trunk: whitespace fixes in xml blocks.

policy/modules/apps/awstats.if

@@ -5,12 +5,12 @@
 
 ########################################
 ## <summary>
-##      Read and write awstats unnamed pipes.
+##	Read and write awstats unnamed pipes.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`awstats_rw_pipes',`
@@ -23,12 +23,12 @@ interface(`awstats_rw_pipes',`
 
 ########################################
 ## <summary>
-##      Execute awstats cgi scripts in the caller domain.
+##	Execute awstats cgi scripts in the caller domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`awstats_cgi_exec',`

policy/modules/apps/gpg.if

@@ -53,11 +53,11 @@ interface(`gpg_role',`
 
 ########################################
 ## <summary>
-##      Transition to a user gpg domain.
+##	Transition to a user gpg domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -71,11 +71,11 @@ interface(`gpg_domtrans',`
 
 ########################################
 ## <summary>
-##      Send generic signals to user gpg processes.
+##	Send generic signals to user gpg processes.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/apps/userhelper.if

@@ -176,7 +176,7 @@ template(`userhelper_role_template',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -195,7 +195,7 @@ interface(`userhelper_search_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain to not audit.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -213,7 +213,7 @@ interface(`userhelper_dontaudit_search_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -231,7 +231,7 @@ interface(`userhelper_use_fd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/kernel/corecommands.if

@@ -410,35 +410,35 @@ interface(`corecmd_bin_spec_domtrans',`
 
 ########################################
 ## <summary>
-##      Execute a file in a bin directory
+##	Execute a file in a bin directory
-##      in the specified domain.
+##	in the specified domain.
 ## </summary>
 ## <desc>
-##      <p>
+##	<p>
-##      Execute a file in a bin directory
+##	Execute a file in a bin directory
-##      in the specified domain.  This allows
+##	in the specified domain.  This allows
-##      the specified domain to execute any file
+##	the specified domain to execute any file
-##      on these filesystems in the specified
+##	on these filesystems in the specified
-##      domain.  This is not suggested.
+##	domain.  This is not suggested.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      No interprocess communication (signals, pipes,
+##	No interprocess communication (signals, pipes,
-##      etc.) is provided by this interface since
+##	etc.) is provided by this interface since
-##      the domains are not owned by this module.
+##	the domains are not owned by this module.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      This interface was added to handle
+##	This interface was added to handle
-##      the ssh-agent policy.
+##	the ssh-agent policy.
-##      </p>
+##	</p>
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
 ##	<summary>
-##      The type of the new process.
+##	The type of the new process.
 ##	</summary>
 ## </param>
 #

policy/modules/kernel/corenetwork.if.in

@@ -1467,11 +1467,11 @@ interface(`corenet_udp_bind_all_unreserved_ports',`
 
 ########################################
 ## <summary>
-##      Connect TCP sockets to reserved ports.
+##	Connect TCP sockets to reserved ports.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -1504,11 +1504,11 @@ interface(`corenet_dontaudit_tcp_connect_all_reserved_ports',`
 
 ########################################
 ## <summary>
-##      Connect TCP sockets to rpc ports.
+##	Connect TCP sockets to rpc ports.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -1709,7 +1709,7 @@ interface(`corenet_dontaudit_non_ipsec_sendrecv',`
 
 ########################################
 ## <summary>
-##      Receive TCP packets from a NetLabel connection.
+##	Receive TCP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1724,7 +1724,7 @@ interface(`corenet_tcp_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive TCP packets from a NetLabel connection.
+##	Receive TCP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1743,7 +1743,7 @@ interface(`corenet_tcp_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive TCP packets from an unlabled connection.
+##	Receive TCP packets from an unlabled connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1763,8 +1763,8 @@ interface(`corenet_tcp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive TCP packets from a NetLabel
+##	Do not audit attempts to receive TCP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1779,8 +1779,8 @@ interface(`corenet_dontaudit_tcp_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive TCP packets from a NetLabel
+##	Do not audit attempts to receive TCP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1799,8 +1799,8 @@ interface(`corenet_dontaudit_tcp_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive TCP packets from an unlabeled
+##	Do not audit attempts to receive TCP packets from an unlabeled
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1820,7 +1820,7 @@ interface(`corenet_dontaudit_tcp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive UDP packets from a NetLabel connection.
+##	Receive UDP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1835,7 +1835,7 @@ interface(`corenet_udp_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive UDP packets from a NetLabel connection.
+##	Receive UDP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1854,7 +1854,7 @@ interface(`corenet_udp_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive UDP packets from an unlabeled connection.
+##	Receive UDP packets from an unlabeled connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1874,8 +1874,8 @@ interface(`corenet_udp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive UDP packets from a NetLabel
+##	Do not audit attempts to receive UDP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1890,8 +1890,8 @@ interface(`corenet_dontaudit_udp_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive UDP packets from a NetLabel
+##	Do not audit attempts to receive UDP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1910,8 +1910,8 @@ interface(`corenet_dontaudit_udp_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive UDP packets from an unlabeled
+##	Do not audit attempts to receive UDP packets from an unlabeled
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1931,7 +1931,7 @@ interface(`corenet_dontaudit_udp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive Raw IP packets from a NetLabel connection.
+##	Receive Raw IP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1946,7 +1946,7 @@ interface(`corenet_raw_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive Raw IP packets from a NetLabel connection.
+##	Receive Raw IP packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1965,7 +1965,7 @@ interface(`corenet_raw_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Receive Raw IP packets from an unlabeled connection.
+##	Receive Raw IP packets from an unlabeled connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -1985,8 +1985,8 @@ interface(`corenet_raw_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive Raw IP packets from a NetLabel
+##	Do not audit attempts to receive Raw IP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2001,8 +2001,8 @@ interface(`corenet_dontaudit_raw_recv_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive Raw IP packets from a NetLabel
+##	Do not audit attempts to receive Raw IP packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2021,8 +2021,8 @@ interface(`corenet_dontaudit_raw_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive Raw IP packets from an unlabeled
+##	Do not audit attempts to receive Raw IP packets from an unlabeled
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2042,7 +2042,7 @@ interface(`corenet_dontaudit_raw_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive packets from an unlabeled connection.
+##	Receive packets from an unlabeled connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2064,7 +2064,7 @@ interface(`corenet_all_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive packets from a NetLabel connection.
+##	Receive packets from a NetLabel connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2083,7 +2083,7 @@ interface(`corenet_all_recvfrom_netlabel',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive packets from an unlabeled connection.
+##	Do not audit attempts to receive packets from an unlabeled connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -2105,8 +2105,8 @@ interface(`corenet_dontaudit_all_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive packets from a NetLabel
+##	Do not audit attempts to receive packets from a NetLabel
-##      connection.
+##	connection.
 ## </summary>
 ## <param name="domain">
 ##	<summary>

policy/modules/kernel/devices.if

@@ -1842,11 +1842,11 @@ interface(`dev_read_mouse',`
 
 ########################################
 ## <summary>
-##      Read and write to mouse devices.
+##	Read and write to mouse devices.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/kernel/domain.if

@@ -1221,7 +1221,7 @@ interface(`domain_mmap_all_entry_files',`
 ## </param>
 ## <param name="target_domain">
 ##	<summary>
-##      The type of the new process.
+##	The type of the new process.
 ##	</summary>
 ## </param>
 #
@@ -1237,9 +1237,9 @@ interface(`domain_entry_file_spec_domtrans',`
 ########################################
 ## <summary>
 ##	Ability to mmap a low area of the address space,
-##      as configured by /proc/sys/kernel/mmap_min_addr.
+##	as configured by /proc/sys/kernel/mmap_min_addr.
-##      Preventing such mappings helps protect against
+##	Preventing such mappings helps protect against
-##      exploiting null deref bugs in the kernel.
+##	exploiting null deref bugs in the kernel.
 ## </summary>
 ## <param name="domain">
 ##	<summary>

policy/modules/kernel/files.if

@@ -1544,12 +1544,12 @@ interface(`files_manage_boot_symlinks',`
 
 ########################################
 ## <summary>
-##     Read kernel files in the /boot directory.
+##	Read kernel files in the /boot directory.
 ## </summary>
 ## <param name="domain">
-##     <summary>
+##	<summary>
-##     Domain allowed access.
+##	Domain allowed access.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`files_read_kernel_img',`

policy/modules/kernel/filesystem.if

@@ -1250,12 +1250,12 @@ interface(`fs_read_eventpollfs',`
 
 ########################################
 ## <summary>
-##      Mount a FUSE filesystem.
+##	Mount a FUSE filesystem.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`fs_mount_fusefs',`
@@ -1268,12 +1268,12 @@ interface(`fs_mount_fusefs',`
 
 ########################################
 ## <summary>
-##      Unmount a FUSE filesystem.
+##	Unmount a FUSE filesystem.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`fs_unmount_fusefs',`
@@ -1722,7 +1722,7 @@ interface(`fs_read_nfs_named_sockets',`
 
 #########################################
 ## <summary>
-##  Read named pipes on a NFS network filesystem.
+##	Read named pipes on a NFS network filesystem.
 ## </summary>
 ## <param name="domain">
 ##	<summary>

policy/modules/kernel/kernel.if

@@ -2297,12 +2297,12 @@ interface(`kernel_dontaudit_sendrecv_unlabeled_association',`
 
 ########################################
 ## <summary>
-##      Receive TCP packets from an unlabeled connection.
+##	Receive TCP packets from an unlabeled connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Receive TCP packets from an unlabeled connection.
+##	Receive TCP packets from an unlabeled connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_tcp_recv_unlabeled() should
 ##	be used instead of this one.
@@ -2324,14 +2324,14 @@ interface(`kernel_tcp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive TCP packets from an unlabeled
+##	Do not audit attempts to receive TCP packets from an unlabeled
 ##	connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Do not audit attempts to receive TCP packets from an unlabeled
+##	Do not audit attempts to receive TCP packets from an unlabeled
 ##	connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_dontaudit_tcp_recv_unlabeled()
 ##	should be used instead of this one.
@@ -2353,12 +2353,12 @@ interface(`kernel_dontaudit_tcp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive UDP packets from an unlabeled connection.
+##	Receive UDP packets from an unlabeled connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Receive UDP packets from an unlabeled connection.
+##	Receive UDP packets from an unlabeled connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_udp_recv_unlabeled() should
 ##	be used instead of this one.
@@ -2380,14 +2380,14 @@ interface(`kernel_udp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive UDP packets from an unlabeled
+##	Do not audit attempts to receive UDP packets from an unlabeled
 ##	connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Do not audit attempts to receive UDP packets from an unlabeled
+##	Do not audit attempts to receive UDP packets from an unlabeled
 ##	connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_dontaudit_udp_recv_unlabeled()
 ##	should be used instead of this one.
@@ -2409,12 +2409,12 @@ interface(`kernel_dontaudit_udp_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Receive Raw IP packets from an unlabeled connection.
+##	Receive Raw IP packets from an unlabeled connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Receive Raw IP packets from an unlabeled connection.
+##	Receive Raw IP packets from an unlabeled connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_raw_recv_unlabeled() should
 ##	be used instead of this one.
@@ -2436,14 +2436,14 @@ interface(`kernel_raw_recvfrom_unlabeled',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to receive Raw IP packets from an unlabeled
+##	Do not audit attempts to receive Raw IP packets from an unlabeled
 ##	connection.
 ## </summary>
 ## <desc>
 ##	<p>
-##      Do not audit attempts to receive Raw IP packets from an unlabeled
+##	Do not audit attempts to receive Raw IP packets from an unlabeled
 ##	connection.
-##      </p>
+##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_dontaudit_raw_recv_unlabeled()
 ##	should be used instead of this one.
@@ -2500,7 +2500,7 @@ interface(`kernel_sendrecv_unlabeled_packets',`
 ## <desc>
 ##	<p>
 ##	Receive packets from an unlabeled peer, these packets do not have any
-##      peer labeling information present.
+##	peer labeling information present.
 ##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_recvfrom_unlabeled_peer() should
@@ -2528,7 +2528,7 @@ interface(`kernel_recvfrom_unlabeled_peer',`
 ## <desc>
 ##	<p>
 ##	Do not audit attempts to receive packets from an unlabeled peer,
-##      these packets do not have any peer labeling information present.
+##	these packets do not have any peer labeling information present.
 ##	</p>
 ##	<p>
 ##	The corenetwork interface corenet_dontaudit_*_recvfrom_unlabeled()
@@ -2551,12 +2551,12 @@ interface(`kernel_dontaudit_recvfrom_unlabeled_peer',`
 
 ########################################
 ## <summary>
-##      Relabel from unlabeled database objects.
+##	Relabel from unlabeled database objects.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`kernel_relabelfrom_unlabeled_database',`

policy/modules/kernel/kernel.te

@@ -304,7 +304,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	# nfs kernel server needs kernel UDP access.  It is less risky and painful
+	# nfs kernel server needs kernel UDP access. It is less risky and painful
 	# to just give it everything.
 	allow kernel_t self:tcp_socket create_stream_socket_perms;
 	allow kernel_t self:udp_socket create_socket_perms;

policy/modules/kernel/mls.if

@@ -822,13 +822,13 @@ interface(`mls_context_translate_all_levels',`
 
 ########################################
 ## <summary>
-##      Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##      for reading from databases at any level.
+##	for reading from databases at any level.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
@@ -842,13 +842,13 @@ interface(`mls_db_read_all_levels',`
 
 ########################################
 ## <summary>
-##       Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##       for writing to databases at any level.
+##	for writing to databases at any level.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
@@ -862,13 +862,13 @@ interface(`mls_db_write_all_levels',`
 
 ########################################
 ## <summary>
-##      Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##      for raising the level of databases.
+##	for raising the level of databases.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
@@ -882,13 +882,13 @@ interface(`mls_db_upgrade',`
 
 ########################################
 ## <summary>
-##      Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##      for lowering the level of databases.
+##	for lowering the level of databases.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
@@ -901,14 +901,14 @@ interface(`mls_db_downgrade',`
 ')
 ########################################
 ## <summary>
-##      Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##      for sending dbus messages to 
+##	for sending dbus messages to 
 ##	all levels.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
@@ -922,14 +922,14 @@ interface(`mls_dbus_send_all_levels',`
 
 ########################################
 ## <summary>
-##      Make specified domain MLS trusted
+##	Make specified domain MLS trusted
-##      for receiving dbus messages from 
+##	for receiving dbus messages from 
 ##	all levels.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <rolecap/>
 #

policy/modules/kernel/storage.if

@@ -172,15 +172,15 @@ interface(`storage_dontaudit_write_fixed_disk',`
 
 ########################################
 ## <summary>
-##      Allow the caller to directly read and write to a fixed disk.
+##	Allow the caller to directly read and write to a fixed disk.
-##      This is extremly dangerous as it can bypass the
+##	This is extremly dangerous as it can bypass the
-##      SELinux protections for filesystem objects, and
+##	SELinux protections for filesystem objects, and
-##      should only be used by trusted domains.
+##	should only be used by trusted domains.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`storage_raw_rw_fixed_disk',`

policy/modules/services/aide.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##      Execute aide in the aide domain
+##	Execute aide in the aide domain
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`aide_domtrans',`

policy/modules/services/bind.te

@@ -174,7 +174,7 @@ optional_policy(`
 
 optional_policy(`
 	# this seems like fds that arent being
-	# closed.  these should probably be
+	# closed. these should probably be
 	# dontaudits instead.
 	networkmanager_rw_udp_sockets(named_t)
 	networkmanager_rw_packet_sockets(named_t)

policy/modules/services/bitlbee.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##     Read bitlbee configuration files
+##	Read bitlbee configuration files
 ## </summary>
 ## <param name="domain">
-##     <summary>
+##	<summary>
-##         Domain allowed accesss.
+##	 Domain allowed accesss.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`bitlbee_read_config',`

policy/modules/services/clockspeed.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##      Execute clockspeed utilities in the clockspeed_cli domain.
+##	Execute clockspeed utilities in the clockspeed_cli domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`clockspeed_domtrans_cli',`

policy/modules/services/cyrus.if

@@ -7,7 +7,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/services/djbdns.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##      Create a set of derived types for djbdns 
+##	Create a set of derived types for djbdns 
 ##	components that are directly supervised by daemontools.
 ## </summary>
 ## <param name="prefix">
 ##	<summary>
-##      The prefix to be used for deriving type names.
+##	The prefix to be used for deriving type names.
 ##	</summary>
 ## </param>
 #

policy/modules/services/dovecot.if

@@ -21,12 +21,12 @@ interface(`dovecot_manage_spool',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to delete dovecot lib files.
+##	Do not audit attempts to delete dovecot lib files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain to not audit.
+##	Domain to not audit.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`dovecot_dontaudit_unlink_lib_files',`

policy/modules/services/ftp.if

@@ -2,11 +2,11 @@
 
 ########################################
 ## <summary>
-##      Use ftp by connecting over TCP.  (Deprecated)
+##	Use ftp by connecting over TCP.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -16,11 +16,11 @@ interface(`ftp_tcp_connect',`
 
 ########################################
 ## <summary>
-##      Read ftpd etc files
+##	Read ftpd etc files
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -35,11 +35,11 @@ interface(`ftp_read_config',`
 
 ########################################
 ## <summary>
-##      Execute FTP daemon entry point programs.
+##	Execute FTP daemon entry point programs.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -54,11 +54,11 @@ interface(`ftp_check_exec',`
 
 ########################################
 ## <summary>
-##      Read FTP transfer logs
+##	Read FTP transfer logs
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -73,12 +73,12 @@ interface(`ftp_read_log',`
 
 ########################################
 ## <summary>
-##      Execute the ftpdctl program in the ftpdctl domain.
+##	Execute the ftpdctl program in the ftpdctl domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`ftp_domtrans_ftpdctl',`

policy/modules/services/lpd.if

@@ -177,11 +177,11 @@ interface(`lpd_read_config',`
 
 ########################################
 ## <summary>
-##      Transition to a user lpr domain.
+##	Transition to a user lpr domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/services/mta.if

@@ -374,14 +374,14 @@ interface(`mta_send_mail',`
 ##	Execute send mail in a specified domain.
 ## </summary>
 ## <desc>
-##      <p>
+##	<p>
 ##	Execute send mail in a specified domain.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      No interprocess communication (signals, pipes,
+##	No interprocess communication (signals, pipes,
-##      etc.) is provided by this interface since
+##	etc.) is provided by this interface since
-##      the domains are not owned by this module.
+##	the domains are not owned by this module.
-##      </p>
+##	</p>
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>

policy/modules/services/nscd.if

@@ -108,7 +108,7 @@ interface(`nscd_shm_use',`
 	allow $1 nscd_t:fd use;
 
 	# cjp: these were originally inherited from the
-	# nscd_socket_domain macro.  need to investigate
+	# nscd_socket_domain macro. need to investigate
 	# if they are all actually required
 	allow $1 self:unix_stream_socket create_stream_socket_perms;
 	allow $1 nscd_t:unix_stream_socket connectto;

policy/modules/services/postgresql.if

@@ -2,17 +2,17 @@
 
 #######################################
 ## <summary>
-##      Role access for SE-PostgreSQL.
+##	Role access for SE-PostgreSQL.
 ## </summary>
 ## <param name="user_role">
-##      <summary>
+##	<summary>
-##      The role associated with the user domain.
+##	The role associated with the user domain.
-##      </summary>
+##	</summary>
 ## </param>
 ## <param name="user_domain">
 ## 	<summary>
-##      The type of the user domain.
+##	The type of the user domain.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_role',`
@@ -72,12 +72,12 @@ interface(`postgresql_role',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL loadable shared library module
+##	Marks as a SE-PostgreSQL loadable shared library module
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a database object type.
+##	Type marked as a database object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_loadable_module',`
@@ -90,12 +90,12 @@ interface(`postgresql_loadable_module',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL database object type
+##	Marks as a SE-PostgreSQL database object type
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a database object type.
+##	Type marked as a database object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_database_object',`
@@ -108,12 +108,12 @@ interface(`postgresql_database_object',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL table/column/tuple object type
+##	Marks as a SE-PostgreSQL table/column/tuple object type
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a table/column/tuple object type.
+##	Type marked as a table/column/tuple object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_table_object',`
@@ -126,12 +126,12 @@ interface(`postgresql_table_object',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL system table/column/tuple object type
+##	Marks as a SE-PostgreSQL system table/column/tuple object type
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a table/column/tuple object type.
+##	Type marked as a table/column/tuple object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_system_table_object',`
@@ -145,12 +145,12 @@ interface(`postgresql_system_table_object',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL procedure object type
+##	Marks as a SE-PostgreSQL procedure object type
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a database object type.
+##	Type marked as a database object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_procedure_object',`
@@ -163,12 +163,12 @@ interface(`postgresql_procedure_object',`
 
 ########################################
 ## <summary>
-##     Marks as a SE-PostgreSQL binary large object type
+##	Marks as a SE-PostgreSQL binary large object type
 ## </summary>
 ## <param name="type">
-##     <summary>
+##	<summary>
-##     Type marked as a database binary large object type.
+##	Type marked as a database binary large object type.
-##     </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_blob_object',`
@@ -302,13 +302,13 @@ interface(`postgresql_stream_connect',`
 
 ########################################
 ## <summary>
-##      Allow the specified domain unprivileged accesses to unifined database objects
+##	Allow the specified domain unprivileged accesses to unifined database objects
 ##	managed by SE-PostgreSQL,
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_unpriv_client',`
@@ -335,13 +335,13 @@ interface(`postgresql_unpriv_client',`
 
 ########################################
 ## <summary>
-##      Allow the specified domain unconfined accesses to any database objects
+##	Allow the specified domain unconfined accesses to any database objects
 ##	managed by SE-PostgreSQL,
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgresql_unconfined',`

policy/modules/services/postgrey.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##      Write to postgrey socket
+##	Write to postgrey socket
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed to talk to postgrey
+##	Domain allowed to talk to postgrey
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgrey_stream_connect',`
@@ -22,12 +22,12 @@ interface(`postgrey_stream_connect',`
 
 ########################################
 ## <summary>
-##      Search the spool directory
+##	Search the spool directory
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access
+##	Domain allowed access
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`postgrey_search_spool',`

policy/modules/services/rpc.if

@@ -118,11 +118,11 @@ template(`rpc_domain_template', `
 
 ########################################
 ## <summary>
-##      Send UDP network traffic to rpc and recieve UDP traffic from rpc.  (Deprecated)
+##	Send UDP network traffic to rpc and recieve UDP traffic from rpc.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -132,12 +132,12 @@ interface(`rpc_udp_send',`
 
 ########################################
 ## <summary>
-##      Do not audit attempts to get the attributes
+##	Do not audit attempts to get the attributes
 ##	of the NFS export file.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -151,11 +151,11 @@ interface(`rpc_dontaudit_getattr_exports',`
 
 ########################################
 ## <summary>
-##      Allow read access to exports.
+##	Allow read access to exports.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -169,11 +169,11 @@ interface(`rpc_read_exports',`
 
 ########################################
 ## <summary>
-##      Allow write access to exports.
+##	Allow write access to exports.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -187,11 +187,11 @@ interface(`rpc_write_exports',`
 
 ########################################
 ## <summary>
-##      Execute domain in nfsd domain.
+##	Execute domain in nfsd domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #
@@ -205,11 +205,11 @@ interface(`rpc_domtrans_nfsd',`
 
 ########################################
 ## <summary>
-##      Read NFS exported content.
+##	Read NFS exported content.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -226,11 +226,11 @@ interface(`rpc_read_nfs_content',`
 
 ########################################
 ## <summary>
-##      Allow domain to create read and write NFS directories.
+##	Allow domain to create read and write NFS directories.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -247,11 +247,11 @@ interface(`rpc_manage_nfs_rw_content',`
 
 ########################################
 ## <summary>
-##      Allow domain to create read and write NFS directories.
+##	Allow domain to create read and write NFS directories.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -268,11 +268,11 @@ interface(`rpc_manage_nfs_ro_content',`
 
 ########################################
 ## <summary>
-##      Allow domain to read and write to an NFS UDP socket.
+##	Allow domain to read and write to an NFS UDP socket.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -290,7 +290,7 @@ interface(`rpc_udp_rw_nfs_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -304,7 +304,7 @@ interface(`rpc_udp_send_nfs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -323,7 +323,7 @@ interface(`rpc_search_nfs_state_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #

policy/modules/services/rsync.if

@@ -24,14 +24,14 @@ interface(`rsync_entry_type',`
 ##	Execute a rsync in a specified domain.
 ## </summary>
 ## <desc>
-##      <p>
+##	<p>
 ##	Execute a rsync in a specified domain.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      No interprocess communication (signals, pipes,
+##	No interprocess communication (signals, pipes,
-##      etc.) is provided by this interface since
+##	etc.) is provided by this interface since
-##      the domains are not owned by this module.
+##	the domains are not owned by this module.
-##      </p>
+##	</p>
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
@@ -57,14 +57,14 @@ interface(`rsync_entry_spec_domtrans',`
 ##	Execute a rsync in a specified domain.
 ## </summary>
 ## <desc>
-##      <p>
+##	<p>
 ##	Execute a rsync in a specified domain.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      No interprocess communication (signals, pipes,
+##	No interprocess communication (signals, pipes,
-##      etc.) is provided by this interface since
+##	etc.) is provided by this interface since
-##      the domains are not owned by this module.
+##	the domains are not owned by this module.
-##      </p>
+##	</p>
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>

policy/modules/services/spamassassin.if

@@ -63,9 +63,9 @@ interface(`spamassassin_exec',`
 ##	Singnal the spam assassin daemon
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`spamassassin_signal_spamd',`
@@ -97,7 +97,7 @@ interface(`spamassassin_exec_spamd',`
 
 ########################################
 ## <summary>
-##      Execute spamassassin client in the spamassassin client domain.
+##	Execute spamassassin client in the spamassassin client domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -191,12 +191,12 @@ interface(`spamassassin_manage_lib_files',`
 
 ########################################
 ## <summary>
-##      Read temporary spamd file.
+##	Read temporary spamd file.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      The type of the process performing this action.
+##	The type of the process performing this action.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`spamassassin_read_spamd_tmp_files',`
@@ -213,9 +213,9 @@ interface(`spamassassin_read_spamd_tmp_files',`
 ##	spamd sockets/
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
 ##	Domain to not audit.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`spamassassin_dontaudit_getattr_spamd_tmp_sockets',`

policy/modules/services/ucspitcp.if

@@ -7,16 +7,16 @@
 
 ########################################
 ## <summary>
-##      Define a specified domain as a ucspitcp service.
+##	Define a specified domain as a ucspitcp service.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="entrypoint">
 ##	<summary>
-##      The type associated with the process program.
+##	The type associated with the process program.
 ##	</summary>
 ## </param>
 #

policy/modules/services/xserver.if

@@ -761,12 +761,12 @@ interface(`xserver_read_xdm_pid',`
 
 ########################################
 ## <summary>
-##      Read XDM var lib files.
+##	Read XDM var lib files.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`xserver_read_xdm_lib_files',`

policy/modules/system/daemontools.if

@@ -28,16 +28,16 @@ interface(`daemontools_ipc_domain',`
 
 ########################################
 ## <summary>
-##      Define a specified domain as a supervised service.
+##	Define a specified domain as a supervised service.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="entrypoint">
 ##	<summary>
-##      The type associated with the process program.
+##	The type associated with the process program.
 ##	</summary>
 ## </param>
 #
@@ -55,11 +55,11 @@ interface(`daemontools_service_domain',`
 
 ########################################
 ## <summary>
-##      Execute in the svc_start_t domain.
+##	Execute in the svc_start_t domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -73,11 +73,11 @@ interface(`daemontools_domtrans_start',`
 
 ########################################
 ## <summary>
-##      Execute in the svc_run_t domain.
+##	Execute in the svc_run_t domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -91,11 +91,11 @@ interface(`daemontools_domtrans_run',`
 
 ########################################
 ## <summary>
-##      Execute in the svc_multilog_t domain.
+##	Execute in the svc_multilog_t domain.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -109,11 +109,11 @@ interface(`daemontools_domtrans_multilog',`
 
 ########################################
 ## <summary>
-##      Allow a domain to read svc_svc_t files.
+##	Allow a domain to read svc_svc_t files.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -129,11 +129,11 @@ interface(`daemontools_read_svc',`
 
 ########################################
 ## <summary>
-##      Allow a domain to create svc_svc_t files.
+##	Allow a domain to create svc_svc_t files.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>

policy/modules/system/init.if

@@ -666,14 +666,14 @@ interface(`init_domtrans_script',`
 ##	Execute a init script in a specified domain.
 ## </summary>
 ## <desc>
-##      <p>
+##	<p>
 ##	Execute a init script in a specified domain.
-##      </p>
+##	</p>
-##      <p>
+##	<p>
-##      No interprocess communication (signals, pipes,
+##	No interprocess communication (signals, pipes,
-##      etc.) is provided by this interface since
+##	etc.) is provided by this interface since
-##      the domains are not owned by this module.
+##	the domains are not owned by this module.
-##      </p>
+##	</p>
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
@@ -1133,7 +1133,7 @@ interface(`init_rw_script_stream_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -1451,11 +1451,11 @@ interface(`init_dontaudit_rw_utmp',`
 
 ########################################
 ## <summary>
-##      Create, read, write, and delete utmp.
+##	Create, read, write, and delete utmp.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain access allowed.
+##	Domain access allowed.
 ##	</summary>
 ## </param>
 #

policy/modules/system/libraries.te

@@ -113,7 +113,7 @@ optional_policy(`
 
 optional_policy(`
 	# When you install a kernel the postinstall builds a initrd image in tmp 
-	# and executes ldconfig on it.  If you dont allow this kernel installs 
+	# and executes ldconfig on it. If you dont allow this kernel installs 
 	# blow up.
 	rpm_manage_script_tmp_files(ldconfig_t)
 ')

policy/modules/system/logging.if

@@ -533,12 +533,12 @@ interface(`logging_search_logs',`
 
 #######################################
 ## <summary>
-##      Do not audit attempts to search the var log directory.
+##	Do not audit attempts to search the var log directory.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain not to audit.
+##	Domain not to audit.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`logging_dontaudit_search_logs',`

policy/modules/system/netlabel.if

@@ -2,12 +2,12 @@
 
 ########################################
 ## <summary>
-##      Execute netlabel_mgmt in the netlabel_mgmt domain.
+##	Execute netlabel_mgmt in the netlabel_mgmt domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 #
 interface(`netlabel_domtrans_mgmt',`
@@ -21,13 +21,13 @@ interface(`netlabel_domtrans_mgmt',`
 
 ########################################
 ## <summary>
-##      Execute netlabel_mgmt in the netlabel_mgmt domain, and
+##	Execute netlabel_mgmt in the netlabel_mgmt domain, and
-##      allow the specified role the netlabel_mgmt domain.
+##	allow the specified role the netlabel_mgmt domain.
 ## </summary>
 ## <param name="domain">
-##      <summary>
+##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
-##      </summary>
+##	</summary>
 ## </param>
 ## <param name="role">
 ##	<summary>

policy/modules/system/sysnetwork.if

@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##     The type of the process performing this action.
+##	The type of the process performing this action.
 ##	</summary>
 ## </param>
 #

policy/modules/system/userdomain.if

@@ -78,7 +78,7 @@ template(`userdom_base_user_template',`
 	dev_dontaudit_getattr_all_chr_files($1_t)
 
 	# When the user domain runs ps, there will be a number of access
-	# denials when ps tries to search /proc.  Do not audit these denials.
+	# denials when ps tries to search /proc. Do not audit these denials.
 	domain_dontaudit_read_all_domains_state($1_t)
 	domain_dontaudit_getattr_all_domains($1_t)
 	domain_dontaudit_getsession_all_domains($1_t)
@@ -1405,11 +1405,11 @@ interface(`userdom_dontaudit_search_user_home_dirs',`
 
 ########################################
 ## <summary>
-##      List user home directories.
+##	List user home directories.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -1979,11 +1979,11 @@ interface(`userdom_user_home_dir_filetrans_user_home_content',`
 
 ########################################
 ## <summary>
-##      Write to user temporary named sockets.
+##	Write to user temporary named sockets.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##      Domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #