplug_exec_t)
+can_exec(hotplug_t, hotplug_exec_t)
-manage_files_pattern(hotplug_t,hotplug_var_run_t,hotplug_var_run_t)
+manage_files_pattern(hotplug_t, hotplug_var_run_t, hotplug_var_run_t)
-files_pid_filetrans(hotplug_t,hotplug_var_run_t,file)
+files_pid_filetrans(hotplug_t, hotplug_var_run_t, file)
 kernel_sigchld(hotplug_t)
 kernel_setpgid(hotplug_t)
@ -83,7 +83,7 @@ domain_dontaudit_getattr_all_domains(hotplug_t)
 files_read_etc_files(hotplug_t)
 files_manage_etc_runtime_files(hotplug_t)
-files_etc_filetrans_etc_runtime(hotplug_t,file)
+files_etc_filetrans_etc_runtime(hotplug_t, file)
 files_exec_etc_files(hotplug_t)
 # for when filesystems are not mounted early in the boot:
 files_dontaudit_search_isid_type_dirs(hotplug_t)
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@ -334,7 +334,7 @@ interface(`init_domtrans',`
 		type init_t, init_exec_t;
 	')
-	domtrans_pattern($1,init_exec_t,init_t)
+	domtrans_pattern($1, init_exec_t, init_t)
 ')
 ########################################
@ -354,7 +354,7 @@ interface(`init_exec',`
 	')
 	corecmd_search_bin($1)
-	can_exec($1,init_exec_t)
+	can_exec($1, init_exec_t)
 ')
 ########################################
@ -604,7 +604,7 @@ interface(`init_script_file_entry_type',`
 		type initrc_exec_t;
 	')
-	domain_entry_file($1,initrc_exec_t)
+	domain_entry_file($1, initrc_exec_t)
 ')
 ########################################
@ -623,7 +623,7 @@ interface(`init_spec_domtrans_script',`
 	')
 	files_list_etc($1)
-	spec_domtrans_pattern($1,initrc_exec_t,initrc_t)
+	spec_domtrans_pattern($1, initrc_exec_t, initrc_t)
 	ifdef(`enable_mcs',`
 		range_transition $1 initrc_exec_t:process s0;
@ -650,7 +650,7 @@ interface(`init_domtrans_script',`
 	')
 	files_list_etc($1)
-	domtrans_pattern($1,initrc_exec_t,initrc_t)
+	domtrans_pattern($1, initrc_exec_t, initrc_t)
 	ifdef(`enable_mcs',`
 		range_transition $1 initrc_exec_t:process s0;
@ -692,7 +692,7 @@ interface(`init_script_file_domtrans',`
 	')
 	files_list_etc($1)
-	domain_auto_trans($1,initrc_exec_t,$2)
+	domain_auto_trans($1, initrc_exec_t,$2)
 ')
 ########################################
@ -863,7 +863,7 @@ interface(`init_exec_script_files',`
 	')
 	files_list_etc($1)
-	can_exec($1,initrc_exec_t)
+	can_exec($1, initrc_exec_t)
 ')
 ########################################
@ -939,9 +939,9 @@ interface(`init_read_script_state',`
 	')
 	kernel_search_proc($1)
-	read_files_pattern($1,initrc_t,initrc_t)
+	read_files_pattern($1, initrc_t, initrc_t)
-	read_lnk_files_pattern($1,initrc_t,initrc_t)
+	read_lnk_files_pattern($1, initrc_t, initrc_t)
-	list_dirs_pattern($1,initrc_t,initrc_t)
+	list_dirs_pattern($1, initrc_t, initrc_t)
 	# should move this to separate interface
 	allow $1 initrc_t:process getattr;
@ -1247,7 +1247,7 @@ interface(`init_getattr_script_status_files',`
 		type initrc_state_t;
 	')
-	getattr_files_pattern($1,initrc_state_t,initrc_state_t)
+	getattr_files_pattern($1, initrc_state_t, initrc_state_t)
 ')
 ########################################
@ -1286,7 +1286,7 @@ interface(`init_rw_script_tmp_files',`
 	')
 	files_search_tmp($1)
-	rw_files_pattern($1,initrc_tmp_t,initrc_tmp_t)
+	rw_files_pattern($1, initrc_tmp_t, initrc_tmp_t)
 ')
 ########################################
@ -1316,7 +1316,7 @@ interface(`init_script_tmp_filetrans',`
 	')
 	files_search_tmp($1)
-	filetrans_pattern($1,initrc_tmp_t,$2,$3)
+	filetrans_pattern($1, initrc_tmp_t, $2, $3)
 ')
 ########################################
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@ -15,7 +15,7 @@ gen_require(`
 ## Enable support for upstart as the init program.
 ## </p>
 ## </desc>
-gen_tunable(init_upstart,false)
+gen_tunable(init_upstart, false)
 # used for direct running of init scripts
 # by admin domains
@ -36,8 +36,8 @@ attribute daemon;
 type init_t;
 type init_exec_t;
 domain_type(init_t)
-domain_entry_file(init_t,init_exec_t)
+domain_entry_file(init_t, init_exec_t)
-kernel_domtrans_to(init_t,init_exec_t)
+kernel_domtrans_to(init_t, init_exec_t)
 role system_r types init_t;
 #
@ -58,7 +58,7 @@ mls_trusted_object(initctl_t)
 type initrc_t, init_script_domain_type, init_run_all_scripts_domain;
 type initrc_exec_t, init_script_file_type;
 domain_type(initrc_t)
-domain_entry_file(initrc_t,initrc_exec_t)
+domain_entry_file(initrc_t, initrc_exec_t)
 role system_r types initrc_t;
 # should be part of the true block
 # of the below init_upstart tunable
@ -79,7 +79,7 @@ type initrc_var_run_t;
 files_pid_file(initrc_var_run_t)
 ifdef(`enable_mls',`
-	kernel_ranged_domtrans_to(init_t,init_exec_t,s0 - mls_systemhigh)
+	kernel_ranged_domtrans_to(init_t, init_exec_t, s0 - mls_systemhigh)
 ')
 ########################################
@ -99,16 +99,16 @@ allow init_t self:capability ~sys_module;
 allow init_t self:fifo_file rw_fifo_file_perms;
 # Re-exec itself
-can_exec(init_t,init_exec_t)
+can_exec(init_t, init_exec_t)
 allow init_t initrc_t:unix_stream_socket connectto;
 # For /var/run/shutdown.pid.
 allow init_t init_var_run_t:file manage_file_perms;
-files_pid_filetrans(init_t,init_var_run_t,file)
+files_pid_filetrans(init_t, init_var_run_t, file)
 allow init_t initctl_t:fifo_file manage_fifo_file_perms;
-dev_filetrans(init_t,initctl_t,fifo_file)
+dev_filetrans(init_t, initctl_t, fifo_file)
 fs_associate_tmpfs(initctl_t)
 # Modify utmp.
@ -133,7 +133,7 @@ files_read_etc_files(init_t)
 files_rw_generic_pids(init_t)
 files_dontaudit_search_isid_type_dirs(init_t)
 files_manage_etc_runtime_files(init_t)
-files_etc_filetrans_etc_runtime(init_t,file)
+files_etc_filetrans_etc_runtime(init_t, file)
 # Run /etc/X11/prefdm:
 files_exec_etc_files(init_t)
 # file descriptors inherited from the rootfs:
@ -173,11 +173,11 @@ ifdef(`distro_gentoo',`
 ifdef(`distro_redhat',`
 	fs_rw_tmpfs_chr_files(init_t)
-	fs_tmpfs_filetrans(init_t,initctl_t,fifo_file)
+	fs_tmpfs_filetrans(init_t, initctl_t, fifo_file)
 ')
 tunable_policy(`init_upstart',`
-	corecmd_shell_domtrans(init_t,initrc_t)
+	corecmd_shell_domtrans(init_t, initrc_t)
 ',`
 	# Run the shell in the sysadm role for single-user mode.
 	# causes problems with upstart
@ -214,7 +214,7 @@ allow initrc_t self:udp_socket create_socket_perms;
 allow initrc_t self:fifo_file rw_file_perms;
 allow initrc_t initrc_devpts_t:chr_file rw_term_perms;
-term_create_pty(initrc_t,initrc_devpts_t)
+term_create_pty(initrc_t, initrc_devpts_t)
 # Going to single user mode
 init_exec(initrc_t)
@ -223,18 +223,18 @@ can_exec(initrc_t, init_script_file_type)
 domtrans_pattern(init_run_all_scripts_domain, initrc_exec_t, initrc_t)
-manage_dirs_pattern(initrc_t,initrc_state_t,initrc_state_t)
+manage_dirs_pattern(initrc_t, initrc_state_t, initrc_state_t)
-manage_files_pattern(initrc_t,initrc_state_t,initrc_state_t)
+manage_files_pattern(initrc_t, initrc_state_t, initrc_state_t)
-manage_lnk_files_pattern(initrc_t,initrc_state_t,initrc_state_t)
+manage_lnk_files_pattern(initrc_t, initrc_state_t, initrc_state_t)
-manage_fifo_files_pattern(initrc_t,initrc_state_t,initrc_state_t)
+manage_fifo_files_pattern(initrc_t, initrc_state_t, initrc_state_t)
 allow initrc_t initrc_var_run_t:file manage_file_perms;
-files_pid_filetrans(initrc_t,initrc_var_run_t,file)
+files_pid_filetrans(initrc_t, initrc_var_run_t, file)
-can_exec(initrc_t,initrc_tmp_t)
+can_exec(initrc_t, initrc_tmp_t)
 allow initrc_t initrc_tmp_t:file manage_file_perms;
 allow initrc_t initrc_tmp_t:dir manage_dir_perms;
-files_tmp_filetrans(initrc_t,initrc_tmp_t, { file dir })
+files_tmp_filetrans(initrc_t, initrc_tmp_t, { file dir })
 init_write_initctl(initrc_t)
@ -349,7 +349,7 @@ files_delete_all_pids(initrc_t)
 files_delete_all_pid_dirs(initrc_t)
 files_read_etc_files(initrc_t)
 files_manage_etc_runtime_files(initrc_t)
-files_etc_filetrans_etc_runtime(initrc_t,file)
+files_etc_filetrans_etc_runtime(initrc_t, file)
 files_manage_generic_locks(initrc_t)
 files_exec_etc_files(initrc_t)
 files_read_usr_files(initrc_t)
@ -391,7 +391,7 @@ userdom_use_user_terminals(initrc_t)
 ifdef(`distro_debian',`
 	dev_setattr_generic_dirs(initrc_t)
-	fs_tmpfs_filetrans(initrc_t,initrc_var_run_t,dir)
+	fs_tmpfs_filetrans(initrc_t, initrc_var_run_t, dir)
 	# for storing state under /dev/shm
 	fs_setattr_tmpfs_dirs(initrc_t)
@ -420,7 +420,7 @@ ifdef(`distro_gentoo',`
 	# needed until baselayout is fixed to have the
 	# restorecon on /dev to again be immediately after
 	# mounting tmpfs on /dev
-	fs_tmpfs_filetrans(initrc_t,initrc_state_t,file)
+	fs_tmpfs_filetrans(initrc_t, initrc_state_t, file)
 	# init scripts touch this
 	clock_dontaudit_write_adjtime(initrc_t)
@ -735,7 +735,7 @@ optional_policy(`
 optional_policy(`
 	# allow init scripts to su
-	su_restricted_domain_template(initrc,initrc_t,system_r)
+	su_restricted_domain_template(initrc, initrc_t, system_r)
 ')
 optional_policy(`
--- a/policy/modules/system/ipsec.if
+++ b/policy/modules/system/ipsec.if
@ -15,7 +15,7 @@ interface(`ipsec_domtrans',`
 		type ipsec_t, ipsec_exec_t;
 	')
-	domtrans_pattern($1,ipsec_exec_t,ipsec_t)
+	domtrans_pattern($1, ipsec_exec_t, ipsec_t)
 ')
 ########################################
@ -34,7 +34,7 @@ interface(`ipsec_stream_connect',`
 	')
 	files_search_pids($1)
-	stream_connect_pattern($1,ipsec_var_run_t,ipsec_var_run_t,ipsec_t)
+	stream_connect_pattern($1, ipsec_var_run_t, ipsec_var_run_t, ipsec_t)
 ')
 ########################################
@ -70,7 +70,7 @@ interface(`ipsec_exec_mgmt',`
 		type ipsec_exec_t;
 	')
-	can_exec($1,ipsec_exec_t)
+	can_exec($1, ipsec_exec_t)
 ')
 ########################################
@ -166,7 +166,7 @@ interface(`ipsec_manage_pid',`
 	')
 	files_search_pids($1)
-	manage_files_pattern($1,ipsec_var_run_t,ipsec_var_run_t)
+	manage_files_pattern($1, ipsec_var_run_t, ipsec_var_run_t)
 ')
 ########################################
@ -184,7 +184,7 @@ interface(`ipsec_domtrans_racoon',`
 		type racoon_t, racoon_exec_t;
 	')
-	domtrans_pattern($1,racoon_exec_t,racoon_t)
+	domtrans_pattern($1, racoon_exec_t, racoon_t)
 ')
 ########################################
@ -202,7 +202,7 @@ interface(`ipsec_domtrans_setkey',`
 		type setkey_t, setkey_exec_t;
 	')
-	domtrans_pattern($1,setkey_exec_t,setkey_t)
+	domtrans_pattern($1, setkey_exec_t, setkey_t)
 ')
 ########################################
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@ -8,7 +8,7 @@ policy_module(ipsec, 1.9.1)
 type ipsec_t;
 type ipsec_exec_t;
-init_daemon_domain(ipsec_t,ipsec_exec_t)
+init_daemon_domain(ipsec_t, ipsec_exec_t)
 role system_r types ipsec_t;
 # type for ipsec configuration file(s) - not for keys
@ -28,7 +28,7 @@ files_pid_file(ipsec_var_run_t)
 type ipsec_mgmt_t;
 type ipsec_mgmt_exec_t;
-init_system_domain(ipsec_mgmt_t,ipsec_mgmt_exec_t)
+init_system_domain(ipsec_mgmt_t, ipsec_mgmt_exec_t)
 corecmd_shell_entry_type(ipsec_mgmt_t)
 role system_r types ipsec_mgmt_t;
@ -40,12 +40,12 @@ files_pid_file(ipsec_mgmt_var_run_t)
 type racoon_t;
 type racoon_exec_t;
-init_daemon_domain(racoon_t,racoon_exec_t)
+init_daemon_domain(racoon_t, racoon_exec_t)
 role system_r types racoon_t;
 type setkey_t;
 type setkey_exec_t;
-init_system_domain(setkey_t,setkey_exec_t)
+init_system_domain(setkey_t, setkey_exec_t)
 role system_r types setkey_t;
 ########################################
@ -63,12 +63,12 @@ allow ipsec_t self:fifo_file read_fifo_file_perms;
 allow ipsec_t self:netlink_xfrm_socket { create_netlink_socket_perms nlmsg_write };
 allow ipsec_t ipsec_conf_file_t:dir list_dir_perms;
-read_files_pattern(ipsec_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_files_pattern(ipsec_t, ipsec_conf_file_t, ipsec_conf_file_t)
-read_lnk_files_pattern(ipsec_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_lnk_files_pattern(ipsec_t, ipsec_conf_file_t, ipsec_conf_file_t)
 allow ipsec_t ipsec_key_file_t:dir list_dir_perms;
-read_files_pattern(ipsec_t,ipsec_key_file_t,ipsec_key_file_t)
+read_files_pattern(ipsec_t, ipsec_key_file_t, ipsec_key_file_t)
-read_lnk_files_pattern(ipsec_t,ipsec_key_file_t,ipsec_key_file_t)
+read_lnk_files_pattern(ipsec_t, ipsec_key_file_t, ipsec_key_file_t)
 manage_files_pattern(ipsec_t, ipsec_var_run_t, ipsec_var_run_t)
 manage_sock_files_pattern(ipsec_t, ipsec_var_run_t, ipsec_var_run_t)
@ -80,7 +80,7 @@ can_exec(ipsec_t, ipsec_mgmt_exec_t)
 # a shell script, we need to find a way to make things work without
 # letting all sorts of stuff possibly be run...
 # so try flipping back into the ipsec_mgmt_t domain
-corecmd_shell_domtrans(ipsec_t,ipsec_mgmt_t)
+corecmd_shell_domtrans(ipsec_t, ipsec_mgmt_t)
 allow ipsec_mgmt_t ipsec_t:fd use;
 allow ipsec_mgmt_t ipsec_t:fifo_file rw_file_perms;
 allow ipsec_mgmt_t ipsec_t:process sigchld;
@ -162,21 +162,21 @@ allow ipsec_mgmt_t self:key_socket create_socket_perms;
 allow ipsec_mgmt_t self:fifo_file rw_file_perms;
 allow ipsec_mgmt_t ipsec_mgmt_lock_t:file manage_file_perms;
-files_lock_filetrans(ipsec_mgmt_t,ipsec_mgmt_lock_t,file)
+files_lock_filetrans(ipsec_mgmt_t, ipsec_mgmt_lock_t, file)
 allow ipsec_mgmt_t ipsec_mgmt_var_run_t:file manage_file_perms;
-files_pid_filetrans(ipsec_mgmt_t,ipsec_mgmt_var_run_t,file)
+files_pid_filetrans(ipsec_mgmt_t, ipsec_mgmt_var_run_t, file)
-manage_files_pattern(ipsec_mgmt_t,ipsec_var_run_t,ipsec_var_run_t)
+manage_files_pattern(ipsec_mgmt_t, ipsec_var_run_t, ipsec_var_run_t)
-manage_lnk_files_pattern(ipsec_mgmt_t,ipsec_var_run_t,ipsec_var_run_t)
+manage_lnk_files_pattern(ipsec_mgmt_t, ipsec_var_run_t, ipsec_var_run_t)
 allow ipsec_mgmt_t ipsec_var_run_t:sock_file manage_sock_file_perms;
-files_pid_filetrans(ipsec_mgmt_t,ipsec_var_run_t,sock_file)
+files_pid_filetrans(ipsec_mgmt_t, ipsec_var_run_t, sock_file)
 # _realsetup needs to be able to cat /var/run/pluto.pid,
 # run ps on that pid, and delete the file
-read_files_pattern(ipsec_mgmt_t,ipsec_t,ipsec_t)
+read_files_pattern(ipsec_mgmt_t, ipsec_t, ipsec_t)
-read_lnk_files_pattern(ipsec_mgmt_t,ipsec_t,ipsec_t)
+read_lnk_files_pattern(ipsec_mgmt_t, ipsec_t, ipsec_t)
 # logger, running in ipsec_mgmt_t needs to use sockets
 allow ipsec_mgmt_t self:unix_dgram_socket { create connect write };
@ -184,18 +184,18 @@ allow ipsec_mgmt_t ipsec_t:unix_dgram_socket { create connect write };
 allow ipsec_mgmt_t ipsec_conf_file_t:file read_file_perms;
-manage_files_pattern(ipsec_mgmt_t,ipsec_key_file_t,ipsec_key_file_t)
+manage_files_pattern(ipsec_mgmt_t, ipsec_key_file_t, ipsec_key_file_t)
-manage_lnk_files_pattern(ipsec_mgmt_t,ipsec_key_file_t,ipsec_key_file_t)
+manage_lnk_files_pattern(ipsec_mgmt_t, ipsec_key_file_t, ipsec_key_file_t)
-files_etc_filetrans(ipsec_mgmt_t,ipsec_key_file_t,file)
+files_etc_filetrans(ipsec_mgmt_t, ipsec_key_file_t, file)
 # whack needs to connect to pluto
-stream_connect_pattern(ipsec_mgmt_t,ipsec_var_run_t,ipsec_var_run_t,ipsec_t)
+stream_connect_pattern(ipsec_mgmt_t, ipsec_var_run_t, ipsec_var_run_t, ipsec_t)
 can_exec(ipsec_mgmt_t, ipsec_exec_t)
 can_exec(ipsec_mgmt_t, ipsec_mgmt_exec_t)
 allow ipsec_mgmt_t ipsec_mgmt_exec_t:lnk_file read;
-domtrans_pattern(ipsec_mgmt_t,ipsec_exec_t,ipsec_t)
+domtrans_pattern(ipsec_mgmt_t, ipsec_exec_t, ipsec_t)
 kernel_rw_net_sysctls(ipsec_mgmt_t)
 # allow pluto to access /proc/net/ipsec_eroute;
@ -282,17 +282,17 @@ allow racoon_t self:udp_socket create_socket_perms;
 allow racoon_t self:key_socket create_socket_perms;
 # manage pid file
-manage_files_pattern(racoon_t,ipsec_var_run_t,ipsec_var_run_t)
+manage_files_pattern(racoon_t, ipsec_var_run_t, ipsec_var_run_t)
-manage_sock_files_pattern(racoon_t,ipsec_var_run_t,ipsec_var_run_t)
+manage_sock_files_pattern(racoon_t, ipsec_var_run_t, ipsec_var_run_t)
-files_pid_filetrans(racoon_t,ipsec_var_run_t,file)
+files_pid_filetrans(racoon_t, ipsec_var_run_t, file)
 allow racoon_t ipsec_conf_file_t:dir list_dir_perms;
-read_files_pattern(racoon_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_files_pattern(racoon_t, ipsec_conf_file_t, ipsec_conf_file_t)
-read_lnk_files_pattern(racoon_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_lnk_files_pattern(racoon_t, ipsec_conf_file_t, ipsec_conf_file_t)
 allow racoon_t ipsec_key_file_t:dir list_dir_perms;
-read_files_pattern(racoon_t,ipsec_key_file_t,ipsec_key_file_t)
+read_files_pattern(racoon_t, ipsec_key_file_t, ipsec_key_file_t)
-read_lnk_files_pattern(racoon_t,ipsec_key_file_t,ipsec_key_file_t)
+read_lnk_files_pattern(racoon_t, ipsec_key_file_t, ipsec_key_file_t)
 kernel_read_system_state(racoon_t)
 kernel_read_network_state(racoon_t)
@ -338,8 +338,8 @@ allow setkey_t self:key_socket create_socket_perms;
 allow setkey_t self:netlink_route_socket create_netlink_socket_perms;
 allow setkey_t ipsec_conf_file_t:dir list_dir_perms;
-read_files_pattern(setkey_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_files_pattern(setkey_t, ipsec_conf_file_t, ipsec_conf_file_t)
-read_lnk_files_pattern(setkey_t,ipsec_conf_file_t,ipsec_conf_file_t)
+read_lnk_files_pattern(setkey_t, ipsec_conf_file_t, ipsec_conf_file_t)
 # allow setkey utility to set contexts on SA's and policy
 domain_ipsec_setcontext_all_domains(setkey_t)
--- a/policy/modules/system/iptables.if
+++ b/policy/modules/system/iptables.if
@ -16,7 +16,7 @@ interface(`iptables_domtrans',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,iptables_exec_t,iptables_t)
+	domtrans_pattern($1, iptables_exec_t, iptables_t)
 ')
 ########################################
@ -67,5 +67,5 @@ interface(`iptables_exec',`
 	')
 	corecmd_search_bin($1)
-	can_exec($1,iptables_exec_t)
+	can_exec($1, iptables_exec_t)
 ')
--- a/policy/modules/system/iptables.te
+++ b/policy/modules/system/iptables.te
@ -8,7 +8,7 @@ policy_module(iptables, 1.8.1)
 type iptables_t;
 type iptables_exec_t;
-init_system_domain(iptables_t,iptables_exec_t)
+init_system_domain(iptables_t, iptables_exec_t)
 role system_r types iptables_t;
 type iptables_tmp_t;
@ -28,9 +28,9 @@ allow iptables_t self:process { sigchld sigkill sigstop signull signal };
 allow iptables_t self:rawip_socket create_socket_perms;
 manage_files_pattern(iptables_t, iptables_var_run_t, iptables_var_run_t)
-files_pid_filetrans(iptables_t,iptables_var_run_t,file)
+files_pid_filetrans(iptables_t, iptables_var_run_t, file)
-can_exec(iptables_t,iptables_exec_t)
+can_exec(iptables_t, iptables_exec_t)
 allow iptables_t iptables_tmp_t:dir manage_dir_perms;
 allow iptables_t iptables_tmp_t:file manage_file_perms;
--- a/policy/modules/system/iscsi.if
+++ b/policy/modules/system/iscsi.if
@ -15,5 +15,5 @@ interface(`iscsid_domtrans',`
 		type iscsid_t, iscsid_exec_t;
 	')
-	domtrans_pattern($1,iscsid_exec_t,iscsid_t)
+	domtrans_pattern($1, iscsid_exec_t, iscsid_t)
 ')
--- a/policy/modules/system/iscsi.te
+++ b/policy/modules/system/iscsi.te
@ -47,12 +47,12 @@ allow iscsid_t iscsi_tmp_t:file manage_file_perms;
 fs_tmpfs_filetrans(iscsid_t, iscsi_tmp_t, file )
 allow iscsid_t iscsi_var_lib_t:dir list_dir_perms;
-read_files_pattern(iscsid_t,iscsi_var_lib_t,iscsi_var_lib_t)
+read_files_pattern(iscsid_t, iscsi_var_lib_t, iscsi_var_lib_t)
-read_lnk_files_pattern(iscsid_t,iscsi_var_lib_t,iscsi_var_lib_t)
+read_lnk_files_pattern(iscsid_t, iscsi_var_lib_t, iscsi_var_lib_t)
 files_search_var_lib(iscsid_t)
-manage_files_pattern(iscsid_t,iscsi_var_run_t,iscsi_var_run_t)
+manage_files_pattern(iscsid_t, iscsi_var_run_t, iscsi_var_run_t)
-files_pid_filetrans(iscsid_t,iscsi_var_run_t,file)
+files_pid_filetrans(iscsid_t, iscsi_var_run_t, file)
 kernel_read_system_state(iscsid_t)
--- a/policy/modules/system/libraries.if
+++ b/policy/modules/system/libraries.if
@ -16,7 +16,7 @@ interface(`libs_domtrans_ldconfig',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,ldconfig_exec_t,ldconfig_t)
+	domtrans_pattern($1, ldconfig_exec_t, ldconfig_t)
 ')
 ########################################
@ -63,8 +63,8 @@ interface(`libs_use_ld_so',`
 	files_list_etc($1)
 	allow $1 lib_t:dir list_dir_perms;
-	read_lnk_files_pattern($1,lib_t,{ lib_t ld_so_t })
+	read_lnk_files_pattern($1, lib_t, { lib_t ld_so_t })
-	mmap_files_pattern($1,lib_t,ld_so_t)
+	mmap_files_pattern($1, lib_t, ld_so_t)
 	allow $1 ld_so_cache_t:file read_file_perms;
 ')
@ -106,8 +106,8 @@ interface(`libs_exec_ld_so',`
 	')
 	allow $1 lib_t:dir list_dir_perms;
-	read_lnk_files_pattern($1,lib_t,{ lib_t ld_so_t })
+	read_lnk_files_pattern($1, lib_t, { lib_t ld_so_t })
-	exec_files_pattern($1,lib_t,ld_so_t)
+	exec_files_pattern($1, lib_t, ld_so_t)
 ')
 ########################################
@ -127,7 +127,7 @@ interface(`libs_manage_ld_so',`
 		type lib_t, ld_so_t;
 	')
-	manage_files_pattern($1,lib_t,ld_so_t)
+	manage_files_pattern($1, lib_t, ld_so_t)
 ')
 ########################################
@ -147,7 +147,7 @@ interface(`libs_relabel_ld_so',`
 		type lib_t, ld_so_t;
 	')
-	relabel_files_pattern($1,lib_t,ld_so_t)
+	relabel_files_pattern($1, lib_t, ld_so_t)
 ')
 ########################################
@ -248,9 +248,9 @@ interface(`libs_read_lib_files',`
 	')
 	files_search_usr($1)
-	list_dirs_pattern($1,lib_t,lib_t)
+	list_dirs_pattern($1, lib_t, lib_t)
-	read_files_pattern($1,lib_t,lib_t)
+	read_files_pattern($1, lib_t, lib_t)
-	read_lnk_files_pattern($1,lib_t,lib_t)
+	read_lnk_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -270,8 +270,8 @@ interface(`libs_exec_lib_files',`
 	files_search_usr($1)
 	allow $1 lib_t:dir list_dir_perms;
-	read_lnk_files_pattern($1,lib_t,lib_t)
+	read_lnk_files_pattern($1, lib_t, lib_t)
-	exec_files_pattern($1,lib_t,lib_t)
+	exec_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -307,7 +307,7 @@ interface(`libs_manage_lib_files',`
 		type lib_t;
 	')
-	manage_files_pattern($1,lib_t,lib_t)
+	manage_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -325,7 +325,7 @@ interface(`libs_relabelto_lib_files',`
 		type lib_t;
 	')
-	relabelto_files_pattern($1,lib_t,lib_t)
+	relabelto_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -345,7 +345,7 @@ interface(`libs_relabel_lib_files',`
 		type lib_t;
 	')
-	relabel_files_pattern($1,lib_t,lib_t)
+	relabel_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -364,7 +364,7 @@ interface(`libs_delete_lib_symlinks',`
 		type lib_t;
 	')
-	delete_lnk_files_pattern($1,lib_t,lib_t)
+	delete_lnk_files_pattern($1, lib_t, lib_t)
 ')
 ########################################
@ -383,7 +383,7 @@ interface(`libs_manage_shared_libs',`
 		type lib_t, textrel_shlib_t;
 	')
-	manage_files_pattern($1,lib_t,{ lib_t textrel_shlib_t })
+	manage_files_pattern($1, lib_t, { lib_t textrel_shlib_t })
 ')
 ########################################
@ -403,8 +403,8 @@ interface(`libs_use_shared_libs',`
 	files_list_usr($1)
 	allow $1 lib_t:dir list_dir_perms;
-	read_lnk_files_pattern($1,lib_t,{ lib_t textrel_shlib_t })
+	read_lnk_files_pattern($1, lib_t, { lib_t textrel_shlib_t })
-	mmap_files_pattern($1,lib_t,{ lib_t textrel_shlib_t })
+	mmap_files_pattern($1, lib_t, { lib_t textrel_shlib_t })
 	allow $1 textrel_shlib_t:file execmod;
 ')
@ -445,7 +445,7 @@ interface(`libs_relabel_shared_libs',`
 		type lib_t, textrel_shlib_t;
 	')
-	relabel_files_pattern($1,lib_t,{ lib_t textrel_shlib_t })
+	relabel_files_pattern($1, lib_t, { lib_t textrel_shlib_t })
 ')
 ########################################
--- a/policy/modules/system/libraries.te
+++ b/policy/modules/system/libraries.te
@ -20,7 +20,7 @@ files_type(ld_so_t)
 type ldconfig_t;
 type ldconfig_exec_t;
-init_system_domain(ldconfig_t,ldconfig_exec_t)
+init_system_domain(ldconfig_t, ldconfig_exec_t)
 role system_r types ldconfig_t;
 type ldconfig_cache_t;
@ -57,14 +57,14 @@ allow ldconfig_t self:capability sys_chroot;
 manage_files_pattern(ldconfig_t, ldconfig_cache_t, ldconfig_cache_t)
 allow ldconfig_t ld_so_cache_t:file manage_file_perms;
-files_etc_filetrans(ldconfig_t,ld_so_cache_t,file)
+files_etc_filetrans(ldconfig_t, ld_so_cache_t, file)
-manage_dirs_pattern(ldconfig_t,ldconfig_tmp_t,ldconfig_tmp_t)
+manage_dirs_pattern(ldconfig_t, ldconfig_tmp_t, ldconfig_tmp_t)
-manage_files_pattern(ldconfig_t,ldconfig_tmp_t,ldconfig_tmp_t)
+manage_files_pattern(ldconfig_t, ldconfig_tmp_t, ldconfig_tmp_t)
-manage_lnk_files_pattern(ldconfig_t,ldconfig_tmp_t,ldconfig_tmp_t)
+manage_lnk_files_pattern(ldconfig_t, ldconfig_tmp_t, ldconfig_tmp_t)
 files_tmp_filetrans(ldconfig_t, ldconfig_tmp_t, { file dir lnk_file })
-manage_lnk_files_pattern(ldconfig_t,lib_t,lib_t)
+manage_lnk_files_pattern(ldconfig_t, lib_t, lib_t)
 kernel_read_system_state(ldconfig_t)
--- a/policy/modules/system/locallogin.if
+++ b/policy/modules/system/locallogin.if
@ -15,10 +15,10 @@ interface(`locallogin_domtrans',`
 		type local_login_t;
 	')
-	auth_domtrans_login_program($1,local_login_t)
+	auth_domtrans_login_program($1, local_login_t)
 	ifdef(`enable_mcs',`
-		auth_ranged_domtrans_login_program($1,local_login_t,s0 - mcs_systemhigh)
+		auth_ranged_domtrans_login_program($1, local_login_t, s0 - mcs_systemhigh)
 	')
 ')
@ -127,5 +127,5 @@ interface(`locallogin_domtrans_sulogin',`
 		type sulogin_exec_t, sulogin_t;
 	')
-	domtrans_pattern($1,sulogin_exec_t,sulogin_t)
+	domtrans_pattern($1, sulogin_exec_t, sulogin_t)
 ')
--- a/policy/modules/system/locallogin.te
+++ b/policy/modules/system/locallogin.te
@ -24,8 +24,8 @@ domain_obj_id_change_exemption(sulogin_t)
 domain_subj_id_change_exemption(sulogin_t)
 domain_role_change_exemption(sulogin_t)
 domain_interactive_fd(sulogin_t)
-init_domain(sulogin_t,sulogin_exec_t)
+init_domain(sulogin_t, sulogin_exec_t)
-init_system_domain(sulogin_t,sulogin_exec_t)
+init_system_domain(sulogin_t, sulogin_exec_t)
 role system_r types sulogin_t;
 ########################################
@ -50,7 +50,7 @@ allow local_login_t self:msg { send receive };
 allow local_login_t self:key { search write link };
 allow local_login_t local_login_lock_t:file manage_file_perms;
-files_lock_filetrans(local_login_t,local_login_lock_t,file)
+files_lock_filetrans(local_login_t, local_login_lock_t, file)
 allow local_login_t local_login_tmp_t:dir manage_dir_perms;
 allow local_login_t local_login_tmp_t:file manage_file_perms;
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@ -99,7 +99,7 @@ interface(`logging_read_audit_log',`
 	')
 	files_search_var($1)
-	read_files_pattern($1,auditd_log_t,auditd_log_t)
+	read_files_pattern($1, auditd_log_t, auditd_log_t)
 	allow $1 auditd_log_t:dir list_dir_perms;
 ')
@ -118,7 +118,7 @@ interface(`logging_domtrans_auditctl',`
 		type auditctl_t, auditctl_exec_t;
 	')
-	domtrans_pattern($1,auditctl_exec_t,auditctl_t)
+	domtrans_pattern($1, auditctl_exec_t, auditctl_t)
 ')
 ########################################
@ -162,7 +162,7 @@ interface(`logging_domtrans_auditd',`
 		type auditd_t, auditd_exec_t;
 	')
-	domtrans_pattern($1,auditd_exec_t,auditd_t)
+	domtrans_pattern($1, auditd_exec_t, auditd_t)
 ')
 ########################################
@ -311,7 +311,7 @@ interface(`logging_manage_audit_config',`
 	')
 	files_search_etc($1)
-	manage_files_pattern($1,auditd_etc_t,auditd_etc_t)
+	manage_files_pattern($1, auditd_etc_t, auditd_etc_t)
 ')
 ########################################
@ -331,8 +331,8 @@ interface(`logging_manage_audit_log',`
 	')
 	files_search_var($1)
-	manage_dirs_pattern($1,auditd_log_t,auditd_log_t)
+	manage_dirs_pattern($1, auditd_log_t, auditd_log_t)
-	manage_files_pattern($1,auditd_log_t,auditd_log_t)
+	manage_files_pattern($1, auditd_log_t, auditd_log_t)
 ')
 ########################################
@ -351,7 +351,7 @@ interface(`logging_domtrans_klog',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,klogd_exec_t,klogd_t)
+	domtrans_pattern($1, klogd_exec_t, klogd_t)
 ')
 ########################################
@ -390,7 +390,7 @@ interface(`logging_domtrans_syslog',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,syslogd_exec_t,syslogd_t)
+	domtrans_pattern($1, syslogd_exec_t, syslogd_t)
 ')
 ########################################
@ -420,7 +420,7 @@ interface(`logging_log_filetrans',`
 	')
 	files_search_var($1)
-	filetrans_pattern($1,var_log_t,$2,$3)
+	filetrans_pattern($1, var_log_t, $2, $3)
 ')
 ########################################
@ -468,7 +468,7 @@ interface(`logging_read_audit_config',`
 	')
 	files_search_etc($1)
-	read_files_pattern($1,auditd_etc_t,auditd_etc_t)
+	read_files_pattern($1, auditd_etc_t, auditd_etc_t)
 	allow $1 auditd_etc_t:dir list_dir_perms;
 ')
@ -666,7 +666,7 @@ interface(`logging_exec_all_logs',`
 	files_search_var($1)
 	allow $1 logfile:dir list_dir_perms;
-	can_exec($1,logfile)
+	can_exec($1, logfile)
 ')
 ########################################
@ -705,8 +705,8 @@ interface(`logging_manage_all_logs',`
 	')
 	files_search_var($1)
-	manage_files_pattern($1,logfile,logfile)
+	manage_files_pattern($1, logfile, logfile)
-	read_lnk_files_pattern($1,logfile,logfile)
+	read_lnk_files_pattern($1, logfile, logfile)
 ')
 ########################################
@ -727,7 +727,7 @@ interface(`logging_read_generic_logs',`
 	files_search_var($1)
 	allow $1 var_log_t:dir list_dir_perms;
-	read_files_pattern($1,var_log_t,var_log_t)
+	read_files_pattern($1, var_log_t, var_log_t)
 ')
 ########################################
@ -747,7 +747,7 @@ interface(`logging_write_generic_logs',`
 	files_search_var($1)
 	allow $1 var_log_t:dir list_dir_perms;
-	write_files_pattern($1,var_log_t,var_log_t)
+	write_files_pattern($1, var_log_t, var_log_t)
 ')
 ########################################
@ -785,7 +785,7 @@ interface(`logging_rw_generic_logs',`
 	files_search_var($1)
 	allow $1 var_log_t:dir list_dir_perms;
-	rw_files_pattern($1,var_log_t,var_log_t)
+	rw_files_pattern($1, var_log_t, var_log_t)
 ')
 ########################################
@ -806,7 +806,7 @@ interface(`logging_manage_generic_logs',`
 	')
 	files_search_var($1)
-	manage_files_pattern($1,var_log_t,var_log_t)
+	manage_files_pattern($1, var_log_t, var_log_t)
 ')
 ########################################
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@ -10,7 +10,7 @@ attribute logfile;
 type auditctl_t;
 type auditctl_exec_t;
-init_system_domain(auditctl_t,auditctl_exec_t)
+init_system_domain(auditctl_t, auditctl_exec_t)
 role system_r types auditctl_t;
 type auditd_etc_t;
@ -22,7 +22,7 @@ files_security_mountpoint(auditd_log_t)
 type auditd_t;
 type auditd_exec_t;
-init_daemon_domain(auditd_t,auditd_exec_t)
+init_daemon_domain(auditd_t, auditd_exec_t)
 type auditd_initrc_exec_t;
 init_script_file(auditd_initrc_exec_t)
@ -47,7 +47,7 @@ mls_trusted_object(devlog_t)
 type klogd_t;
 type klogd_exec_t;
-init_daemon_domain(klogd_t,klogd_exec_t)
+init_daemon_domain(klogd_t, klogd_exec_t)
 type klogd_tmp_t;
 files_tmp_file(klogd_tmp_t)
@ -60,7 +60,7 @@ files_type(syslog_conf_t)
 type syslogd_t;
 type syslogd_exec_t;
-init_daemon_domain(syslogd_t,syslogd_exec_t)
+init_daemon_domain(syslogd_t, syslogd_exec_t)
 type syslogd_initrc_exec_t;
 init_script_file(syslogd_initrc_exec_t)
@ -91,7 +91,7 @@ ifdef(`enable_mls',`
 allow auditctl_t self:capability { fsetid dac_read_search dac_override };
 allow auditctl_t self:netlink_audit_socket nlmsg_readpriv;
-read_files_pattern(auditctl_t,auditd_etc_t,auditd_etc_t)
+read_files_pattern(auditctl_t, auditd_etc_t, auditd_etc_t)
 allow auditctl_t auditd_etc_t:dir list_dir_perms;
 # Needed for adding watches
@ -132,13 +132,13 @@ allow auditd_t self:tcp_socket create_stream_socket_perms;
 allow auditd_t auditd_etc_t:dir list_dir_perms;
 allow auditd_t auditd_etc_t:file read_file_perms;
-manage_files_pattern(auditd_t,auditd_log_t,auditd_log_t)
+manage_files_pattern(auditd_t, auditd_log_t, auditd_log_t)
-manage_lnk_files_pattern(auditd_t,auditd_log_t,auditd_log_t)
+manage_lnk_files_pattern(auditd_t, auditd_log_t, auditd_log_t)
 allow auditd_t var_log_t:dir search_dir_perms;
-manage_files_pattern(auditd_t,auditd_var_run_t,auditd_var_run_t)
+manage_files_pattern(auditd_t, auditd_var_run_t, auditd_var_run_t)
-manage_sock_files_pattern(auditd_t,auditd_var_run_t,auditd_var_run_t)
+manage_sock_files_pattern(auditd_t, auditd_var_run_t, auditd_var_run_t)
-files_pid_filetrans(auditd_t,auditd_var_run_t,{ file sock_file })
+files_pid_filetrans(auditd_t, auditd_var_run_t, { file sock_file })
 kernel_read_kernel_sysctls(auditd_t)
 # Needs to be able to run dispatcher.  see /etc/audit/auditd.conf
@ -271,12 +271,12 @@ allow klogd_t self:capability sys_admin;
 dontaudit klogd_t self:capability { sys_resource sys_tty_config };
 allow klogd_t self:process signal_perms;
-manage_dirs_pattern(klogd_t,klogd_tmp_t,klogd_tmp_t)
+manage_dirs_pattern(klogd_t, klogd_tmp_t, klogd_tmp_t)
-manage_files_pattern(klogd_t,klogd_tmp_t,klogd_tmp_t)
+manage_files_pattern(klogd_t, klogd_tmp_t, klogd_tmp_t)
-files_tmp_filetrans(klogd_t,klogd_tmp_t,{ file dir })
+files_tmp_filetrans(klogd_t, klogd_tmp_t,{ file dir })
-manage_files_pattern(klogd_t,klogd_var_run_t,klogd_var_run_t)
+manage_files_pattern(klogd_t, klogd_var_run_t, klogd_var_run_t)
-files_pid_filetrans(klogd_t,klogd_var_run_t,file)
+files_pid_filetrans(klogd_t, klogd_var_run_t, file)
 kernel_read_system_state(klogd_t)
 kernel_read_messages(klogd_t)
@ -345,29 +345,29 @@ allow syslogd_t syslog_conf_t:file read_file_perms;
 # Create and bind to /dev/log or /var/run/log.
 allow syslogd_t devlog_t:sock_file manage_sock_file_perms;
-files_pid_filetrans(syslogd_t,devlog_t,sock_file)
+files_pid_filetrans(syslogd_t, devlog_t, sock_file)
 # create/append log files.
-manage_files_pattern(syslogd_t,var_log_t,var_log_t)
+manage_files_pattern(syslogd_t, var_log_t, var_log_t)
-rw_fifo_files_pattern(syslogd_t,var_log_t,var_log_t)
+rw_fifo_files_pattern(syslogd_t, var_log_t, var_log_t)
 # Allow access for syslog-ng
 allow syslogd_t var_log_t:dir { create setattr };
 # manage temporary files
-manage_dirs_pattern(syslogd_t,syslogd_tmp_t,syslogd_tmp_t)
+manage_dirs_pattern(syslogd_t, syslogd_tmp_t, syslogd_tmp_t)
-manage_files_pattern(syslogd_t,syslogd_tmp_t,syslogd_tmp_t)
+manage_files_pattern(syslogd_t, syslogd_tmp_t, syslogd_tmp_t)
-files_tmp_filetrans(syslogd_t,syslogd_tmp_t,{ dir file })
+files_tmp_filetrans(syslogd_t, syslogd_tmp_t, { dir file })
 manage_files_pattern(syslogd_t, syslogd_var_lib_t, syslogd_var_lib_t)
 files_search_var_lib(syslogd_t)
 allow syslogd_t syslogd_var_run_t:file manage_file_perms;
-files_pid_filetrans(syslogd_t,syslogd_var_run_t,file)
+files_pid_filetrans(syslogd_t, syslogd_var_run_t, file)
 # manage pid file
-manage_files_pattern(syslogd_t,syslogd_var_run_t,syslogd_var_run_t)
+manage_files_pattern(syslogd_t, syslogd_var_run_t, syslogd_var_run_t)
-files_pid_filetrans(syslogd_t,syslogd_var_run_t,file)
+files_pid_filetrans(syslogd_t, syslogd_var_run_t, file)
 kernel_read_system_state(syslogd_t)
 kernel_read_kernel_sysctls(syslogd_t)
@ -403,7 +403,7 @@ corenet_sendrecv_syslogd_server_packets(syslogd_t)
 corenet_sendrecv_postgresql_client_packets(syslogd_t)
 corenet_sendrecv_mysqld_client_packets(syslogd_t)
-dev_filetrans(syslogd_t,devlog_t,sock_file)
+dev_filetrans(syslogd_t, devlog_t, sock_file)
 dev_read_sysfs(syslogd_t)
 domain_use_interactive_fds(syslogd_t)
@ -451,7 +451,7 @@ ifdef(`distro_gentoo',`
 ifdef(`distro_suse',`
 	# suse creates a /dev/log under /var/lib/stunnel for chrooted stunnel
-	files_var_lib_filetrans(syslogd_t,devlog_t,sock_file)
+	files_var_lib_filetrans(syslogd_t, devlog_t, sock_file)
 ')
 ifdef(`distro_ubuntu',`
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@ -17,8 +17,8 @@ interface(`miscfiles_read_certs',`
 	')
 	allow $1 cert_t:dir list_dir_perms;
-	read_files_pattern($1,cert_t,cert_t)
+	read_files_pattern($1, cert_t, cert_t)
-	read_lnk_files_pattern($1,cert_t,cert_t)
+	read_lnk_files_pattern($1, cert_t, cert_t)
 ')
 ########################################
@ -81,8 +81,8 @@ interface(`miscfiles_read_fonts',`
 	libs_search_lib($1)
 	allow $1 fonts_t:dir list_dir_perms;
-	read_files_pattern($1,fonts_t,fonts_t)
+	read_files_pattern($1, fonts_t, fonts_t)
-	read_lnk_files_pattern($1,fonts_t,fonts_t)
+	read_lnk_files_pattern($1, fonts_t, fonts_t)
 ')
 ########################################
@ -125,9 +125,9 @@ interface(`miscfiles_manage_fonts',`
 	files_search_usr($1)
 	libs_search_lib($1)
-	manage_dirs_pattern($1,fonts_t,fonts_t)
+	manage_dirs_pattern($1, fonts_t, fonts_t)
-	manage_files_pattern($1,fonts_t,fonts_t)
+	manage_files_pattern($1, fonts_t, fonts_t)
-	manage_lnk_files_pattern($1,fonts_t,fonts_t)
+	manage_lnk_files_pattern($1, fonts_t, fonts_t)
 ')
 ########################################
@ -146,8 +146,8 @@ interface(`miscfiles_read_hwdata',`
 	')
 	allow $1 hwdata_t:dir list_dir_perms;
-	read_files_pattern($1,hwdata_t,hwdata_t)
+	read_files_pattern($1, hwdata_t, hwdata_t)
-	read_lnk_files_pattern($1,hwdata_t,hwdata_t)
+	read_lnk_files_pattern($1, hwdata_t, hwdata_t)
 ')
 ########################################
@ -188,8 +188,8 @@ interface(`miscfiles_read_localization',`
 	files_read_etc_symlinks($1)
 	files_search_usr($1)
 	allow $1 locale_t:dir list_dir_perms;
-	read_files_pattern($1,locale_t,locale_t)
+	read_files_pattern($1, locale_t, locale_t)
-	read_lnk_files_pattern($1,locale_t,locale_t)
+	read_lnk_files_pattern($1, locale_t, locale_t)
 	# why?
 	libs_read_lib_files($1)
@ -212,7 +212,7 @@ interface(`miscfiles_rw_localization',`
 	files_search_usr($1)
 	allow $1 locale_t:dir list_dir_perms;
-	rw_files_pattern($1,locale_t,locale_t)
+	rw_files_pattern($1, locale_t, locale_t)
 ')
 ########################################
@ -231,7 +231,7 @@ interface(`miscfiles_relabel_localization',`
 	')
 	files_search_usr($1)
-	relabel_files_pattern($1,locale_t,locale_t)
+	relabel_files_pattern($1, locale_t, locale_t)
 ')
 ########################################
@ -289,8 +289,8 @@ interface(`miscfiles_read_man_pages',`
 	files_search_usr($1)
 	allow $1 man_t:dir list_dir_perms;
-	read_files_pattern($1,man_t,man_t)
+	read_files_pattern($1, man_t, man_t)
-	read_lnk_files_pattern($1,man_t,man_t)
+	read_lnk_files_pattern($1, man_t, man_t)
 ')
 ########################################
@ -314,9 +314,9 @@ interface(`miscfiles_delete_man_pages',`
 	allow $1 man_t:dir setattr;
 	# RH bug #309351
 	allow $1 man_t:dir list_dir_perms;
-	delete_dirs_pattern($1,man_t,man_t)
+	delete_dirs_pattern($1, man_t, man_t)
-	delete_files_pattern($1,man_t,man_t)
+	delete_files_pattern($1, man_t, man_t)
-	delete_lnk_files_pattern($1,man_t,man_t)
+	delete_lnk_files_pattern($1, man_t, man_t)
 ')
 ########################################
@ -335,9 +335,9 @@ interface(`miscfiles_manage_man_pages',`
 	')
 	files_search_usr($1)
-	manage_dirs_pattern($1,man_t,man_t)
+	manage_dirs_pattern($1, man_t, man_t)
-	manage_files_pattern($1,man_t,man_t)
+	manage_files_pattern($1, man_t, man_t)
-	read_lnk_files_pattern($1,man_t,man_t)
+	read_lnk_files_pattern($1, man_t, man_t)
 ')
 ########################################
@ -379,9 +379,9 @@ interface(`miscfiles_manage_public_files',`
 		type public_content_rw_t;
 	')
-	manage_dirs_pattern($1,public_content_rw_t,public_content_rw_t)
+	manage_dirs_pattern($1, public_content_rw_t, public_content_rw_t)
-	manage_files_pattern($1,public_content_rw_t,public_content_rw_t)
+	manage_files_pattern($1, public_content_rw_t, public_content_rw_t)
-	manage_lnk_files_pattern($1,public_content_rw_t,public_content_rw_t)
+	manage_lnk_files_pattern($1, public_content_rw_t, public_content_rw_t)
 ')
 ########################################
@ -404,8 +404,8 @@ interface(`miscfiles_read_tetex_data',`
 	# cjp: TeX data can be in either of the above dirs
 	allow $1 tetex_data_t:dir list_dir_perms;
-	read_files_pattern($1,tetex_data_t,tetex_data_t)
+	read_files_pattern($1, tetex_data_t, tetex_data_t)
-	read_lnk_files_pattern($1,tetex_data_t,tetex_data_t)
+	read_lnk_files_pattern($1, tetex_data_t, tetex_data_t)
 ')
 ########################################
@ -429,7 +429,7 @@ interface(`miscfiles_exec_tetex_data',`
 	# cjp: TeX data can be in either of the above dirs
 	allow $1 tetex_data_t:dir list_dir_perms;
-	exec_files_pattern($1,tetex_data_t,tetex_data_t)
+	exec_files_pattern($1, tetex_data_t, tetex_data_t)
 ')
 ########################################
@ -466,8 +466,8 @@ interface(`miscfiles_read_test_files',`
 		type test_file_t;
 	')
-	read_files_pattern($1,test_file_t,test_file_t)
+	read_files_pattern($1, test_file_t, test_file_t)
-	read_lnk_files_pattern($1,test_file_t,test_file_t)
+	read_lnk_files_pattern($1, test_file_t, test_file_t)
 ')
 ########################################
@ -485,8 +485,8 @@ interface(`miscfiles_exec_test_files',`
 		type test_file_t;
 	')
-	exec_files_pattern($1,test_file_t,test_file_t)
+	exec_files_pattern($1, test_file_t, test_file_t)
-	read_lnk_files_pattern($1,test_file_t,test_file_t)
+	read_lnk_files_pattern($1, test_file_t, test_file_t)
 ')
 ########################################
@ -524,8 +524,8 @@ interface(`miscfiles_manage_localization',`
 		type locale_t;
 	')
-	manage_dirs_pattern($1,locale_t,locale_t)
+	manage_dirs_pattern($1, locale_t, locale_t)
-	manage_files_pattern($1,locale_t,locale_t)
+	manage_files_pattern($1, locale_t, locale_t)
-	manage_lnk_files_pattern($1,locale_t,locale_t)
+	manage_lnk_files_pattern($1, locale_t, locale_t)
 ')
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@ -20,18 +20,18 @@ files_type(modules_dep_t)
 type insmod_t;
 type insmod_exec_t;
-application_domain(insmod_t,insmod_exec_t)
+application_domain(insmod_t, insmod_exec_t)
 mls_file_write_all_levels(insmod_t)
 role system_r types insmod_t;
 type depmod_t;
 type depmod_exec_t;
-init_system_domain(depmod_t,depmod_exec_t)
+init_system_domain(depmod_t, depmod_exec_t)
 role system_r types depmod_t;
 type update_modules_t;
 type update_modules_exec_t;
-init_system_domain(update_modules_t,update_modules_exec_t)
+init_system_domain(update_modules_t, update_modules_exec_t)
 role system_r types update_modules_t;
 type update_modules_tmp_t;
@ -118,7 +118,7 @@ ifdef(`distro_ubuntu',`
 ')
 if( ! secure_mode_insmod ) {
-	kernel_domtrans_to(insmod_t,insmod_exec_t)
+	kernel_domtrans_to(insmod_t, insmod_exec_t)
 }
 optional_policy(`
@ -178,7 +178,7 @@ can_exec(depmod_t, depmod_exec_t)
 allow depmod_t modules_conf_t:file read_file_perms;
 allow depmod_t modules_dep_t:file manage_file_perms;
-files_kernel_modules_filetrans(depmod_t,modules_dep_t,file)
+files_kernel_modules_filetrans(depmod_t, modules_dep_t, file)
 kernel_read_system_state(depmod_t)
@ -231,8 +231,8 @@ can_exec(update_modules_t, update_modules_exec_t)
 # manage module loading configuration
 allow update_modules_t modules_conf_t:file manage_file_perms;
-files_kernel_modules_filetrans(update_modules_t,modules_conf_t,file)
+files_kernel_modules_filetrans(update_modules_t, modules_conf_t, file)
-files_etc_filetrans(update_modules_t,modules_conf_t,file)
+files_etc_filetrans(update_modules_t, modules_conf_t, file)
 # transition to depmod
 domain_auto_trans(update_modules_t, depmod_exec_t, depmod_t)
@ -241,8 +241,8 @@ allow depmod_t update_modules_t:fd use;
 allow depmod_t update_modules_t:fifo_file rw_file_perms;
 allow depmod_t update_modules_t:process sigchld;
-manage_dirs_pattern(update_modules_t,update_modules_tmp_t,update_modules_tmp_t)
+manage_dirs_pattern(update_modules_t, update_modules_tmp_t, update_modules_tmp_t)
-manage_files_pattern(update_modules_t,update_modules_tmp_t,update_modules_tmp_t)
+manage_files_pattern(update_modules_t, update_modules_tmp_t, update_modules_tmp_t)
 files_tmp_filetrans(update_modules_t, update_modules_tmp_t, { file dir })
 kernel_read_kernel_sysctls(update_modules_t)
--- a/policy/modules/system/mount.if
+++ b/policy/modules/system/mount.if
@ -15,7 +15,7 @@ interface(`mount_domtrans',`
 		type mount_t, mount_exec_t;
 	')
-	domtrans_pattern($1,mount_exec_t,mount_t)
+	domtrans_pattern($1, mount_exec_t, mount_t)
 ')
 ########################################
@ -68,7 +68,7 @@ interface(`mount_exec',`
 	allow $1 mount_exec_t:dir list_dir_perms;
 	allow $1 mount_exec_t:lnk_file read_lnk_file_perms;
-	can_exec($1,mount_exec_t)
+	can_exec($1, mount_exec_t)
 ')
 ########################################
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@ -11,11 +11,11 @@ policy_module(mount, 1.10.0)
 ## Allow the mount command to mount any directory or file.
 ## </p>
 ## </desc>
-gen_tunable(allow_mount_anyfile,false)
+gen_tunable(allow_mount_anyfile, false)
 type mount_t;
 type mount_exec_t;
-init_system_domain(mount_t,mount_exec_t)
+init_system_domain(mount_t, mount_exec_t)
 role system_r types mount_t;
 type mount_loopback_t; # customizable
@ -28,7 +28,7 @@ files_tmp_file(mount_tmp_t)
 # this is optionally declared in monolithic
 # policy--duplicate type declaration
 type unconfined_mount_t;
-application_domain(unconfined_mount_t,mount_exec_t)
+application_domain(unconfined_mount_t, mount_exec_t)
 ########################################
 #
@ -45,7 +45,7 @@ allow mount_t mount_tmp_t:dir manage_dir_perms;
 can_exec(mount_t, mount_exec_t)
-files_tmp_filetrans(mount_t,mount_tmp_t,{ file dir })
+files_tmp_filetrans(mount_t, mount_tmp_t, { file dir })
 kernel_read_system_state(mount_t)
 kernel_read_kernel_sysctls(mount_t)
@ -83,7 +83,7 @@ domain_use_interactive_fds(mount_t)
 files_search_all(mount_t)
 files_read_etc_files(mount_t)
 files_manage_etc_runtime_files(mount_t)
-files_etc_filetrans_etc_runtime(mount_t,file)
+files_etc_filetrans_etc_runtime(mount_t, file)
 files_mounton_all_mountpoints(mount_t)
 files_unmount_rootfs(mount_t)
 # These rules need to be generalized.  Only admin, initrc should have it:
@ -193,6 +193,6 @@ optional_policy(`
 #
 optional_policy(`
-	files_etc_filetrans_etc_runtime(unconfined_mount_t,file)
+	files_etc_filetrans_etc_runtime(unconfined_mount_t, file)
 	unconfined_domain(unconfined_mount_t)
 ')
--- a/policy/modules/system/netlabel.if
+++ b/policy/modules/system/netlabel.if
@ -16,7 +16,7 @@ interface(`netlabel_domtrans_mgmt',`
 	')
 	corecmd_search_bin($1)
-	domtrans_pattern($1,netlabel_mgmt_exec_t,netlabel_mgmt_t)
+	domtrans_pattern($1, netlabel_mgmt_exec_t, netlabel_mgmt_t)
 ')
 ########################################
--- a/policy/modules/system/netlabel.te
+++ b/policy/modules/system/netlabel.te
@ -8,7 +8,7 @@ policy_module(netlabel, 1.3.0)
 type netlabel_mgmt_t;
 type netlabel_mgmt_exec_t;
-application_domain(netlabel_mgmt_t,netlabel_mgmt_exec_t)
+application_domain(netlabel_mgmt_t, netlabel_mgmt_exec_t)
 role system_r types netlabel_mgmt_t;
 ########################################
--- a/policy/modules/system/pcmcia.if
+++ b/policy/modules/system/pcmcia.if
@ -31,7 +31,7 @@ interface(`pcmcia_domtrans_cardmgr',`
 		type cardmgr_t, cardmgr_exec_t;
 	')
-	domtrans_pattern($1,cardmgr_exec_t,cardmgr_t)
+	domtrans_pattern($1, cardmgr_exec_t, cardmgr_t)
 ')
 ########################################
@ -67,7 +67,7 @@ interface(`pcmcia_domtrans_cardctl',`
 		type cardmgr_t, cardctl_exec_t;
 	')
-	domtrans_pattern($1,cardctl_exec_t,cardmgr_t)
+	domtrans_pattern($1, cardctl_exec_t, cardmgr_t)
 ')
 ########################################
@ -112,7 +112,7 @@ interface(`pcmcia_read_pid',`
 	')
 	files_search_pids($1)
-	read_files_pattern($1,cardmgr_var_run_t,cardmgr_var_run_t)
+	read_files_pattern($1, cardmgr_var_run_t, cardmgr_var_run_t)
 ')
 ########################################
@ -132,7 +132,7 @@ interface(`pcmcia_manage_pid',`
 	')
 	files_search_pids($1)
-	manage_files_pattern($1,cardmgr_var_run_t,cardmgr_var_run_t)
+	manage_files_pattern($1, cardmgr_var_run_t, cardmgr_var_run_t)
 ')
 ########################################
@ -152,5 +152,5 @@ interface(`pcmcia_manage_pid_chr_files',`
 	')
 	files_search_pids($1)
-	manage_chr_files_pattern($1,cardmgr_var_run_t,cardmgr_var_run_t)
+	manage_chr_files_pattern($1, cardmgr_var_run_t, cardmgr_var_run_t)
 ')
--- a/Show More
+++ b/Show More