trunk: whitespace fixes

2009-06-26 14:40:13 +00:00 · 2009-06-26 14:40:13 +00:00 · 3f67f722bb
commit 3f67f722bb
parent 20272c2b27
157 changed files with 796 additions and 797 deletions
--- a/policy/modules/admin/amanda.te
+++ b/policy/modules/admin/amanda.te
@ -97,8 +97,8 @@ allow amanda_t amanda_gnutarlists_t:dir rw_dir_perms;
 allow amanda_t amanda_gnutarlists_t:file manage_file_perms;
 allow amanda_t amanda_gnutarlists_t:lnk_file manage_lnk_file_perms;
-manage_dirs_pattern(amanda_t,amanda_var_lib_t,amanda_var_lib_t)
+manage_dirs_pattern(amanda_t, amanda_var_lib_t, amanda_var_lib_t)
-manage_files_pattern(amanda_t,amanda_var_lib_t,amanda_var_lib_t)
+manage_files_pattern(amanda_t, amanda_var_lib_t, amanda_var_lib_t)
 manage_files_pattern(amanda_t, amanda_log_t, amanda_log_t)
 manage_dirs_pattern(amanda_t, amanda_log_t, amanda_log_t)
--- a/policy/modules/admin/dpkg.if
+++ b/policy/modules/admin/dpkg.if
@ -38,7 +38,7 @@ interface(`dpkg_domtrans_script',`
 	')
 	# transition to dpkg script:
-	corecmd_shell_domtrans($1,dpkg_script_t)
+	corecmd_shell_domtrans($1, dpkg_script_t)
 	allow dpkg_script_t $1:fd use;
 	allow dpkg_script_t $1:fifo_file rw_file_perms;
 	allow dpkg_script_t $1:process sigchld;
--- a/policy/modules/admin/kudzu.te
+++ b/policy/modules/admin/kudzu.te
@ -89,7 +89,7 @@ files_search_var(kudzu_t)
 files_search_locks(kudzu_t)
 files_manage_etc_files(kudzu_t)
 files_manage_etc_runtime_files(kudzu_t)
-files_etc_filetrans_etc_runtime(kudzu_t,file)
+files_etc_filetrans_etc_runtime(kudzu_t, file)
 files_manage_mnt_files(kudzu_t)
 files_manage_mnt_symlinks(kudzu_t)
 files_dontaudit_search_src(kudzu_t)
--- a/policy/modules/admin/logrotate.te
+++ b/policy/modules/admin/logrotate.te
@ -132,7 +132,7 @@ ifdef(`distro_debian', `
 	# for syslogd-listfiles
 	logging_read_syslog_config(logrotate_t)
-        # for "test -x /sbin/syslogd"
+	# for "test -x /sbin/syslogd"
 	logging_check_exec_syslog(logrotate_t)
 ')
--- a/policy/modules/admin/logwatch.te
+++ b/policy/modules/admin/logwatch.te
@ -34,7 +34,7 @@ manage_dirs_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 manage_files_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 allow logwatch_t logwatch_lock_t:file manage_file_perms;
-files_lock_filetrans(logwatch_t,logwatch_lock_t,file)
+files_lock_filetrans(logwatch_t, logwatch_lock_t, file)
 manage_dirs_pattern(logwatch_t, logwatch_tmp_t, logwatch_tmp_t)
 manage_files_pattern(logwatch_t, logwatch_tmp_t, logwatch_tmp_t)
--- a/policy/modules/admin/mrtg.te
+++ b/policy/modules/admin/mrtg.te
@ -54,7 +54,7 @@ manage_files_pattern(mrtg_t, mrtg_var_lib_t, mrtg_var_lib_t)
 manage_lnk_files_pattern(mrtg_t, mrtg_var_lib_t, mrtg_var_lib_t)
 allow mrtg_t mrtg_var_run_t:file manage_file_perms;
-files_pid_filetrans(mrtg_t,mrtg_var_run_t,file)
+files_pid_filetrans(mrtg_t, mrtg_var_run_t, file)
 kernel_read_system_state(mrtg_t)
 kernel_read_network_state(mrtg_t)
--- a/policy/modules/admin/portage.if
+++ b/policy/modules/admin/portage.if
@ -99,7 +99,7 @@ interface(`portage_compile_domain',`
 	allow $1 self:dbus send_msg;
 	allow $1 portage_devpts_t:chr_file { rw_chr_file_perms setattr };
-	term_create_pty($1,portage_devpts_t)
+	term_create_pty($1, portage_devpts_t)
 	# write compile logs
 	allow $1 portage_log_t:dir setattr;
--- a/policy/modules/admin/rpm.if
+++ b/policy/modules/admin/rpm.if
@ -36,7 +36,7 @@ interface(`rpm_domtrans_script',`
 	')
 	# transition to rpm script:
-	corecmd_shell_domtrans($1,rpm_script_t)
+	corecmd_shell_domtrans($1, rpm_script_t)
 	allow rpm_script_t $1:fd use;
 	allow rpm_script_t $1:fifo_file rw_file_perms;
 	allow rpm_script_t $1:process sigchld;
--- a/policy/modules/admin/su.if
+++ b/policy/modules/admin/su.if
@ -166,7 +166,7 @@ template(`su_role_template',`
 	')
 	type $1_su_t, su_domain_type;
-	domain_entry_file($1_su_t,su_exec_t)
+	domain_entry_file($1_su_t, su_exec_t)
 	domain_type($1_su_t)
 	domain_interactive_fd($1_su_t)
 	ubac_constrained($1_su_t)
--- a/policy/modules/admin/sxid.te
+++ b/policy/modules/admin/sxid.te
@ -29,7 +29,7 @@ allow sxid_t self:tcp_socket create_stream_socket_perms;
 allow sxid_t self:udp_socket create_socket_perms;
 allow sxid_t sxid_log_t:file manage_file_perms;
-logging_log_filetrans(sxid_t,sxid_log_t,file)
+logging_log_filetrans(sxid_t, sxid_log_t, file)
 manage_dirs_pattern(sxid_t, sxid_tmp_t, sxid_tmp_t)
 manage_files_pattern(sxid_t, sxid_tmp_t, sxid_tmp_t)
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@ -49,7 +49,7 @@ files_tmp_file(sysadm_passwd_tmp_t)
 type useradd_t;
 type useradd_exec_t;
 domain_obj_id_change_exemption(useradd_t)
-init_system_domain(useradd_t,useradd_exec_t)
+init_system_domain(useradd_t, useradd_exec_t)
 role system_r types useradd_t;
 ########################################
@ -210,7 +210,7 @@ files_manage_etc_files(groupadd_t)
 files_relabel_etc_files(groupadd_t)
 files_read_etc_runtime_files(groupadd_t)
-# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
+# Execute /usr/bin/{passwd, chfn, chsh} and /usr/sbin/{useradd, vipw}.
 corecmd_exec_bin(groupadd_t)
 logging_send_audit_msgs(groupadd_t)
--- a/policy/modules/apps/evolution.te
+++ b/policy/modules/apps/evolution.te
@ -480,7 +480,7 @@ userdom_search_user_home_dirs(evolution_exchange_t)
 # until properly implemented
 userdom_dontaudit_read_user_home_content_files(evolution_exchange_t)
-xserver_user_x_domain_template(evolution_exchange,evolution_exchange_t, evolution_exchange_tmpfs_t)
+xserver_user_x_domain_template(evolution_exchange, evolution_exchange_t, evolution_exchange_tmpfs_t)
 # Access evolution home
 tunable_policy(`use_nfs_home_dirs',`
--- a/policy/modules/apps/mplayer.fc
+++ b/policy/modules/apps/mplayer.fc
@ -11,4 +11,4 @@
 /usr/bin/vlc		--	gen_context(system_u:object_r:mplayer_exec_t,s0)
 /usr/bin/xine		--	gen_context(system_u:object_r:mplayer_exec_t,s0)
-HOME_DIR/\.mplayer(/.*)?        gen_context(system_u:object_r:mplayer_home_t,s0)
+HOME_DIR/\.mplayer(/.*)?	gen_context(system_u:object_r:mplayer_home_t,s0)
--- a/policy/modules/apps/mplayer.if
+++ b/policy/modules/apps/mplayer.if
@ -67,12 +67,12 @@ interface(`mplayer_domtrans',`
 ########################################
 ## <summary>
-##      Execute mplayer in the caller domain.
+##	Execute mplayer in the caller domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 #
--- a/policy/modules/apps/slocate.if
+++ b/policy/modules/apps/slocate.if
@ -35,7 +35,7 @@ interface(`locate_read_lib_files',`
 		type locate_var_lib_t;
 	')
-	read_files_pattern($1,locate_var_lib_t,locate_var_lib_t)
+	read_files_pattern($1, locate_var_lib_t, locate_var_lib_t)
 	allow $1 locate_var_lib_t:dir list_dir_perms;
 	files_search_var_lib($1)
 ')
--- a/policy/modules/apps/wireshark.te
+++ b/policy/modules/apps/wireshark.te
@ -54,7 +54,7 @@ corecmd_search_bin(wireshark_t)
 manage_dirs_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
 manage_files_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
 manage_lnk_files_pattern(wireshark_t, wireshark_home_t, wireshark_home_t)
-userdom_user_home_dir_filetrans(wireshark_t, wireshark_home_t,dir)
+userdom_user_home_dir_filetrans(wireshark_t, wireshark_home_t, dir)
 # Store temporary files
 manage_dirs_pattern(wireshark_t, wireshark_tmp_t, wireshark_tmp_t)
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@ -74,7 +74,7 @@ ifdef(`distro_redhat',`
 /etc/rc\.d/init\.d/functions	--	gen_context(system_u:object_r:bin_t,s0)
-/etc/security/namespace.init    --      gen_context(system_u:object_r:bin_t,s0)
+/etc/security/namespace.init	--	gen_context(system_u:object_r:bin_t,s0)
 /etc/sysconfig/crond		-- gen_context(system_u:object_r:bin_t,s0)
 /etc/sysconfig/init		-- gen_context(system_u:object_r:bin_t,s0)
@ -218,11 +218,11 @@ ifdef(`distro_gentoo',`
 /usr/share/PackageKit/pk-upgrade-distro\.sh -- 	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/PackageKit/helpers(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/selinux/devel/policygentool -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/shorewall/configpath	--      gen_context(system_u:object_r:bin_t,s0)
+/usr/share/shorewall/configpath	--	gen_context(system_u:object_r:bin_t,s0)
-/usr/share/shorewall-perl(/.*)?	        gen_context(system_u:object_r:bin_t,s0)
+/usr/share/shorewall-perl(/.*)?		gen_context(system_u:object_r:bin_t,s0)
-/usr/share/shorewall-shell(/.*)?        gen_context(system_u:object_r:bin_t,s0)
+/usr/share/shorewall-shell(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/shorewall-lite(/.*)? 	gen_context(system_u:object_r:bin_t,s0)
-/usr/share/shorewall6-lite(/.*)?        gen_context(system_u:object_r:bin_t,s0)
+/usr/share/shorewall6-lite(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/turboprint/lib(/.*)?	--	gen_context(system_u:object_r:bin_t,s0)
 /usr/X11R6/lib(64)?/X11/xkb/xkbcomp --	gen_context(system_u:object_r:bin_t,s0)
@ -241,8 +241,8 @@ ifdef(`distro_redhat', `
 /usr/lib64/.*/program(/.*)?		gen_context(system_u:object_r:bin_t,s0)
 /usr/lib/bluetooth(/.*)?	--	gen_context(system_u:object_r:bin_t,s0)
 /usr/lib64/bluetooth(/.*)?	--	gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/vmware-tools/(s)?bin32(/.*)?      gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/vmware-tools/(s)?bin32(/.*)?	gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/vmware-tools/(s)?bin64(/.*)?      gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/vmware-tools/(s)?bin64(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/authconfig/authconfig-tui\.py -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/authconfig/authconfig\.py --	gen_context(system_u:object_r:bin_t,s0)
@ -305,7 +305,7 @@ ifdef(`distro_suse', `
 /usr/lib/yp/.+			--	gen_context(system_u:object_r:bin_t,s0)
 /usr/lib64/yp/.+		--	gen_context(system_u:object_r:bin_t,s0)
-/var/qmail/bin                  -d      gen_context(system_u:object_r:bin_t,s0)
+/var/qmail/bin			-d	gen_context(system_u:object_r:bin_t,s0)
 /var/qmail/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
 /var/qmail/rc			--	gen_context(system_u:object_r:bin_t,s0)
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@ -70,7 +70,7 @@ interface(`corecmd_bin_entry_type',`
 		type bin_t;
 	')
-	domain_entry_file($1,bin_t)
+	domain_entry_file($1, bin_t)
 ')
 ########################################
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@ -230,7 +230,7 @@ type netif_t, netif_type;
 sid netif gen_context(system_u:object_r:netif_t,s0 - mls_systemhigh)
 build_option(`enable_mls',`
-network_interface(lo, lo,s0 - mls_systemhigh)
+network_interface(lo, lo, s0 - mls_systemhigh)
 ',`
 typealias netif_t alias { lo_netif_t netif_lo_t };
 ')
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@ -68,8 +68,8 @@ interface(`dev_relabel_all_dev_nodes',`
 	relabelfrom_lnk_files_pattern($1, device_t, { device_t device_node })
 	relabelfrom_fifo_files_pattern($1, device_t, device_node)
 	relabelfrom_sock_files_pattern($1, device_t, device_node)
-	relabel_blk_files_pattern($1,device_t,{ device_t device_node })
+	relabel_blk_files_pattern($1, device_t,{ device_t device_node })
-	relabel_chr_files_pattern($1,device_t,{ device_t device_node })
+	relabel_chr_files_pattern($1, device_t,{ device_t device_node })
 ')
 ########################################
@ -1247,7 +1247,7 @@ interface(`dev_create_cardmgr_dev',`
 	create_chr_files_pattern($1, device_t, cardmgr_dev_t)
 	create_blk_files_pattern($1, device_t, cardmgr_dev_t)
-	filetrans_pattern($1,device_t, cardmgr_dev_t, { chr_file blk_file })
+	filetrans_pattern($1, device_t, cardmgr_dev_t, { chr_file blk_file })
 ')
 ########################################
@ -1709,11 +1709,11 @@ interface(`dev_read_kvm',`
 ########################################
 ## <summary>
-##      Read and write to kvm devices.
+##	Read and write to kvm devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@ -2138,7 +2138,7 @@ interface(`files_create_boot_flag',`
 	')
 	allow $1 etc_runtime_t:file manage_file_perms;
-	filetrans_pattern($1,root_t,etc_runtime_t,file)
+	filetrans_pattern($1, root_t, etc_runtime_t, file)
 ')
 ########################################
@ -4662,7 +4662,7 @@ interface(`files_rw_generic_pids',`
 		type var_t, var_run_t;
 	')
-	list_dirs_pattern($1,var_t,var_run_t)
+	list_dirs_pattern($1, var_t, var_run_t)
 	rw_files_pattern($1, var_run_t, var_run_t)
 ')
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@ -103,7 +103,7 @@ interface(`fs_exec_noxattr',`
 		attribute noxattrfs;
 	')
-	can_exec($1,noxattrfs)
+	can_exec($1, noxattrfs)
 ')
 ########################################
@ -1455,7 +1455,7 @@ interface(`fs_read_fusefs_files',`
 		type fusefs_t;
 	')
-	read_files_pattern($1,fusefs_t,fusefs_t)
+	read_files_pattern($1, fusefs_t, fusefs_t)
 ')
 ########################################
--- a/policy/modules/kernel/mls.if
+++ b/policy/modules/kernel/mls.if
@ -959,7 +959,7 @@ interface(`mls_dbus_send_all_levels',`
 		attribute mlsdbussend;
 	')
-       typeattribute $1 mlsdbussend;
+	typeattribute $1 mlsdbussend;
 ')
 ########################################
@ -980,5 +980,5 @@ interface(`mls_dbus_recv_all_levels',`
 		attribute mlsdbusrecv;
 	')
-       typeattribute $1 mlsdbusrecv;
+	typeattribute $1 mlsdbusrecv;
 ')
--- a/policy/modules/roles/guest.if
+++ b/policy/modules/roles/guest.if
@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="role">
 ##	<summary>
-##     Role allowed access.
+##	Role allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
--- a/policy/modules/roles/logadm.if
+++ b/policy/modules/roles/logadm.if
@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="role">
 ##	<summary>
-##     Role allowed access.
+##	Role allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
--- a/policy/modules/roles/xguest.if
+++ b/policy/modules/roles/xguest.if
@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="role">
 ##	<summary>
-##     Role allowed access.
+##	Role allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
--- a/policy/modules/services/afs.te
+++ b/policy/modules/services/afs.te
@ -65,7 +65,7 @@ allow afs_bosserver_t self:process { setsched signal_perms };
 allow afs_bosserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_bosserver_t self:udp_socket create_socket_perms;
-can_exec(afs_bosserver_t,afs_bosserver_exec_t)
+can_exec(afs_bosserver_t, afs_bosserver_exec_t)
 manage_dirs_pattern(afs_bosserver_t, afs_config_t, afs_config_t)
 manage_files_pattern(afs_bosserver_t, afs_config_t, afs_config_t)
@ -236,7 +236,7 @@ allow afs_ptserver_t self:unix_stream_socket create_stream_socket_perms;
 allow afs_ptserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_ptserver_t self:udp_socket create_socket_perms;
-read_files_pattern(afs_ptserver_t,afs_config_t,afs_config_t)
+read_files_pattern(afs_ptserver_t, afs_config_t, afs_config_t)
 allow afs_ptserver_t afs_config_t:dir list_dir_perms;
 manage_dirs_pattern(afs_ptserver_t, afs_logfile_t, afs_logfile_t)
@ -274,14 +274,14 @@ allow afs_vlserver_t self:unix_stream_socket create_stream_socket_perms;
 allow afs_vlserver_t self:tcp_socket create_stream_socket_perms;
 allow afs_vlserver_t self:udp_socket create_socket_perms;
-read_files_pattern(afs_vlserver_t,afs_config_t,afs_config_t)
+read_files_pattern(afs_vlserver_t, afs_config_t, afs_config_t)
 allow afs_vlserver_t afs_config_t:dir list_dir_perms;
 manage_dirs_pattern(afs_vlserver_t, afs_logfile_t, afs_logfile_t)
 manage_files_pattern(afs_vlserver_t, afs_logfile_t, afs_logfile_t)
 manage_files_pattern(afs_vlserver_t, afs_dbdir_t, afs_vl_db_t)
-filetrans_pattern(afs_vlserver_t, afs_dbdir_t,afs_vl_db_t, file)
+filetrans_pattern(afs_vlserver_t, afs_dbdir_t, afs_vl_db_t, file)
 corenet_all_recvfrom_unlabeled(afs_vlserver_t)
 corenet_all_recvfrom_netlabel(afs_vlserver_t)
--- a/policy/modules/services/amavis.te
+++ b/policy/modules/services/amavis.te
@ -78,7 +78,7 @@ files_search_spool(amavis_t)
 # tmp files
 manage_files_pattern(amavis_t, amavis_tmp_t, amavis_tmp_t)
 allow amavis_t amavis_tmp_t:dir setattr;
-files_tmp_filetrans(amavis_t,amavis_tmp_t,file)
+files_tmp_filetrans(amavis_t, amavis_tmp_t, file)
 # var/lib files for amavis
 manage_dirs_pattern(amavis_t, amavis_var_lib_t, amavis_var_lib_t)
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@ -79,8 +79,8 @@ template(`apache_content_template',`
 	read_lnk_files_pattern(httpd_$1_script_t, httpd_$1_script_ra_t, httpd_$1_script_ra_t)
 	allow httpd_$1_script_t httpd_$1_script_ro_t:dir list_dir_perms;
-	read_files_pattern(httpd_$1_script_t,httpd_$1_script_ro_t,httpd_$1_script_ro_t)
+	read_files_pattern(httpd_$1_script_t, httpd_$1_script_ro_t, httpd_$1_script_ro_t)
-	read_lnk_files_pattern(httpd_$1_script_t,httpd_$1_script_ro_t,httpd_$1_script_ro_t)
+	read_lnk_files_pattern(httpd_$1_script_t, httpd_$1_script_ro_t, httpd_$1_script_ro_t)
 	manage_dirs_pattern(httpd_$1_script_t, httpd_$1_script_rw_t, httpd_$1_script_rw_t)
 	manage_files_pattern(httpd_$1_script_t, httpd_$1_script_rw_t, httpd_$1_script_rw_t)
@ -268,33 +268,33 @@ interface(`apache_role',`
 	allow $2 httpd_user_htaccess_t:file { manage_file_perms relabelto relabelfrom };
-	manage_dirs_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_dirs_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_lnk_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	manage_lnk_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_dirs_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_dirs_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_ra_t,httpd_user_script_ra_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_ra_t, httpd_user_script_ra_t)
-	manage_dirs_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_dirs_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_lnk_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	manage_lnk_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_dirs_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_dirs_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_ro_t,httpd_user_script_ro_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_ro_t, httpd_user_script_ro_t)
-	manage_dirs_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_dirs_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_lnk_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	manage_lnk_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_dirs_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_dirs_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_rw_t,httpd_user_script_rw_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_rw_t, httpd_user_script_rw_t)
-	manage_dirs_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_dirs_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	manage_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	manage_lnk_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	manage_lnk_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_dirs_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_dirs_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
-	relabel_lnk_files_pattern($2,httpd_user_script_exec_t,httpd_user_script_exec_t)
+	relabel_lnk_files_pattern($2, httpd_user_script_exec_t, httpd_user_script_exec_t)
 	tunable_policy(`httpd_enable_cgi',`
 		# If a user starts a script by hand it gets the proper context
@ -735,7 +735,7 @@ interface(`apache_exec_modules',`
 	allow $1 httpd_modules_t:dir list_dir_perms;
 	allow $1 httpd_modules_t:lnk_file read_lnk_file_perms;
-	can_exec($1,httpd_modules_t)
+	can_exec($1, httpd_modules_t)
 ')
 ########################################
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@ -430,7 +430,7 @@ tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
 ')
 tunable_policy(`httpd_ssi_exec',`
-	corecmd_shell_domtrans(httpd_t,httpd_sys_script_t)
+	corecmd_shell_domtrans(httpd_t, httpd_sys_script_t)
 	allow httpd_sys_script_t httpd_t:fd use;
 	allow httpd_sys_script_t httpd_t:fifo_file rw_file_perms;
 	allow httpd_sys_script_t httpd_t:process sigchld;
--- a/policy/modules/services/apcupsd.te
+++ b/policy/modules/services/apcupsd.te
@ -37,7 +37,7 @@ allow apcupsd_t self:unix_stream_socket create_stream_socket_perms;
 allow apcupsd_t self:tcp_socket create_stream_socket_perms;
 allow apcupsd_t apcupsd_lock_t:file manage_file_perms;
-files_lock_filetrans(apcupsd_t,apcupsd_lock_t,file)
+files_lock_filetrans(apcupsd_t, apcupsd_lock_t, file)
 allow apcupsd_t apcupsd_log_t:dir setattr;
 manage_files_pattern(apcupsd_t, apcupsd_log_t, apcupsd_log_t)
@ -47,7 +47,7 @@ manage_files_pattern(apcupsd_t, apcupsd_tmp_t, apcupsd_tmp_t)
 files_tmp_filetrans(apcupsd_t, apcupsd_tmp_t, file)
 manage_files_pattern(apcupsd_t, apcupsd_var_run_t, apcupsd_var_run_t)
-files_pid_filetrans(apcupsd_t,apcupsd_var_run_t, file)
+files_pid_filetrans(apcupsd_t, apcupsd_var_run_t, file)
 kernel_read_system_state(apcupsd_t)
@ -73,7 +73,7 @@ files_read_etc_files(apcupsd_t)
 files_search_locks(apcupsd_t)
 # Creates /etc/nologin
 files_manage_etc_runtime_files(apcupsd_t)
-files_etc_filetrans_etc_runtime(apcupsd_t,file)
+files_etc_filetrans_etc_runtime(apcupsd_t, file)
 # https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240805
 term_use_unallocated_ttys(apcupsd_t)
--- a/policy/modules/services/apm.te
+++ b/policy/modules/services/apm.te
@ -67,7 +67,7 @@ allow apmd_t self:unix_dgram_socket create_socket_perms;
 allow apmd_t self:unix_stream_socket create_stream_socket_perms;
 allow apmd_t apmd_log_t:file manage_file_perms;
-logging_log_filetrans(apmd_t,apmd_log_t,file)
+logging_log_filetrans(apmd_t, apmd_log_t, file)
 manage_dirs_pattern(apmd_t, apmd_tmp_t, apmd_tmp_t)
 manage_files_pattern(apmd_t, apmd_tmp_t, apmd_tmp_t)
@ -139,7 +139,7 @@ userdom_dontaudit_search_user_home_content(apmd_t) # Excessive?
 ifdef(`distro_redhat',`
 	allow apmd_t apmd_lock_t:file manage_file_perms;
-	files_lock_filetrans(apmd_t,apmd_lock_t,file)
+	files_lock_filetrans(apmd_t, apmd_lock_t, file)
 	can_exec(apmd_t, apmd_var_run_t)
--- a/policy/modules/services/avahi.te
+++ b/policy/modules/services/avahi.te
@ -40,7 +40,7 @@ files_var_lib_filetrans(avahi_t, avahi_var_lib_t, { dir file })
 manage_files_pattern(avahi_t, avahi_var_run_t, avahi_var_run_t)
 manage_sock_files_pattern(avahi_t, avahi_var_run_t, avahi_var_run_t)
 allow avahi_t avahi_var_run_t:dir setattr;
-files_pid_filetrans(avahi_t,avahi_var_run_t,file)
+files_pid_filetrans(avahi_t, avahi_var_run_t, file)
 kernel_read_kernel_sysctls(avahi_t)
 kernel_list_proc(avahi_t)
--- a/policy/modules/services/bind.te
+++ b/policy/modules/services/bind.te
@ -151,7 +151,7 @@ userdom_dontaudit_search_user_home_dirs(named_t)
 tunable_policy(`named_write_master_zones',`
 	manage_dirs_pattern(named_t, named_zone_t, named_zone_t)
-	manage_files_pattern(named_t, named_zone_t,named_zone_t)
+	manage_files_pattern(named_t, named_zone_t, named_zone_t)
 	manage_lnk_files_pattern(named_t, named_zone_t, named_zone_t)
 ')
--- a/policy/modules/services/bluetooth.te
+++ b/policy/modules/services/bluetooth.te
@ -77,7 +77,7 @@ filetrans_pattern(bluetooth_t, bluetooth_conf_t, bluetooth_conf_rw_t, { dir file
 can_exec(bluetooth_t, bluetooth_helper_exec_t)
 allow bluetooth_t bluetooth_lock_t:file manage_file_perms;
-files_lock_filetrans(bluetooth_t,bluetooth_lock_t,file)
+files_lock_filetrans(bluetooth_t, bluetooth_lock_t, file)
 manage_dirs_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
 manage_files_pattern(bluetooth_t, bluetooth_tmp_t, bluetooth_tmp_t)
--- a/policy/modules/services/canna.if
+++ b/policy/modules/services/canna.if
@ -16,7 +16,7 @@ interface(`canna_stream_connect',`
 	')
 	files_search_pids($1)
-	stream_connect_pattern($1, canna_var_run_t, canna_var_run_t,canna_t)
+	stream_connect_pattern($1, canna_var_run_t, canna_var_run_t, canna_t)
 ')
 ########################################
--- a/policy/modules/services/certmaster.fc
+++ b/policy/modules/services/certmaster.fc
@ -1,7 +1,7 @@
 /etc/certmaster(/.*)?			gen_context(system_u:object_r:certmaster_etc_rw_t,s0)
-/etc/rc\.d/init\.d/certmaster	--   	gen_context(system_u:object_r:certmaster_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/certmaster	--	gen_context(system_u:object_r:certmaster_initrc_exec_t,s0)
 /usr/bin/certmaster		--	gen_context(system_u:object_r:certmaster_exec_t,s0)
-/var/log/certmaster(/.*)?  		gen_context(system_u:object_r:certmaster_var_log_t,s0)
+/var/log/certmaster(/.*)?		gen_context(system_u:object_r:certmaster_var_log_t,s0)
 /var/run/certmaster.*			gen_context(system_u:object_r:certmaster_var_run_t,s0)
--- a/policy/modules/services/certmaster.if
+++ b/policy/modules/services/certmaster.if
@ -20,60 +20,60 @@ interface(`certmaster_domtrans',`
 #######################################
 ## <summary>
-##      read certmaster logs.
+##	read certmaster logs.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`certmaster_read_log',`
-        gen_require(`
+	gen_require(`
-                type certmaster_var_log_t;
+		type certmaster_var_log_t;
-        ')
+	')
-        read_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
+	read_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
 	logging_search_logs($1)
 ')
 #######################################
 ## <summary>
-##      Append to certmaster logs.
+##	Append to certmaster logs.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`certmaster_append_log',`
-        gen_require(`
+	gen_require(`
-                type certmaster_var_log_t;
+		type certmaster_var_log_t;
-        ')
+	')
-        append_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
+	append_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
 	logging_search_logs($1)
 ')
 #######################################
 ## <summary>
-##      Create, read, write, and delete
+##	Create, read, write, and delete
-##      certmaster logs.
+##	certmaster logs.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`certmaster_manage_log',`
-        gen_require(`
+	gen_require(`
-                type certmaster_var_log_t;
+		type certmaster_var_log_t;
-        ')
+	')
-        manage_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
+	manage_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
-        manage_lnk_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
+	manage_lnk_files_pattern($1, certmaster_var_log_t, certmaster_var_log_t)
 	logging_search_logs($1)
 ')
--- a/policy/modules/services/clamav.te
+++ b/policy/modules/services/clamav.te
@ -120,7 +120,7 @@ cron_rw_pipes(clamd_t)
 optional_policy(`
 	amavis_read_lib_files(clamd_t)
 	amavis_read_spool_files(clamd_t)
-	amavis_spool_filetrans(clamd_t,clamd_var_run_t,sock_file)
+	amavis_spool_filetrans(clamd_t, clamd_var_run_t, sock_file)
 	amavis_create_pid_files(clamd_t)
 ')
--- a/policy/modules/services/courier.if
+++ b/policy/modules/services/courier.if
@ -35,7 +35,7 @@ template(`courier_domain_template',`
 	can_exec(courier_$1_t, courier_$1_exec_t)
-	read_files_pattern(courier_$1_t,courier_etc_t,courier_etc_t)
+	read_files_pattern(courier_$1_t, courier_etc_t, courier_etc_t)
 	allow courier_$1_t courier_etc_t:dir list_dir_perms;
 	manage_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@ -34,7 +34,7 @@ template(`cron_common_crontab_template',`
 	allow $1_t self:process signal_perms;
 	allow $1_t $1_tmp_t:file manage_file_perms;
-	files_tmp_filetrans($1_t,$1_tmp_t,file)
+	files_tmp_filetrans($1_t,$1_tmp_t, file)
 	# create files in /var/spool/cron
 	# cjp: change this to a role transition
@ -411,7 +411,7 @@ interface(`cron_anacron_domtrans_system_job',`
 		type system_cronjob_t, anacron_exec_t;
 	')
-	domtrans_pattern($1,anacron_exec_t,system_cronjob_t)
+	domtrans_pattern($1, anacron_exec_t, system_cronjob_t)
 ')
 ########################################
--- a/policy/modules/services/cron.te
+++ b/policy/modules/services/cron.te
@ -90,7 +90,7 @@ type system_cronjob_tmp_t alias system_crond_tmp_t;
 files_tmp_file(system_cronjob_tmp_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(crond_t,crond_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(crond_t, crond_exec_t, s0 - mcs_systemhigh)
 ')
 type unconfined_cronjob_t;
@ -147,7 +147,7 @@ allow crond_t self:msg { send receive };
 allow crond_t self:key { search write link };
 allow crond_t crond_var_run_t:file manage_file_perms;
-files_pid_filetrans(crond_t,crond_var_run_t,file)
+files_pid_filetrans(crond_t, crond_var_run_t, file)
 allow crond_t cron_spool_t:dir rw_dir_perms;
 allow crond_t cron_spool_t:file read_file_perms;
@ -306,7 +306,7 @@ allow system_cronjob_t crond_t:process sigchld;
 # Write /var/lock/makewhatis.lock.
 allow system_cronjob_t system_cronjob_lock_t:file manage_file_perms;
-files_lock_filetrans(system_cronjob_t,system_cronjob_lock_t,file)
+files_lock_filetrans(system_cronjob_t, system_cronjob_lock_t, file)
 # write temporary files
 manage_files_pattern(system_cronjob_t, crond_tmp_t, system_cronjob_tmp_t)
--- a/policy/modules/services/cups.te
+++ b/policy/modules/services/cups.te
@ -66,11 +66,11 @@ type ptal_var_run_t;
 files_pid_file(ptal_var_run_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(cupsd_t,cupsd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(cupsd_t, cupsd_exec_t, s0 - mcs_systemhigh)
 ')
 ifdef(`enable_mls',`
-	init_ranged_daemon_domain(cupsd_t,cupsd_exec_t,mls_systemhigh)
+	init_ranged_daemon_domain(cupsd_t, cupsd_exec_t, mls_systemhigh)
 ')
 ########################################
--- a/policy/modules/services/ddclient.te
+++ b/policy/modules/services/ddclient.te
@ -42,7 +42,7 @@ allow ddclient_t self:udp_socket create_socket_perms;
 allow ddclient_t ddclient_etc_t:file read_file_perms;
 allow ddclient_t ddclient_log_t:file manage_file_perms;
-logging_log_filetrans(ddclient_t,ddclient_log_t,file)
+logging_log_filetrans(ddclient_t, ddclient_log_t, file)
 manage_dirs_pattern(ddclient_t, ddclient_var_t, ddclient_var_t)
 manage_files_pattern(ddclient_t, ddclient_var_t, ddclient_var_t)
--- a/policy/modules/services/dnsmasq.te
+++ b/policy/modules/services/dnsmasq.te
@ -36,7 +36,7 @@ allow dnsmasq_t self:rawip_socket create_socket_perms;
 # dhcp leases
 manage_files_pattern(dnsmasq_t, dnsmasq_lease_t, dnsmasq_lease_t)
-files_var_lib_filetrans(dnsmasq_t,dnsmasq_lease_t,file)
+files_var_lib_filetrans(dnsmasq_t, dnsmasq_lease_t, file)
 manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, dnsmasq_var_run_t)
 files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, file)
--- a/policy/modules/services/exim.te
+++ b/policy/modules/services/exim.te
@ -53,14 +53,14 @@ files_pid_file(exim_var_run_t)
 # exim local policy
 #
-allow exim_t self:capability { chown dac_override dac_read_search fowner setuid setgid sys_resource  };
+allow exim_t self:capability { chown dac_override dac_read_search fowner setuid setgid sys_resource };
 allow exim_t self:process { setrlimit setpgid };
 allow exim_t self:fifo_file rw_fifo_file_perms;
 allow exim_t self:unix_stream_socket create_stream_socket_perms;
 allow exim_t self:tcp_socket create_stream_socket_perms;
 allow exim_t self:udp_socket create_socket_perms;
-can_exec(exim_t,exim_exec_t)
+can_exec(exim_t, exim_exec_t)
 manage_files_pattern(exim_t, exim_log_t, exim_log_t)
 logging_log_filetrans(exim_t, exim_log_t, { file dir })
@ -132,8 +132,8 @@ mta_mailserver_delivery(exim_t)
 tunable_policy(`exim_can_connect_db',`
 	corenet_tcp_connect_mysqld_port(exim_t)
 	corenet_sendrecv_mysqld_client_packets(exim_t)
-        corenet_tcp_connect_postgresql_port(exim_t)
+	corenet_tcp_connect_postgresql_port(exim_t)
-        corenet_sendrecv_postgresql_client_packets(exim_t)
+	corenet_sendrecv_postgresql_client_packets(exim_t)
 ')
 tunable_policy(`exim_read_user_files',`
--- a/policy/modules/services/ftp.te
+++ b/policy/modules/services/ftp.te
@ -246,7 +246,7 @@ optional_policy(`
 	files_read_usr_files(ftpd_t)
-       	cron_system_entry(ftpd_t, ftpd_exec_t)
+	cron_system_entry(ftpd_t, ftpd_exec_t)
 	optional_policy(`
 		logrotate_exec(ftpd_t)
--- a/policy/modules/services/gpm.te
+++ b/policy/modules/services/gpm.te
@ -39,7 +39,7 @@ manage_files_pattern(gpm_t, gpm_tmp_t, gpm_tmp_t)
 files_tmp_filetrans(gpm_t, gpm_tmp_t, { file dir })
 allow gpm_t gpm_var_run_t:file manage_file_perms;
-files_pid_filetrans(gpm_t,gpm_var_run_t,file)
+files_pid_filetrans(gpm_t, gpm_var_run_t, file)
 allow gpm_t gpmctl_t:sock_file manage_sock_file_perms;
 allow gpm_t gpmctl_t:fifo_file manage_fifo_file_perms;
--- a/policy/modules/services/gpsd.fc
+++ b/policy/modules/services/gpsd.fc
@ -1 +1 @@
-/usr/sbin/gpsd                 --      gen_context(system_u:object_r:gpsd_exec_t,s0)
+/usr/sbin/gpsd	--	gen_context(system_u:object_r:gpsd_exec_t,s0)
--- a/policy/modules/services/gpsd.if
+++ b/policy/modules/services/gpsd.if
@ -2,71 +2,71 @@
 ########################################
 ## <summary>
-##      Execute a domain transition to run gpsd.
+##	Execute a domain transition to run gpsd.
 ## </summary>
 ## <param name="domain">
 ## <summary>
-##      Domain allowed to transition.
+##	Domain allowed to transition.
 ## </summary>
 ## </param>
 #
 interface(`gpsd_domtrans',`
-        gen_require(`
+	gen_require(`
-                type gpsd_t, gpsd_exec_t;
+		type gpsd_t, gpsd_exec_t;
-        ')
+	')
-        domtrans_pattern($1, gpsd_exec_t, gpsd_t)
+	domtrans_pattern($1, gpsd_exec_t, gpsd_t)
 ')
 ########################################
 ## <summary>
-##      Execute gpsd in the gpsd domain, and
+##	Execute gpsd in the gpsd domain, and
-##      allow the specified role the gpsd domain.
+##	allow the specified role the gpsd domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access
+##	Domain allowed access
-##      </summary>
+##	</summary>
 ## </param>
 ## <param name="role">
-##      <summary>
+##	<summary>
-##      The role to be allowed the gpsd domain.
+##	The role to be allowed the gpsd domain.
-##      </summary>
+##	</summary>
 ## </param>
 ## <param name="terminal">
-##      <summary>
+##	<summary>
-##      The type of the role's terminal.
+##	The type of the role's terminal.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`gpsd_run',`
-        gen_require(`
+	gen_require(`
-                type gpsd_t;
+		type gpsd_t;
-        ')
+	')
-        gpsd_domtrans($1)
+	gpsd_domtrans($1)
-        role $2 types gpsd_t;
+	role $2 types gpsd_t;
-        allow gpsd_t $3:chr_file rw_term_perms;
+	allow gpsd_t $3:chr_file rw_term_perms;
 ')
 ########################################
 ## <summary>    
-##      Read and write gpsd shared memory.
+##	Read and write gpsd shared memory.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`gpsd_rw_shm',`
-        gen_require(`
+	gen_require(`
-                type gpsd_t, gpsd_tmpfs_t;
+		type gpsd_t, gpsd_tmpfs_t;
-        ')
+	')
-        allow $1 gpsd_t:shm rw_shm_perms;
+	allow $1 gpsd_t:shm rw_shm_perms;
-        allow $1 gpsd_tmpfs_t:dir list_dir_perms;
+	allow $1 gpsd_tmpfs_t:dir list_dir_perms;
-        rw_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
+	rw_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
-        read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
+	read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
-        fs_search_tmpfs($1)
+	fs_search_tmpfs($1)
 ')
--- a/policy/modules/services/gpsd.te
+++ b/policy/modules/services/gpsd.te
@ -47,7 +47,7 @@ logging_send_syslog_msg(gpsd_t)
 miscfiles_read_localization(gpsd_t)
 optional_policy(`
-        dbus_system_bus_client(gpsd_t)
+	dbus_system_bus_client(gpsd_t)
 ')
 optional_policy(`
--- a/policy/modules/services/ifplugd.fc
+++ b/policy/modules/services/ifplugd.fc
@ -1,6 +1,6 @@
-/etc/ifplugd(/.*)?	                gen_context(system_u:object_r:ifplugd_etc_t,s0)
+/etc/ifplugd(/.*)?			gen_context(system_u:object_r:ifplugd_etc_t,s0)
-/etc/rc\.d/init\.d/ifplugd      --      gen_context(system_u:object_r:ifplugd_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/ifplugd	--	gen_context(system_u:object_r:ifplugd_initrc_exec_t,s0)
 /usr/sbin/ifplugd		--	gen_context(system_u:object_r:ifplugd_exec_t,s0)
--- a/policy/modules/services/ifplugd.te
+++ b/policy/modules/services/ifplugd.te
@ -73,5 +73,5 @@ sysnet_read_dhcpc_pid(ifplugd_t)
 sysnet_signal_dhcpc(ifplugd_t)
 optional_policy(`
-        consoletype_exec(ifplugd_t)
+	consoletype_exec(ifplugd_t)
 ')
--- a/policy/modules/services/inetd.te
+++ b/policy/modules/services/inetd.te
@ -31,7 +31,7 @@ type inetd_child_var_run_t;
 files_pid_file(inetd_child_var_run_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(inetd_t, inetd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(inetd_t, inetd_exec_t, s0 - mcs_systemhigh)
 ')
 ########################################
--- a/policy/modules/services/kerberos.if
+++ b/policy/modules/services/kerberos.if
@ -281,7 +281,7 @@ interface(`kerberos_connect_524',`
 	tunable_policy(`allow_kerberos',`
 		allow $1 self:udp_socket create_socket_perms;
-                corenet_all_recvfrom_unlabeled($1)
+		corenet_all_recvfrom_unlabeled($1)
 		corenet_udp_sendrecv_generic_if($1)
 		corenet_udp_sendrecv_generic_node($1)
 		corenet_udp_sendrecv_kerberos_master_port($1)
--- a/policy/modules/services/kerberos.te
+++ b/policy/modules/services/kerberos.te
@ -84,7 +84,7 @@ allow kadmind_t self:tcp_socket connected_stream_socket_perms;
 allow kadmind_t self:udp_socket create_socket_perms;
 allow kadmind_t kadmind_log_t:file manage_file_perms;
-logging_log_filetrans(kadmind_t,kadmind_log_t,file)
+logging_log_filetrans(kadmind_t, kadmind_log_t, file)
 allow kadmind_t krb5_conf_t:file read_file_perms;
 dontaudit kadmind_t krb5_conf_t:file write;
--- a/policy/modules/services/ldap.te
+++ b/policy/modules/services/ldap.te
@ -61,7 +61,7 @@ manage_lnk_files_pattern(slapd_t, slapd_db_t, slapd_db_t)
 allow slapd_t slapd_etc_t:file read_file_perms;
 allow slapd_t slapd_lock_t:file manage_file_perms;
-files_lock_filetrans(slapd_t,slapd_lock_t,file)
+files_lock_filetrans(slapd_t, slapd_lock_t, file)
 # Allow access to write the replication log (should tighten this)
 manage_dirs_pattern(slapd_t, slapd_replog_t, slapd_replog_t)
--- a/policy/modules/services/lircd.if
+++ b/policy/modules/services/lircd.if
@ -21,39 +21,39 @@ interface(`lircd_domtrans',`
 ######################################
 ## <summary>
-##      Connect to lircd over a unix domain
+##	Connect to lircd over a unix domain
-##      stream socket.
+##	stream socket.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`lircd_stream_connect',`
-        gen_require(`
+	gen_require(`
-                type lircd_sock_t, lircd_t;
+		type lircd_sock_t, lircd_t;
-        ')
+	')
-        allow $1 lircd_t:unix_stream_socket connectto;
+	allow $1 lircd_t:unix_stream_socket connectto;
-        allow $1 lircd_sock_t:sock_file write_sock_file_perms;
+	allow $1 lircd_sock_t:sock_file write_sock_file_perms;
-        files_search_pids($1)
+	files_search_pids($1)
 ')
 #######################################
 ## <summary>
-##      Read lircd etc file
+##	Read lircd etc file
 ## </summary>
 ## <param name="domain">
 ## <summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ## </summary>
 ## </param>
 #
 interface(`lircd_read_config',`
 	gen_require(`
 		type lircd_etc_t;
-        ')
+	')
 	read_files_pattern($1, lircd_etc_t, lircd_etc_t)
 ')
--- a/policy/modules/services/lpd.te
+++ b/policy/modules/services/lpd.te
@ -148,7 +148,7 @@ files_tmp_filetrans(lpd_t, lpd_tmp_t, { file dir })
 manage_files_pattern(lpd_t, lpd_var_run_t, lpd_var_run_t)
 manage_sock_files_pattern(lpd_t, lpd_var_run_t, lpd_var_run_t)
-files_pid_filetrans(lpd_t, lpd_var_run_t,file)
+files_pid_filetrans(lpd_t, lpd_var_run_t, file)
 # Write to /var/spool/lpd.
 manage_files_pattern(lpd_t, print_spool_t, print_spool_t)
@ -304,14 +304,14 @@ tunable_policy(`use_lpd_server',`
 	manage_files_pattern(lpr_t, lpr_tmp_t, lpr_tmp_t)
 	files_tmp_filetrans(lpr_t, lpr_tmp_t, { file dir })
-	manage_files_pattern(lpr_t,print_spool_t,print_spool_t)
+	manage_files_pattern(lpr_t, print_spool_t, print_spool_t)
-	filetrans_pattern(lpr_t,print_spool_t,print_spool_t,file)
+	filetrans_pattern(lpr_t, print_spool_t, print_spool_t, file)
 	# Read and write shared files in the spool directory.
 	allow lpr_t print_spool_t:file rw_file_perms;
 	allow lpr_t printconf_t:dir list_dir_perms;
-	read_files_pattern(lpr_t,printconf_t,printconf_t)
+	read_files_pattern(lpr_t, printconf_t, printconf_t)
-	read_lnk_files_pattern(lpr_t,printconf_t,printconf_t)
+	read_lnk_files_pattern(lpr_t, printconf_t, printconf_t)
 ')
 tunable_policy(`use_nfs_home_dirs',`
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@ -16,7 +16,7 @@ interface(`memcached_domtrans',`
 		type memcached_exec_t;
 	')
-	domtrans_pattern($1,memcached_exec_t,memcached_t)
+	domtrans_pattern($1, memcached_exec_t, memcached_t)
 ')
 ########################################
--- a/policy/modules/services/memcached.te
+++ b/policy/modules/services/memcached.te
@ -40,7 +40,7 @@ corenet_udp_bind_memcache_port(memcached_t)
 manage_dirs_pattern(memcached_t, memcached_var_run_t, memcached_var_run_t)
 manage_files_pattern(memcached_t, memcached_var_run_t, memcached_var_run_t)
-files_pid_filetrans(memcached_t,memcached_var_run_t, { file dir })
+files_pid_filetrans(memcached_t, memcached_var_run_t, { file dir })
 files_read_etc_files(memcached_t)
--- a/policy/modules/services/mta.if
+++ b/policy/modules/services/mta.if
@ -257,7 +257,7 @@ interface(`mta_sendmail_mailserver',`
 		type sendmail_exec_t;
 	')
-	init_system_domain($1,sendmail_exec_t)
+	init_system_domain($1, sendmail_exec_t)
 	typeattribute $1 mailserver_domain;
 ')
--- a/policy/modules/services/munin.te
+++ b/policy/modules/services/munin.te
@ -101,7 +101,7 @@ optional_policy(`
 ')
 optional_policy(`
-	cron_system_entry(munin_t,munin_exec_t)
+	cron_system_entry(munin_t, munin_exec_t)
 ')
 optional_policy(`
--- a/policy/modules/services/mysql.fc
+++ b/policy/modules/services/mysql.fc
@ -10,7 +10,7 @@
 #
 # /usr
 #
-/usr/bin/mysqld_safe    --      gen_context(system_u:object_r:mysqld_safe_exec_t,s0)
+/usr/bin/mysqld_safe	--	gen_context(system_u:object_r:mysqld_safe_exec_t,s0)
 /usr/libexec/mysqld	--	gen_context(system_u:object_r:mysqld_exec_t,s0)
--- a/policy/modules/services/mysql.if
+++ b/policy/modules/services/mysql.if
@ -142,18 +142,18 @@ interface(`mysql_manage_db_dirs',`
 #######################################
 ## <summary>
-##      Append to the MySQL database directory.
+##	Append to the MySQL database directory.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`mysql_append_db_files',`
-        gen_require(`
+	gen_require(`
-                type mysqld_db_t;
+		type mysqld_db_t;
-        ')
+	')
 	files_search_var_lib($1)
 	append_files_pattern($1, mysqld_db_t, mysqld_db_t)
@ -161,40 +161,40 @@ interface(`mysql_append_db_files',`
 #######################################
 ## <summary>
-##      Read and write to the MySQL database directory.
+##	Read and write to the MySQL database directory.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`mysql_rw_db_files',`
-        gen_require(`
+	gen_require(`
-                type mysqld_db_t;
+		type mysqld_db_t;
-        ')
+	')
-        files_search_var_lib($1)
+	files_search_var_lib($1)
 	rw_files_pattern($1, mysqld_db_t, mysqld_db_t)
 ')
 #######################################
 ## <summary>
-##      Create, read, write, and delete MySQL database files.
+##	Create, read, write, and delete MySQL database files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`mysql_manage_db_files',`
-        gen_require(`
+	gen_require(`
-                type mysqld_db_t;
+		type mysqld_db_t;
-        ')
+	')
-        files_search_var_lib($1)
+	files_search_var_lib($1)
-        manage_files_pattern($1, mysqld_db_t, mysqld_db_t)
+	manage_files_pattern($1, mysqld_db_t, mysqld_db_t)
 ')
 ########################################
@ -239,21 +239,21 @@ interface(`mysql_write_log',`
 #####################################
 ## <summary>
-##      Search MySQL PID files.
+##	Search MySQL PID files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ##
 #
 interface(`mysql_search_pid_files',`
-        gen_require(`
+	gen_require(`
-                type mysqld_var_run_t;
+		type mysqld_var_run_t;
-        ')
+	')
-        search_dirs_pattern($1, mysqld_var_run_t, mysqld_var_run_t)
+	search_dirs_pattern($1, mysqld_var_run_t, mysqld_var_run_t)
 ')
 ########################################
--- a/policy/modules/services/networkmanager.te
+++ b/policy/modules/services/networkmanager.te
@ -57,7 +57,7 @@ files_search_tmp(NetworkManager_t)
 manage_dirs_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
 manage_files_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
 manage_sock_files_pattern(NetworkManager_t, NetworkManager_var_run_t, NetworkManager_var_run_t)
-files_pid_filetrans(NetworkManager_t,NetworkManager_var_run_t, { dir file sock_file })
+files_pid_filetrans(NetworkManager_t, NetworkManager_var_run_t, { dir file sock_file })
 kernel_read_system_state(NetworkManager_t)
 kernel_read_network_state(NetworkManager_t)
--- a/policy/modules/services/nis.te
+++ b/policy/modules/services/nis.te
@ -225,7 +225,7 @@ allow ypserv_t self:netlink_route_socket r_netlink_socket_perms;
 allow ypserv_t self:tcp_socket connected_stream_socket_perms;
 allow ypserv_t self:udp_socket create_socket_perms;
-manage_files_pattern(ypserv_t,var_yp_t,var_yp_t)
+manage_files_pattern(ypserv_t, var_yp_t, var_yp_t)
 allow ypserv_t ypserv_conf_t:file read_file_perms;
--- a/policy/modules/services/nsd.fc
+++ b/policy/modules/services/nsd.fc
@ -1,10 +1,10 @@
-/etc/nsd(/.*)?       		gen_context(system_u:object_r:nsd_conf_t,s0)
+/etc/nsd(/.*)?			gen_context(system_u:object_r:nsd_conf_t,s0)
 /etc/nsd/nsd\.db	--	gen_context(system_u:object_r:nsd_db_t,s0)
 /etc/nsd/primary(/.*)?		gen_context(system_u:object_r:nsd_zone_t,s0)
 /etc/nsd/secondary(/.*)?	gen_context(system_u:object_r:nsd_zone_t,s0)
-/usr/sbin/nsd      	--	gen_context(system_u:object_r:nsd_exec_t,s0)
+/usr/sbin/nsd		--	gen_context(system_u:object_r:nsd_exec_t,s0)
 /usr/sbin/nsdc		--	gen_context(system_u:object_r:nsd_exec_t,s0)
 /usr/sbin/nsd-notify	--	gen_context(system_u:object_r:nsd_exec_t,s0)
 /usr/sbin/zonec		--	gen_context(system_u:object_r:nsd_exec_t,s0)
--- a/policy/modules/services/ntp.if
+++ b/policy/modules/services/ntp.if
@ -56,24 +56,24 @@ interface(`ntp_domtrans_ntpdate',`
 ########################################
 ## <summary>    
-##      Read and write ntpd shared memory.
+##	Read and write ntpd shared memory.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`ntpd_rw_shm',`
-        gen_require(`
+	gen_require(`
-                type ntpd_t, ntpd_tmpfs_t;
+		type ntpd_t, ntpd_tmpfs_t;
-        ')
+	')
-        allow $1 ntpd_t:shm rw_shm_perms;
+	allow $1 ntpd_t:shm rw_shm_perms;
-        list_dirs_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
+	list_dirs_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
-        rw_files_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
+	rw_files_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
-        read_lnk_files_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
+	read_lnk_files_pattern($1, ntpd_tmpfs_t, ntpd_tmpfs_t)
-        fs_search_tmpfs($1)
+	fs_search_tmpfs($1)
 ')
 ########################################
--- a/policy/modules/services/ntp.te
+++ b/policy/modules/services/ntp.te
@ -52,13 +52,13 @@ allow ntpd_t self:udp_socket create_socket_perms;
 manage_files_pattern(ntpd_t, ntp_drift_t, ntp_drift_t)
-can_exec(ntpd_t,ntpd_exec_t)
+can_exec(ntpd_t, ntpd_exec_t)
 read_files_pattern(ntpd_t, ntpd_key_t, ntpd_key_t)
 allow ntpd_t ntpd_log_t:dir setattr;
-manage_files_pattern(ntpd_t,ntpd_log_t,ntpd_log_t)
+manage_files_pattern(ntpd_t, ntpd_log_t, ntpd_log_t)
-logging_log_filetrans(ntpd_t,ntpd_log_t,{ file dir })
+logging_log_filetrans(ntpd_t, ntpd_log_t, { file dir })
 # for some reason it creates a file in /tmp
 manage_dirs_pattern(ntpd_t, ntpd_tmp_t, ntpd_tmp_t)
--- a/policy/modules/services/nx.te
+++ b/policy/modules/services/nx.te
@ -35,7 +35,7 @@ allow nx_server_t self:tcp_socket create_socket_perms;
 allow nx_server_t self:udp_socket create_socket_perms;
 allow nx_server_t nx_server_devpts_t:chr_file { rw_chr_file_perms setattr };
-term_create_pty(nx_server_t,nx_server_devpts_t)
+term_create_pty(nx_server_t, nx_server_devpts_t)
 manage_dirs_pattern(nx_server_t, nx_server_tmp_t, nx_server_tmp_t)
 manage_files_pattern(nx_server_t, nx_server_tmp_t, nx_server_tmp_t)
--- a/policy/modules/services/openca.if
+++ b/policy/modules/services/openca.if
@ -16,7 +16,7 @@ interface(`openca_domtrans',`
 		type openca_ca_t, openca_ca_exec_t, openca_usr_share_t;
 	')
-	domtrans_pattern($1,openca_ca_exec_t,openca_ca_t)
+	domtrans_pattern($1, openca_ca_exec_t, openca_ca_t)
 	allow $1 openca_usr_share_t:dir search_dir_perms;
 	files_search_usr($1)
 ')
--- a/policy/modules/services/pegasus.fc
+++ b/policy/modules/services/pegasus.fc
@ -5,8 +5,8 @@
 /usr/sbin/cimserver		--	gen_context(system_u:object_r:pegasus_exec_t,s0)
 /usr/sbin/init_repository	-- 	gen_context(system_u:object_r:pegasus_exec_t,s0)
-/var/lib/Pegasus(/.*)?	                gen_context(system_u:object_r:pegasus_data_t,s0)
+/var/lib/Pegasus(/.*)?			gen_context(system_u:object_r:pegasus_data_t,s0)
-/var/run/tog-pegasus(/.*)?              gen_context(system_u:object_r:pegasus_var_run_t,s0)
+/var/run/tog-pegasus(/.*)?		gen_context(system_u:object_r:pegasus_var_run_t,s0)
-/usr/share/Pegasus/mof(/.*)?/.*\.mof    gen_context(system_u:object_r:pegasus_mof_t,s0)
+/usr/share/Pegasus/mof(/.*)?/.*\.mof	gen_context(system_u:object_r:pegasus_mof_t,s0)
--- a/policy/modules/services/pingd.if
+++ b/policy/modules/services/pingd.if
@ -20,78 +20,78 @@ interface(`pingd_domtrans',`
 #######################################
 ## <summary>
-##      Read pingd etc configuration files.
+##	Read pingd etc configuration files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`pingd_read_config',`
-        gen_require(`
+	gen_require(`
-                type pingd_etc_t;
+		type pingd_etc_t;
-        ')
+	')
-        files_search_etc($1)
+	files_search_etc($1)
-        read_files_pattern($1, pingd_etc_t, pingd_etc_t)
+	read_files_pattern($1, pingd_etc_t, pingd_etc_t)
 ')
 #######################################
 ## <summary>
-##      Manage pingd etc configuration files.
+##	Manage pingd etc configuration files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`pingd_manage_config',`
-        gen_require(`
+	gen_require(`
-                type pingd_etc_t;
+		type pingd_etc_t;
-        ')
+	')
-        files_search_etc($1)
+	files_search_etc($1)
-        manage_dirs_pattern($1, pingd_etc_t, pingd_etc_t)
+	manage_dirs_pattern($1, pingd_etc_t, pingd_etc_t)
-        manage_files_pattern($1, pingd_etc_t, pingd_etc_t)
+	manage_files_pattern($1, pingd_etc_t, pingd_etc_t)
 ')
 #######################################
 ## <summary>
-##      All of the rules required to administrate 
+##	All of the rules required to administrate 
-##      an pingd environment
+##	an pingd environment
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <param name="role">
-##      <summary>
+##	<summary>
-##      The role to be allowed to manage the pingd domain.
+##	The role to be allowed to manage the pingd domain.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
 interface(`pingd_admin',`
-        gen_require(`
+	gen_require(`
-                type pingd_t, pingd_etc_t;
+		type pingd_t, pingd_etc_t;
-                type pingd_initrc_exec_t, pingd_modules_t;
+		type pingd_initrc_exec_t, pingd_modules_t;
-        ')
+	')
-        allow $1 pingd_t:process { ptrace signal_perms };
+	allow $1 pingd_t:process { ptrace signal_perms };
-        ps_process_pattern($1, pingd_t)
+	ps_process_pattern($1, pingd_t)
-        init_labeled_script_domtrans($1, pingd_initrc_exec_t)
+	init_labeled_script_domtrans($1, pingd_initrc_exec_t)
-        domain_system_change_exemption($1)
+	domain_system_change_exemption($1)
-        role_transition $2 pingd_initrc_exec_t system_r;
+	role_transition $2 pingd_initrc_exec_t system_r;
-        allow $2 system_r;
+	allow $2 system_r;
-        files_list_etc($1)
+	files_list_etc($1)
-        admin_pattern($1, pingd_etc_t)
+	admin_pattern($1, pingd_etc_t)
 	files_list_usr($1)
-        admin_pattern($1, pingd_modules_t)
+	admin_pattern($1, pingd_modules_t)
 ')
--- a/policy/modules/services/postfix.if
+++ b/policy/modules/services/postfix.if
@ -365,7 +365,7 @@ interface(`postfix_exec_master',`
 		type postfix_master_exec_t;
 	')
-	can_exec($1,postfix_master_exec_t)
+	can_exec($1, postfix_master_exec_t)
 ')
 ########################################
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@ -106,7 +106,7 @@ allow postfix_master_t self:udp_socket create_socket_perms;
 allow postfix_master_t postfix_etc_t:file rw_file_perms;
-can_exec(postfix_master_t,postfix_exec_t)
+can_exec(postfix_master_t, postfix_exec_t)
 allow postfix_master_t postfix_data_t:dir manage_dir_perms;
 allow postfix_master_t postfix_data_t:file manage_file_perms;
@ -363,7 +363,7 @@ optional_policy(`
 allow postfix_pickup_t self:tcp_socket create_socket_perms;
-stream_connect_pattern(postfix_pickup_t,postfix_private_t,postfix_private_t,postfix_master_t)
+stream_connect_pattern(postfix_pickup_t, postfix_private_t, postfix_private_t, postfix_master_t)
 rw_fifo_files_pattern(postfix_pickup_t, postfix_public_t, postfix_public_t)
 rw_sock_files_pattern(postfix_pickup_t, postfix_public_t, postfix_public_t)
@ -445,7 +445,7 @@ allow postfix_postqueue_t self:tcp_socket create;
 allow postfix_postqueue_t self:udp_socket { create ioctl };
 # wants to write to /var/spool/postfix/public/showq
-stream_connect_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t,postfix_master_t)
+stream_connect_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t, postfix_master_t)
 # write to /var/spool/postfix/public/qmgr
 write_fifo_files_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t)
--- a/policy/modules/services/postgresql.if
+++ b/policy/modules/services/postgresql.if
@ -53,7 +53,7 @@ interface(`postgresql_role',`
 		allow $2 user_sepgsql_proc_exec_t:db_procedure { create drop setattr };
 	')
-	allow $2 user_sepgsql_table_t:db_table  { getattr use select update insert delete lock };
+	allow $2 user_sepgsql_table_t:db_table	{ getattr use select update insert delete lock };
 	allow $2 user_sepgsql_table_t:db_column { getattr use select update insert };
 	allow $2 user_sepgsql_table_t:db_tuple	{ use select update insert delete };
 	type_transition $2 sepgsql_database_type:db_table user_sepgsql_table_t;
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@ -178,7 +178,7 @@ allow postgresql_t postgresql_exec_t:lnk_file { getattr read };
 can_exec(postgresql_t, postgresql_exec_t )
 allow postgresql_t postgresql_lock_t:file manage_file_perms;
-files_lock_filetrans(postgresql_t,postgresql_lock_t,file)
+files_lock_filetrans(postgresql_t, postgresql_lock_t, file)
 manage_files_pattern(postgresql_t, postgresql_log_t, postgresql_log_t)
 logging_log_filetrans(postgresql_t, postgresql_log_t, { file dir })
@ -268,7 +268,7 @@ optional_policy(`
 optional_policy(`
 	cron_search_spool(postgresql_t)
-	cron_system_entry(postgresql_t,postgresql_exec_t)
+	cron_system_entry(postgresql_t, postgresql_exec_t)
 ')
 optional_policy(`
--- a/policy/modules/services/procmail.te
+++ b/policy/modules/services/procmail.te
@ -30,7 +30,7 @@ allow procmail_t self:unix_dgram_socket create_socket_perms;
 allow procmail_t self:tcp_socket create_stream_socket_perms;
 allow procmail_t self:udp_socket create_socket_perms;
-can_exec(procmail_t,procmail_exec_t)
+can_exec(procmail_t, procmail_exec_t)
 # Write log to /var/log/procmail.log or /var/log/procmail/.*
 allow procmail_t procmail_log_t:dir setattr;
--- a/policy/modules/services/psad.if
+++ b/policy/modules/services/psad.if
@ -84,13 +84,13 @@ interface(`psad_read_config',`
 ## </param>
 #
 interface(`psad_manage_config',`
-        gen_require(`
+	gen_require(`
-                type psad_etc_t;
+		type psad_etc_t;
-        ')
+	')
 	files_search_etc($1)
 	manage_dirs_pattern($1, psad_etc_t, psad_etc_t)
-        manage_files_pattern($1, psad_etc_t, psad_etc_t)
+	manage_files_pattern($1, psad_etc_t, psad_etc_t)
 ')
--- a/policy/modules/services/psad.te
+++ b/policy/modules/services/psad.te
@ -102,6 +102,6 @@ miscfiles_read_localization(psad_t)
 sysnet_exec_ifconfig(psad_t)
 optional_policy(`
-        mta_send_mail(psad_t)
+	mta_send_mail(psad_t)
 	mta_read_queue(psad_t)
 ')
--- a/policy/modules/services/pyzor.te
+++ b/policy/modules/services/pyzor.te
@ -36,7 +36,7 @@ ubac_constrained(pyzor_var_lib_t)
 type pyzord_t;
 type pyzord_exec_t;
-init_daemon_domain(pyzord_t,pyzord_exec_t)
+init_daemon_domain(pyzord_t, pyzord_exec_t)
 type pyzord_log_t;
 logging_log_file(pyzord_log_t)
@ -54,7 +54,7 @@ manage_lnk_files_pattern(pyzor_t, pyzor_home_t, pyzor_home_t)
 userdom_user_home_dir_filetrans(pyzor_t, pyzor_home_t, { dir file lnk_file })
 allow pyzor_t pyzor_var_lib_t:dir list_dir_perms;
-read_files_pattern(pyzor_t,pyzor_var_lib_t,pyzor_var_lib_t)
+read_files_pattern(pyzor_t, pyzor_var_lib_t, pyzor_var_lib_t)
 files_search_var_lib(pyzor_t)
 manage_files_pattern(pyzor_t, pyzor_tmp_t, pyzor_tmp_t)
--- a/policy/modules/services/qmail.if
+++ b/policy/modules/services/qmail.if
@ -147,5 +147,5 @@ interface(`qmail_smtpd_service_domain',`
 		type qmail_smtpd_t;
 	')
-        domtrans_pattern(qmail_smtpd_t, $2, $1)
+	domtrans_pattern(qmail_smtpd_t, $2, $1)
 ')
--- a/policy/modules/services/radius.fc
+++ b/policy/modules/services/radius.fc
@ -3,7 +3,7 @@
 /etc/cron\.(daily|weekly|monthly)/freeradius -- gen_context(system_u:object_r:radiusd_exec_t,s0)
 /etc/rc\.d/init\.d/radiusd --	gen_context(system_u:object_r:radiusd_initrc_exec_t,s0)
-/etc/raddb(/.*)?                gen_context(system_u:object_r:radiusd_etc_t,s0)
+/etc/raddb(/.*)?		gen_context(system_u:object_r:radiusd_etc_t,s0)
 /etc/raddb/db\.daily	--	gen_context(system_u:object_r:radiusd_etc_rw_t,s0)
 /usr/sbin/radiusd	--	gen_context(system_u:object_r:radiusd_exec_t,s0)
--- a/policy/modules/services/rhgb.te
+++ b/policy/modules/services/rhgb.te
@ -32,7 +32,7 @@ allow rhgb_t self:udp_socket create_socket_perms;
 allow rhgb_t self:netlink_route_socket r_netlink_socket_perms;
 allow rhgb_t rhgb_devpts_t:chr_file { rw_chr_file_perms setattr };
-term_create_pty(rhgb_t,rhgb_devpts_t)
+term_create_pty(rhgb_t, rhgb_devpts_t)
 manage_dirs_pattern(rhgb_t, rhgb_tmpfs_t, rhgb_tmpfs_t)
 manage_files_pattern(rhgb_t, rhgb_tmpfs_t, rhgb_tmpfs_t)
--- a/policy/modules/services/ricci.if
+++ b/policy/modules/services/ricci.if
@ -71,7 +71,7 @@ interface(`ricci_dontaudit_rw_modcluster_pipes',`
 		type ricci_modcluster_t;
 	')
-	dontaudit $1 ricci_modcluster_t:fifo_file  { read write };
+	dontaudit $1 ricci_modcluster_t:fifo_file { read write };
 ')
 ########################################
--- a/policy/modules/services/rpc.if
+++ b/policy/modules/services/rpc.if
@ -206,11 +206,11 @@ interface(`rpc_domtrans_nfsd',`
 ########################################
 ## <summary>
-##      Execute domain in nfsd domain.
+##	Execute domain in nfsd domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@ -362,7 +362,7 @@ interface(`rpc_read_nfs_state_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
--- a/policy/modules/services/rsync.fc
+++ b/policy/modules/services/rsync.fc
@ -1,6 +1,6 @@
 /usr/bin/rsync		--	gen_context(system_u:object_r:rsync_exec_t,s0)
-/var/log/rsync\.log      --	gen_context(system_u:object_r:rsync_log_t,s0)
+/var/log/rsync\.log	--	gen_context(system_u:object_r:rsync_log_t,s0)
-/var/run/rsyncd\.lock      --	gen_context(system_u:object_r:rsync_var_run_t,s0)
+/var/run/rsyncd\.lock	--	gen_context(system_u:object_r:rsync_var_run_t,s0)
--- a/policy/modules/services/rwho.if
+++ b/policy/modules/services/rwho.if
@ -111,7 +111,7 @@ interface(`rwho_manage_spool_files',`
 		type rwho_spool_t;
 	')
-	manage_files_pattern($1,rwho_spool_t,rwho_spool_t)
+	manage_files_pattern($1, rwho_spool_t, rwho_spool_t)
 	files_search_spool($1)
 ')
--- a/policy/modules/services/samba.te
+++ b/policy/modules/services/samba.te
@ -537,7 +537,7 @@ corecmd_list_bin(smbmount_t)
 files_list_mnt(smbmount_t)
 files_mounton_mnt(smbmount_t)
 files_manage_etc_runtime_files(smbmount_t)
-files_etc_filetrans_etc_runtime(smbmount_t,file)
+files_etc_filetrans_etc_runtime(smbmount_t, file)
 files_read_etc_files(smbmount_t)
 auth_use_nsswitch(smbmount_t)
@ -672,7 +672,7 @@ files_list_var_lib(winbind_t)
 rw_files_pattern(winbind_t, smbd_tmp_t, smbd_tmp_t)
 allow winbind_t winbind_log_t:file manage_file_perms;
-logging_log_filetrans(winbind_t,winbind_log_t,file)
+logging_log_filetrans(winbind_t, winbind_log_t, file)
 manage_dirs_pattern(winbind_t, winbind_tmp_t, winbind_tmp_t)
 manage_files_pattern(winbind_t, winbind_tmp_t, winbind_tmp_t)
--- a/policy/modules/services/setroubleshoot.te
+++ b/policy/modules/services/setroubleshoot.te
@ -48,7 +48,7 @@ logging_log_filetrans(setroubleshootd_t, setroubleshoot_var_log_t, { file dir })
 # pid file
 manage_files_pattern(setroubleshootd_t, setroubleshoot_var_run_t, setroubleshoot_var_run_t)
 manage_sock_files_pattern(setroubleshootd_t, setroubleshoot_var_run_t, setroubleshoot_var_run_t)
-files_pid_filetrans(setroubleshootd_t,setroubleshoot_var_run_t, { file sock_file })
+files_pid_filetrans(setroubleshootd_t, setroubleshoot_var_run_t, { file sock_file })
 kernel_read_kernel_sysctls(setroubleshootd_t)
 kernel_read_system_state(setroubleshootd_t)
--- a/policy/modules/services/snmp.te
+++ b/policy/modules/services/snmp.te
@ -35,7 +35,7 @@ allow snmpd_t self:tcp_socket create_stream_socket_perms;
 allow snmpd_t self:udp_socket connected_stream_socket_perms;
 allow snmpd_t snmpd_log_t:file manage_file_perms;
-logging_log_filetrans(snmpd_t,snmpd_log_t,file)
+logging_log_filetrans(snmpd_t, snmpd_log_t, file)
 manage_dirs_pattern(snmpd_t, snmpd_var_lib_t, snmpd_var_lib_t)
 manage_files_pattern(snmpd_t, snmpd_var_lib_t, snmpd_var_lib_t)
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@ -42,7 +42,7 @@ files_tmp_file(sshd_tmp_t)
 files_poly_parent(sshd_tmp_t)
 ifdef(`enable_mcs',`
-	init_ranged_daemon_domain(sshd_t,sshd_exec_t,s0 - mcs_systemhigh)
+	init_ranged_daemon_domain(sshd_t, sshd_exec_t, s0 - mcs_systemhigh)
 ')
 type ssh_t;
@ -112,8 +112,8 @@ manage_fifo_files_pattern(ssh_t, ssh_tmpfs_t, ssh_tmpfs_t)
 manage_sock_files_pattern(ssh_t, ssh_tmpfs_t, ssh_tmpfs_t)
 fs_tmpfs_filetrans(ssh_t, ssh_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
-manage_dirs_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_dirs_pattern(ssh_t, home_ssh_t, home_ssh_t)
-manage_sock_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_sock_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
 userdom_user_home_dir_filetrans(ssh_t, home_ssh_t, { dir sock_file })
 # Allow the ssh program to communicate with ssh-agent.
@ -122,13 +122,13 @@ stream_connect_pattern(ssh_t, ssh_agent_tmp_t, ssh_agent_tmp_t, ssh_agent_type)
 allow ssh_t sshd_t:unix_stream_socket connectto;
 # ssh client can manage the keys and config
-manage_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+manage_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
-read_lnk_files_pattern(ssh_t,home_ssh_t,home_ssh_t)
+read_lnk_files_pattern(ssh_t, home_ssh_t, home_ssh_t)
 # ssh servers can read the user keys and config
 allow ssh_server home_ssh_t:dir list_dir_perms;
-read_files_pattern(ssh_server,home_ssh_t,home_ssh_t)
+read_files_pattern(ssh_server, home_ssh_t, home_ssh_t)
-read_lnk_files_pattern(ssh_server,home_ssh_t,home_ssh_t)
+read_lnk_files_pattern(ssh_server, home_ssh_t, home_ssh_t)
 kernel_read_kernel_sysctls(ssh_t)
--- a/policy/modules/services/stunnel.fc
+++ b/policy/modules/services/stunnel.fc
@ -1,4 +1,4 @@
-/etc/stunnel(/.*)?          	gen_context(system_u:object_r:stunnel_etc_t,s0)
+/etc/stunnel(/.*)?		gen_context(system_u:object_r:stunnel_etc_t,s0)
 /usr/bin/stunnel	--	gen_context(system_u:object_r:stunnel_exec_t,s0)
--- a/policy/modules/services/sysstat.if
+++ b/policy/modules/services/sysstat.if
@ -16,6 +16,6 @@ interface(`sysstat_manage_log',`
 		type sysstat_log_t;
 	')
-        logging_search_logs($1)
+	logging_search_logs($1)
 	manage_files_pattern($1, sysstat_log_t, sysstat_log_t)
 ')
--- a/policy/modules/services/ucspitcp.te
+++ b/policy/modules/services/ucspitcp.te
@ -89,6 +89,6 @@ files_read_etc_files(ucspitcp_t)
 sysnet_read_config(ucspitcp_t)
 optional_policy(`
-	daemontools_service_domain(ucspitcp_t,ucspitcp_exec_t)
+	daemontools_service_domain(ucspitcp_t, ucspitcp_exec_t)
 	daemontools_read_svc(ucspitcp_t)
 ')
--- a/policy/modules/services/ulogd.if
+++ b/policy/modules/services/ulogd.if
@ -62,21 +62,21 @@ interface(`ulogd_read_log',`
 #######################################
 ## <summary>
-##      Allow the specified domain to search ulogd's log files.
+##	Allow the specified domain to search ulogd's log files.
 ## </summary>
 ## <param name="domain">
 ## <summary>
-##      Domain allowed to transition.
+##	Domain allowed to transition.
 ## </summary>
 ## </param>
 #
 interface(`ulogd_search_log',`
-        gen_require(`
+	gen_require(`
-                type ulogd_var_log_t;
+		type ulogd_var_log_t;
-        ')
+	')
-        logging_search_logs($1)
+	logging_search_logs($1)
-        allow $1 ulogd_var_log_t:dir search_dir_perms;
+	allow $1 ulogd_var_log_t:dir search_dir_perms;
 ')
 ########################################
--- a/policy/modules/services/uptime.fc
+++ b/policy/modules/services/uptime.fc
@ -3,4 +3,4 @@
 /usr/sbin/uptimed	--	gen_context(system_u:object_r:uptimed_exec_t,s0)
-/var/spool/uptimed(/.*)?        gen_context(system_u:object_r:uptimed_spool_t,s0)
+/var/spool/uptimed(/.*)?	gen_context(system_u:object_r:uptimed_spool_t,s0)
--- a/policy/modules/services/virt.if
+++ b/policy/modules/services/virt.if
@ -135,7 +135,7 @@ interface(`virt_manage_pid_files',`
 		type virt_var_run_t;
 	')
-         manage_files_pattern($1, virt_var_run_t, virt_var_run_t)
+	manage_files_pattern($1, virt_var_run_t, virt_var_run_t)
 ')
 ########################################
--- a/policy/modules/services/watchdog.te
+++ b/policy/modules/services/watchdog.te
@ -71,7 +71,7 @@ domain_kill_all_domains(watchdog_t)
 files_read_etc_files(watchdog_t)
 # for updating mtab on umount
 files_manage_etc_runtime_files(watchdog_t)
-files_etc_filetrans_etc_runtime(watchdog_t,file)
+files_etc_filetrans_etc_runtime(watchdog_t, file)
 fs_unmount_xattr_fs(watchdog_t)
 fs_getattr_all_fs(watchdog_t)
--- a/Show More
+++ b/Show More
`@ -1 +1 @@`
	`/usr/sbin/gpsd -- gen_context(system_u:object_r:gpsd_exec_t,s0)`	`/usr/sbin/gpsd -- gen_context(system_u:object_r:gpsd_exec_t,s0)`
`@ -1,4 +1,4 @@`
	`/etc/stunnel(/.*)? gen_context(system_u:object_r:stunnel_etc_t,s0)`	`/etc/stunnel(/.*)? gen_context(system_u:object_r:stunnel_etc_t,s0)`

	`/usr/bin/stunnel -- gen_context(system_u:object_r:stunnel_exec_t,s0)`	`/usr/bin/stunnel -- gen_context(system_u:object_r:stunnel_exec_t,s0)`
`@ -3,4 +3,4 @@`

	`/usr/sbin/uptimed -- gen_context(system_u:object_r:uptimed_exec_t,s0)`	`/usr/sbin/uptimed -- gen_context(system_u:object_r:uptimed_exec_t,s0)`

	`/var/spool/uptimed(/.*)? gen_context(system_u:object_r:uptimed_spool_t,s0)`	`/var/spool/uptimed(/.*)? gen_context(system_u:object_r:uptimed_spool_t,s0)`