add some indentation

refpolicy/policy/modules/kernel/devices.if

@@ -8,16 +8,19 @@
 # devices_make_device_node(type)
 #
 define(`devices_make_device_node',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-typeattribute $1 device_node;
+
-filesystem_associate($1)
+	typeattribute $1 device_node;
-optional_policy(`distro_redhat',`
+
-filesystem_tmpfs_associate($1)
+	filesystem_associate($1)
-')
+
+	optional_policy(`distro_redhat',`
+		filesystem_tmpfs_associate($1)
+	')
 ')
 
 define(`devices_make_device_node_depend',`
-attribute device_node;
+	attribute device_node;
 ')
 
 ########################################
@@ -25,26 +28,29 @@ attribute device_node;
 # devices_manage_all_devices_labels(domain)
 #
 define(`devices_manage_all_devices_labels',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_node:dir { getattr relabelfrom };
+
-allow $1 device_node:file { getattr relabelfrom };
+	allow $1 device_node:dir { getattr relabelfrom };
-allow $1 device_node:lnk_file { getattr relabelfrom };
+	allow $1 device_node:file { getattr relabelfrom };
-allow $1 device_node:fifo_file { getattr relabelfrom };
+	allow $1 device_node:lnk_file { getattr relabelfrom };
-allow $1 device_node:sock_file { getattr relabelfrom };
+	allow $1 device_node:fifo_file { getattr relabelfrom };
-allow $1 { device_t device_node }:blk_file { getattr relabelfrom relabelto };
+	allow $1 device_node:sock_file { getattr relabelfrom };
-allow $1 { device_t device_node }:chr_file { getattr relabelfrom relabelto };
+	allow $1 { device_t device_node }:blk_file { getattr relabelfrom relabelto };
+	allow $1 { device_t device_node }:chr_file { getattr relabelfrom relabelto };
 ')
 
 define(`devices_manage_all_devices_labels_depend',`
-attribute device_node;
+	attribute device_node;
-type device_t;
+
-class dir { getattr relabelfrom };
+	type device_t;
-class file { getattr relabelfrom };
+
-class lnk_file { getattr relabelfrom };
+	class dir { getattr relabelfrom };
-class fifo_file { getattr relabelfrom };
+	class file { getattr relabelfrom };
-class sock_file { getattr relabelfrom };
+	class lnk_file { getattr relabelfrom };
-class blk_file { getattr relabelfrom relabelto };
+	class fifo_file { getattr relabelfrom };
-class chr_file { getattr relabelfrom relabelto };
+	class sock_file { getattr relabelfrom };
+	class blk_file { getattr relabelfrom relabelto };
+	class chr_file { getattr relabelfrom relabelto };
 ')
 
 ########################################
@@ -52,15 +58,17 @@ class chr_file { getattr relabelfrom relabelto };
 # devices_list_device_nodes(domain)
 #
 define(`devices_list_device_nodes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir r_dir_perms;
+
-allow $1 device_t:lnk_file { getattr read };
+	allow $1 device_t:dir r_dir_perms;
+	allow $1 device_t:lnk_file { getattr read };
 ')
 
 define(`devices_list_device_nodes_depend',`
-type device_t;
+	type device_t;
-class dir r_dir_perms;
+
-class lnk_file { getattr read };
+	class dir r_dir_perms;
+	class lnk_file { getattr read };
 ')
 
 ########################################
@@ -68,13 +76,15 @@ class lnk_file { getattr read };
 # devices_ignore_list_device_nodes(domain)
 #
 define(`devices_ignore_list_device_nodes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-dontaudit $1 device_t:dir r_dir_perms;
+
+	dontaudit $1 device_t:dir r_dir_perms;
 ')
 
 define(`devices_ignore_list_device_nodes_depend',`
-type device_t;
+	type device_t;
-class dir r_dir_perms;
+
+	class dir r_dir_perms;
 ')
 
 ########################################
@@ -82,13 +92,15 @@ class dir r_dir_perms;
 # devices_add_dev_dir(domain)
 #
 define(`devices_add_dev_dir',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir { ra_dir_perms create };
+
+	allow $1 device_t:dir { ra_dir_perms create };
 ')
 
 define(`devices_add_dev_dir_depend',`
-type device_t;
+	type device_t;
-class dir { ra_dir_perms create };
+
+	class dir { ra_dir_perms create };
 ')
 
 ########################################
@@ -96,13 +108,15 @@ class dir { ra_dir_perms create };
 # devices_ignore_get_generic_pipe_attributes(domain)
 #
 define(`devices_ignore_get_generic_pipe_attributes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-dontaudit $1 device_t:fifo_file getattr;
+
+	dontaudit $1 device_t:fifo_file getattr;
 ')
 
 define(`devices_ignore_get_generic_pipe_attributes_depend',`
-type device_t;
+	type device_t;
-class fifo_file getattr;
+
+	class fifo_file getattr;
 ')
 
 ########################################
@@ -110,15 +124,17 @@ class fifo_file getattr;
 # devices_get_generic_block_device_attributes(domain)
 #
 define(`devices_get_generic_block_device_attributes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir r_dir_perms;
+
-allow $1 device_t:blk_file getattr;
+	allow $1 device_t:dir r_dir_perms;
+	allow $1 device_t:blk_file getattr;
 ')
 
 define(`devices_get_generic_block_device_attributes_depend',`
-type device_t;
+	type device_t;
-class dir r_dir_perms;
+
-class blk_file getattr;
+	class dir r_dir_perms;
+	class blk_file getattr;
 ')
 
 ########################################
@@ -126,13 +142,15 @@ class blk_file getattr;
 # devices_ignore_get_generic_block_device_attributes(domain)
 #
 define(`devices_ignore_get_generic_block_device_attributes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-dontaudit $1 device_t:blk_file getattr;
+
+	dontaudit $1 device_t:blk_file getattr;
 ')
 
 define(`devices_ignore_get_generic_block_device_attributes_depend',`
-type device_t;
+	type device_t;
-class blk_file getattr;
+
+	class blk_file getattr;
 ')
 
 ########################################
@@ -140,14 +158,16 @@ class blk_file getattr;
 # devices_manage_generic_block_device(domain)
 #
 define(`devices_manage_generic_block_device',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir rw_dir_perms;
+
-allow $1 device_t:blk_file create_file_perms;
+	allow $1 device_t:dir rw_dir_perms;
+	allow $1 device_t:blk_file create_file_perms;
 ')
 
 define(`devices_manage_generic_block_device_depend',`
-type device_t;
+	type device_t;
-class blk_file create_file_perms;
+
+	class blk_file create_file_perms;
 ')
 
 ########################################
@@ -155,17 +175,20 @@ class blk_file create_file_perms;
 # devices_add_generic_character_device(domain)
 #
 define(`devices_add_generic_character_device',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir { getattr search read write add_name };
+
-allow $1 device_t:chr_file create;
+	allow $1 device_t:dir { getattr search read write add_name };
-allow $1 self:capability mknod;
+	allow $1 device_t:chr_file create;
+
+	allow $1 self:capability mknod;
 ')
 
 define(`devices_add_generic_character_device_depend',`
-type device_t;
+	type device_t;
-class dir { getattr search read write add_name };
+
-class chr_file create;
+	class dir { getattr search read write add_name };
-class capability mknod;
+	class chr_file create;
+	class capability mknod;
 ')
 
 ########################################
@@ -173,15 +196,17 @@ class capability mknod;
 # devices_get_generic_character_device_attributes(domain)
 #
 define(`devices_get_generic_character_device_attributes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir r_dir_perms;
+
-allow $1 device_t:chr_file getattr;
+	allow $1 device_t:dir r_dir_perms;
+	allow $1 device_t:chr_file getattr;
 ')
 
 define(`devices_get_generic_character_device_attributes_depend',`
-type device_t;
+	type device_t;
-class dir r_dir_perms;
+
-class chr_file getattr;
+	class dir r_dir_perms;
+	class chr_file getattr;
 ')
 
 ########################################
@@ -189,13 +214,15 @@ class chr_file getattr;
 # devices_ignore_get_generic_character_device_attributes(domain)
 #
 define(`devices_ignore_get_generic_character_device_attributes',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-dontaudit $1 device_t:chr_file getattr;
+
+	dontaudit $1 device_t:chr_file getattr;
 ')
 
 define(`devices_ignore_get_generic_character_device_attributes_depend',`
-type device_t;
+	type device_t;
-class chr_file getattr;
+
+	class chr_file getattr;
 ')
 
 ########################################
@@ -210,16 +237,19 @@ class chr_file getattr;
 ## </interface>
 #
 define(`devices_remove_dev_symbolic_links',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir { getattr read write remove_name };
+
-allow $1 device_t:lnk_file unlink;
+	allow $1 device_t:dir { getattr read write remove_name };
+	allow $1 device_t:lnk_file unlink;
 ')
 
 define(`devices_remove_dev_symbolic_links_depend',`
-attribute device_node, memory_raw_read, memory_raw_write;
+	attribute device_node, memory_raw_read, memory_raw_write;
-type device_t;
+
-class dir { getattr read write remove_name };
+	type device_t;
-class lnk_file unlink;
+
+	class dir { getattr read write remove_name };
+	class lnk_file unlink;
 ')
 
 ########################################
@@ -227,15 +257,17 @@ class lnk_file unlink;
 # devices_manage_dev_symbolic_links(domain)
 #
 define(`devices_manage_dev_symbolic_links',`
-requires_block_template(`$0'_depend)
+	requires_block_template(`$0'_depend)
-allow $1 device_t:dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
+
-allow $1 device_t:lnk_file { create read getattr setattr link unlink rename };
+	allow $1 device_t:dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
+	allow $1 device_t:lnk_file { create read getattr setattr link unlink rename };
 ')
 
 define(`devices_manage_dev_symbolic_links_depend',`
-type device_t;
+	type device_t;
-class dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
+
-class lnk_file { create read getattr setattr link unlink rename };
+	class dir { create read getattr lock setattr ioctl link unlink rename search add_name remove_name reparent write rmdir relabelfrom relabelto };
+	class lnk_file { create read getattr setattr link unlink rename };
 ')
 
 ########################################