From dcf87460eb28fd3388aebd0a30d1c5b95b3bc230 Mon Sep 17 00:00:00 2001 From: Dominick Grift Date: Thu, 16 Sep 2010 08:24:26 +0200 Subject: [PATCH] Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Signed-off-by: Dominick Grift Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. Whitespace, newline and tab fixes. --- policy/modules/services/samba.if | 8 ++----- policy/modules/services/sendmail.if | 16 ++++++------- policy/modules/services/smokeping.if | 4 ++-- policy/modules/services/snmp.if | 9 +++---- policy/modules/services/snort.if | 4 ++-- policy/modules/services/spamassassin.if | 3 +-- policy/modules/services/ssh.if | 7 ++---- policy/modules/services/sssd.if | 4 ++-- policy/modules/services/stunnel.if | 2 +- policy/modules/services/tftp.if | 12 +++++----- policy/modules/services/tgtd.if | 32 ++++++++++++------------- policy/modules/services/tuned.if | 4 ++-- policy/modules/services/ucspitcp.if | 2 +- policy/modules/services/ulogd.if | 8 +++---- policy/modules/services/usbmuxd.if | 4 ++-- policy/modules/services/varnishd.if | 24 +++++++++---------- policy/modules/services/vhostmd.if | 7 +++--- policy/modules/services/virt.if | 8 +++---- 18 files changed, 74 insertions(+), 84 deletions(-) diff --git a/policy/modules/services/samba.if b/policy/modules/services/samba.if index 89935be3..50cc6130 100644 --- a/policy/modules/services/samba.if +++ b/policy/modules/services/samba.if @@ -722,6 +722,7 @@ template(`samba_helper_template',` gen_require(` type smbd_t; ') + #This type is for samba helper scripts type samba_$1_script_t; domain_type(samba_$1_script_t) @@ -734,7 +735,6 @@ template(`samba_helper_template',` domtrans_pattern(smbd_t, samba_$1_script_exec_t, samba_$1_script_t) allow smbd_t samba_$1_script_exec_t:file ioctl; - ') ######################################## @@ -760,16 +760,12 @@ interface(`samba_admin',` type smbd_t, smbd_tmp_t; type smbd_var_run_t; type samba_initrc_exec_t; - type samba_log_t, samba_var_t; type samba_etc_t, samba_share_t; type samba_secrets_t; - type swat_var_run_t, swat_tmp_t; - type winbind_var_run_t, winbind_tmp_t; type winbind_log_t; - type samba_unconfined_script_t, samba_unconfined_script_exec_t; ') @@ -781,7 +777,7 @@ interface(`samba_admin',` allow $1 samba_unconfined_script_t:process { ptrace signal_perms getattr }; read_files_pattern($1, samba_unconfined_script_t, samba_unconfined_script_t) - + samba_run_smbcontrol($1, $2, $3) samba_run_winbind_helper($1, $2, $3) samba_run_smbmount($1, $2, $3) diff --git a/policy/modules/services/sendmail.if b/policy/modules/services/sendmail.if index 0c97e36a..4fc41acc 100644 --- a/policy/modules/services/sendmail.if +++ b/policy/modules/services/sendmail.if @@ -58,17 +58,17 @@ interface(`sendmail_domtrans',` ## Execute sendmail in the sendmail domain. ## ## -## -## Domain allowed access. -## +## +## Domain allowed access. +## ## # -interface(`sendmail_initrc_domtrans', ` - gen_require(` - type sendmail_initrc_exec_t; - ') +interface(`sendmail_initrc_domtrans',` + gen_require(` + type sendmail_initrc_exec_t; + ') - init_labeled_script_domtrans($1, sendmail_initrc_exec_t) + init_labeled_script_domtrans($1, sendmail_initrc_exec_t) ') ######################################## diff --git a/policy/modules/services/smokeping.if b/policy/modules/services/smokeping.if index 824d206e..82652781 100644 --- a/policy/modules/services/smokeping.if +++ b/policy/modules/services/smokeping.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run smokeping. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`smokeping_domtrans',` diff --git a/policy/modules/services/snmp.if b/policy/modules/services/snmp.if index 64e9fb1d..cbe0584b 100644 --- a/policy/modules/services/snmp.if +++ b/policy/modules/services/snmp.if @@ -11,12 +11,12 @@ ## # interface(`snmp_stream_connect',` - gen_require(` + gen_require(` type snmpd_t, snmpd_var_lib_t; - ') + ') - files_search_var_lib($1) - stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t) + files_search_var_lib($1) + stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t) ') ######################################## @@ -82,6 +82,7 @@ interface(`snmp_dontaudit_read_snmp_var_lib_files',` gen_require(` type snmpd_var_lib_t; ') + dontaudit $1 snmpd_var_lib_t:dir list_dir_perms; dontaudit $1 snmpd_var_lib_t:file read_file_perms; dontaudit $1 snmpd_var_lib_t:lnk_file read_lnk_file_perms; diff --git a/policy/modules/services/snort.if b/policy/modules/services/snort.if index c117e8b5..215f4254 100644 --- a/policy/modules/services/snort.if +++ b/policy/modules/services/snort.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run snort. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`snort_domtrans',` diff --git a/policy/modules/services/spamassassin.if b/policy/modules/services/spamassassin.if index f906f43a..b87e327e 100644 --- a/policy/modules/services/spamassassin.if +++ b/policy/modules/services/spamassassin.if @@ -59,7 +59,6 @@ interface(`spamassassin_exec',` ') can_exec($1, spamassassin_exec_t) - ') ######################################## @@ -318,7 +317,7 @@ interface(`spamassassin_spamd_admin',` allow $1 spamd_t:process { ptrace signal_perms }; ps_process_pattern($1, spamd_t) - + init_labeled_script_domtrans($1, spamd_initrc_exec_t) domain_system_change_exemption($1) role_transition $2 spamd_initrc_exec_t system_r; diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if index bb8c7d1f..078490e2 100644 --- a/policy/modules/services/ssh.if +++ b/policy/modules/services/ssh.if @@ -32,7 +32,6 @@ ## # template(`ssh_basic_client_template',` - gen_require(` attribute ssh_server; type ssh_exec_t, sshd_key_t, sshd_tmp_t; @@ -167,7 +166,7 @@ template(`ssh_basic_client_template',` ## ## # -template(`ssh_server_template', ` +template(`ssh_server_template',` type $1_t, ssh_server; auth_login_pgm_domain($1_t) @@ -305,7 +304,6 @@ template(`ssh_server_template', ` template(`ssh_role_template',` gen_require(` attribute ssh_server, ssh_agent_type; - type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t; type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t; type ssh_agent_tmp_t; @@ -487,6 +485,7 @@ interface(`ssh_read_pipes',` allow $1 sshd_t:fifo_file read_fifo_file_perms; ') + ######################################## ## ## Read and write a ssh server unnamed pipe. @@ -592,7 +591,6 @@ interface(`ssh_domtrans',` domtrans_pattern($1, sshd_exec_t, sshd_t) ') - ######################################## ## ## Execute sshd server in the sshd domain. @@ -780,4 +778,3 @@ interface(`ssh_signull',` allow $1 sshd_t:process signull; ') - diff --git a/policy/modules/services/sssd.if b/policy/modules/services/sssd.if index a433746b..d33bae08 100644 --- a/policy/modules/services/sssd.if +++ b/policy/modules/services/sssd.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run sssd. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`sssd_domtrans',` diff --git a/policy/modules/services/stunnel.if b/policy/modules/services/stunnel.if index 6073656f..eaf49b20 100644 --- a/policy/modules/services/stunnel.if +++ b/policy/modules/services/stunnel.if @@ -20,6 +20,6 @@ interface(`stunnel_service_domain',` type stunnel_t; ') - domtrans_pattern(stunnel_t,$2,$1) + domtrans_pattern(stunnel_t, $2, $1) allow $1 stunnel_t:tcp_socket rw_socket_perms; ') diff --git a/policy/modules/services/tftp.if b/policy/modules/services/tftp.if index 242576d0..b17d182a 100644 --- a/policy/modules/services/tftp.if +++ b/policy/modules/services/tftp.if @@ -64,19 +64,19 @@ interface(`tftp_manage_rw_content',` ## with specified types. ## ## -## +## ## Domain allowed access. -## +## ## ## -## +## ## Private file type. -## +## ## ## -## +## ## Class of the object being created. -## +## ## # interface(`tftp_filetrans_tftpdir',` diff --git a/policy/modules/services/tgtd.if b/policy/modules/services/tgtd.if index 74beaaa5..c2ed23a8 100644 --- a/policy/modules/services/tgtd.if +++ b/policy/modules/services/tgtd.if @@ -11,36 +11,36 @@ ##################################### ## -## Allow read and write access to tgtd semaphores. +## Allow read and write access to tgtd semaphores. ## ## -## -## Domain allowed access. -## +## +## Domain allowed access. +## ## # interface(`tgtd_rw_semaphores',` - gen_require(` - type tgtd_t; - ') + gen_require(` + type tgtd_t; + ') - allow $1 tgtd_t:sem rw_sem_perms; + allow $1 tgtd_t:sem rw_sem_perms; ') ###################################### ## -## Manage tgtd sempaphores. +## Manage tgtd sempaphores. ## ## -## -## Domain allowed access. -## +## +## Domain allowed access. +## ## # interface(`tgtd_manage_semaphores',` - gen_require(` - type tgtd_t; - ') + gen_require(` + type tgtd_t; + ') - allow $1 tgtd_t:sem create_sem_perms; + allow $1 tgtd_t:sem create_sem_perms; ') diff --git a/policy/modules/services/tuned.if b/policy/modules/services/tuned.if index 54b86059..fa7ade88 100644 --- a/policy/modules/services/tuned.if +++ b/policy/modules/services/tuned.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run tuned. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`tuned_domtrans',` diff --git a/policy/modules/services/ucspitcp.if b/policy/modules/services/ucspitcp.if index bf821706..1f6f55bd 100644 --- a/policy/modules/services/ucspitcp.if +++ b/policy/modules/services/ucspitcp.if @@ -20,7 +20,7 @@ ## ## # -interface(`ucspitcp_service_domain', ` +interface(`ucspitcp_service_domain',` gen_require(` type ucspitcp_t; role system_r; diff --git a/policy/modules/services/ulogd.if b/policy/modules/services/ulogd.if index b078bf75..48c528aa 100644 --- a/policy/modules/services/ulogd.if +++ b/policy/modules/services/ulogd.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run ulogd. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`ulogd_domtrans',` @@ -65,9 +65,9 @@ interface(`ulogd_read_log',` ## Allow the specified domain to search ulogd's log files. ## ## -## +## ## Domain allowed access. -## +## ## # interface(`ulogd_search_log',` diff --git a/policy/modules/services/usbmuxd.if b/policy/modules/services/usbmuxd.if index 50150434..53792d33 100644 --- a/policy/modules/services/usbmuxd.if +++ b/policy/modules/services/usbmuxd.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run usbmuxd. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`usbmuxd_domtrans',` diff --git a/policy/modules/services/varnishd.if b/policy/modules/services/varnishd.if index 92142373..0bbbb0de 100644 --- a/policy/modules/services/varnishd.if +++ b/policy/modules/services/varnishd.if @@ -21,7 +21,7 @@ interface(`varnishd_domtrans',` ####################################### ## -## Execute varnishd +## Execute varnishd ## ## ## @@ -61,18 +61,18 @@ interface(`varnishd_read_config',` ## Read varnish lib files. ## ## -## -## Domain allowed access. -## +## +## Domain allowed access. +## ## # interface(`varnishd_read_lib_files',` - gen_require(` - type varnishd_var_lib_t; - ') + gen_require(` + type varnishd_var_lib_t; + ') - files_search_var_lib($1) - read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t) + files_search_var_lib($1) + read_files_pattern($1, varnishd_var_lib_t, varnishd_var_lib_t) ') ####################################### @@ -165,11 +165,10 @@ interface(`varnishd_admin_varnishlog',` allow $2 system_r; files_search_pids($1) - admin_pattern($1, varnishlog_var_run_t) + admin_pattern($1, varnishlog_var_run_t) logging_list_logs($1) admin_pattern($1, varnishlog_log_t) - ') ####################################### @@ -192,7 +191,7 @@ interface(`varnishd_admin_varnishlog',` interface(`varnishd_admin',` gen_require(` type varnishd_t, varnishd_var_lib_t, varnishd_etc_t; - type varnishd_var_run_t, varnishd_tmp_t; + type varnishd_var_run_t, varnishd_tmp_t; type varnishd_initrc_exec_t; ') @@ -215,5 +214,4 @@ interface(`varnishd_admin',` files_search_tmp($1) admin_pattern($1, varnishd_tmp_t) - ') diff --git a/policy/modules/services/vhostmd.if b/policy/modules/services/vhostmd.if index 941311e9..da605baa 100644 --- a/policy/modules/services/vhostmd.if +++ b/policy/modules/services/vhostmd.if @@ -5,9 +5,9 @@ ## Execute a domain transition to run vhostmd. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`vhostmd_domtrans',` @@ -147,7 +147,7 @@ interface(`vhostmd_manage_pid_files',` ') files_search_pids($1) - manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t) + manage_files_pattern($1, vhostmd_var_run_t, vhostmd_var_run_t) ') ######################################## @@ -221,5 +221,4 @@ interface(`vhostmd_admin',` vhostmd_manage_tmpfs_files($1) vhostmd_manage_pid_files($1) - ') diff --git a/policy/modules/services/virt.if b/policy/modules/services/virt.if index 1840faaf..50ef959d 100644 --- a/policy/modules/services/virt.if +++ b/policy/modules/services/virt.if @@ -91,9 +91,9 @@ interface(`virt_image',` ## Execute a domain transition to run virt. ## ## -## +## ## Domain allowed to transition. -## +## ## # interface(`virt_domtrans',` @@ -380,9 +380,9 @@ interface(`virt_read_log',` ## virt log files. ## ## -## +## ## Domain allowed access. -## +## ## # interface(`virt_append_log',`