[selinux-policy: 3036/3172] Whitespace, newline and tab fixes.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:30:06 UTC 2010
commit 1976ddda249c7639e327ea8db99ae5dcd745050f
Author: Dominick Grift <domg472 at gmail.com>
Date: Mon Sep 20 11:48:51 2010 +0200
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.
policy/modules/services/gnomeclock.if | 4 +-
policy/modules/services/hal.if | 14 ++--
policy/modules/services/icecast.if | 10 +--
policy/modules/services/ifplugd.if | 4 +-
policy/modules/services/inetd.if | 1 -
policy/modules/services/jabber.if | 88 +++++++++++-----------
policy/modules/services/kerberos.if | 10 +-
policy/modules/services/kerneloops.if | 4 +-
policy/modules/services/ksmtuned.if | 5 +-
policy/modules/services/ldap.if | 34 ++++-----
policy/modules/services/lircd.if | 9 +-
policy/modules/services/mailman.if | 2 +-
policy/modules/services/memcached.if | 4 +-
policy/modules/services/milter.if | 18 ++--
policy/modules/services/mock.if | 21 ++---
policy/modules/services/modemmanager.if | 4 +-
policy/modules/services/mpd.if | 116 ++++++++++++++---------------
policy/modules/services/mta.if | 39 +++++-----
policy/modules/services/munin.if | 19 ++---
policy/modules/services/nagios.if | 1 -
policy/modules/services/networkmanager.if | 6 +-
policy/modules/services/nslcd.if | 4 +-
policy/modules/services/oddjob.if | 38 +++++-----
policy/modules/services/oident.if | 6 +-
policy/modules/services/openct.if | 8 +-
policy/modules/services/pads.if | 2 +-
policy/modules/services/passenger.if | 53 +++++++-------
policy/modules/services/pcscd.if | 4 +-
policy/modules/services/pingd.if | 5 +-
policy/modules/services/piranha.if | 102 ++++++++++++-------------
30 files changed, 308 insertions(+), 327 deletions(-)
---
diff --git a/policy/modules/services/gnomeclock.if b/policy/modules/services/gnomeclock.if
index da0e844..17d25ba 100644
--- a/policy/modules/services/gnomeclock.if
+++ b/policy/modules/services/gnomeclock.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run gnomeclock.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`gnomeclock_domtrans',`
diff --git a/policy/modules/services/hal.if b/policy/modules/services/hal.if
index 8277269..2b55c85 100644
--- a/policy/modules/services/hal.if
+++ b/policy/modules/services/hal.if
@@ -70,7 +70,7 @@ interface(`hal_use_fds',`
type hald_t;
')
- allow $1 hald_t:fd use;
+ allow $1 hald_t:fd use;
')
########################################
@@ -88,7 +88,7 @@ interface(`hal_dontaudit_use_fds',`
type hald_t;
')
- dontaudit $1 hald_t:fd use;
+ dontaudit $1 hald_t:fd use;
')
########################################
@@ -107,7 +107,7 @@ interface(`hal_rw_pipes',`
type hald_t;
')
- allow $1 hald_t:fifo_file rw_fifo_file_perms;
+ allow $1 hald_t:fifo_file rw_fifo_file_perms;
')
########################################
@@ -126,7 +126,7 @@ interface(`hal_dontaudit_rw_pipes',`
type hald_t;
')
- dontaudit $1 hald_t:fifo_file rw_fifo_file_perms;
+ dontaudit $1 hald_t:fifo_file rw_fifo_file_perms;
')
########################################
@@ -360,7 +360,7 @@ interface(`hal_read_pid_files',`
########################################
## <summary>
-## Do not audit attempts to read
+## Do not audit attempts to read
## hald PID files.
## </summary>
## <param name="domain">
@@ -451,9 +451,9 @@ interface(`hal_dontaudit_leaks',`
type hald_var_run_t;
')
- dontaudit $1 hald_t:fd use;
+ dontaudit $1 hald_t:fd use;
dontaudit $1 hald_log_t:file rw_inherited_file_perms;
- dontaudit $1 hald_t:fifo_file rw_inherited_fifo_file_perms;
+ dontaudit $1 hald_t:fifo_file rw_inherited_fifo_file_perms;
dontaudit hald_t $1:socket_class_set { read write };
dontaudit $1 hald_var_run_t:file read_inherited_file_perms;
')
diff --git a/policy/modules/services/icecast.if b/policy/modules/services/icecast.if
index 3aa86f3..40affd8 100644
--- a/policy/modules/services/icecast.if
+++ b/policy/modules/services/icecast.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run icecast.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`icecast_domtrans',`
@@ -118,9 +118,9 @@ interface(`icecast_read_log',`
## icecast log files.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed access.
-## </summary>
+## </summary>
## </param>
#
interface(`icecast_append_log',`
@@ -183,7 +183,5 @@ interface(`icecast_admin',`
allow $2 system_r;
icecast_manage_pid_files($1)
-
icecast_manage_log($1)
-
')
diff --git a/policy/modules/services/ifplugd.if b/policy/modules/services/ifplugd.if
index dfb4232..684bb0a 100644
--- a/policy/modules/services/ifplugd.if
+++ b/policy/modules/services/ifplugd.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run ifplugd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`ifplugd_domtrans',`
diff --git a/policy/modules/services/inetd.if b/policy/modules/services/inetd.if
index df48e5e..6985546 100644
--- a/policy/modules/services/inetd.if
+++ b/policy/modules/services/inetd.if
@@ -55,7 +55,6 @@ interface(`inetd_core_service_domain',`
## </param>
#
interface(`inetd_tcp_service_domain',`
-
gen_require(`
type inetd_t;
')
diff --git a/policy/modules/services/jabber.if b/policy/modules/services/jabber.if
index f17e629..cde3591 100644
--- a/policy/modules/services/jabber.if
+++ b/policy/modules/services/jabber.if
@@ -2,95 +2,95 @@
#######################################
## <summary>
-## Execute a domain transition to run jabberd services
+## Execute a domain transition to run jabberd services
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
+## <summary>
+## Domain allowed to transition.
+## </summary>
## </param>
#
interface(`jabber_domtrans_jabberd',`
- gen_require(`
- type jabberd_t, jabberd_exec_t;
- ')
+ gen_require(`
+ type jabberd_t, jabberd_exec_t;
+ ')
- domtrans_pattern($1, jabberd_exec_t, jabberd_t)
+ domtrans_pattern($1, jabberd_exec_t, jabberd_t)
')
######################################
## <summary>
-## Execute a domain transition to run jabberd router service
+## Execute a domain transition to run jabberd router service
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
+## <summary>
+## Domain allowed to transition.
+## </summary>
## </param>
#
interface(`jabber_domtrans_jabberd_router',`
- gen_require(`
- type jabberd_router_t, jabberd_router_exec_t;
- ')
+ gen_require(`
+ type jabberd_router_t, jabberd_router_exec_t;
+ ')
- domtrans_pattern($1, jabberd_router_exec_t, jabberd_router_t)
+ domtrans_pattern($1, jabberd_router_exec_t, jabberd_router_t)
')
#######################################
## <summary>
-## Read jabberd lib files.
+## Read jabberd lib files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`jabberd_read_lib_files',`
- gen_require(`
- type jabberd_var_lib_t;
- ')
+ gen_require(`
+ type jabberd_var_lib_t;
+ ')
- files_search_var_lib($1)
- read_files_pattern($1, jabberd_var_lib_t, jabberd_var_lib_t)
+ files_search_var_lib($1)
+ read_files_pattern($1, jabberd_var_lib_t, jabberd_var_lib_t)
')
#######################################
## <summary>
-## Dontaudit inherited read jabberd lib files.
+## Dontaudit inherited read jabberd lib files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
+## <summary>
+## Domain to not audit.
+## </summary>
## </param>
#
interface(`jabberd_dontaudit_read_lib_files',`
- gen_require(`
- type jabberd_var_lib_t;
- ')
+ gen_require(`
+ type jabberd_var_lib_t;
+ ')
- dontaudit $1 jabberd_var_lib_t:file read_inherited_file_perms;
+ dontaudit $1 jabberd_var_lib_t:file read_inherited_file_perms;
')
#######################################
## <summary>
-## Create, read, write, and delete
-## jabberd lib files.
+## Create, read, write, and delete
+## jabberd lib files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`jabberd_manage_lib_files',`
- gen_require(`
- type jabberd_var_lib_t;
- ')
+ gen_require(`
+ type jabberd_var_lib_t;
+ ')
- files_search_var_lib($1)
- manage_files_pattern($1, jabberd_var_lib_t, jabberd_var_lib_t)
+ files_search_var_lib($1)
+ manage_files_pattern($1, jabberd_var_lib_t, jabberd_var_lib_t)
')
########################################
@@ -121,7 +121,7 @@ interface(`jabber_admin',`
ps_process_pattern($1, jabberd_t)
allow $1 jabberd_router_t:process { ptrace signal_perms };
- ps_process_pattern($1, jabberd_router_t)
+ ps_process_pattern($1, jabberd_router_t)
init_labeled_script_domtrans($1, jabberd_initrc_exec_t)
domain_system_change_exemption($1)
diff --git a/policy/modules/services/kerberos.if b/policy/modules/services/kerberos.if
index 604f67b..541cc80 100644
--- a/policy/modules/services/kerberos.if
+++ b/policy/modules/services/kerberos.if
@@ -26,9 +26,9 @@
## Execute kadmind in the current domain
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed access.
-## </summary>
+## </summary>
## </param>
#
interface(`kerberos_exec_kadmind',`
@@ -44,9 +44,9 @@ interface(`kerberos_exec_kadmind',`
## Execute a domain transition to run kpropd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`kerberos_domtrans_kpropd',`
@@ -235,7 +235,7 @@ template(`kerberos_keytab_template',`
type $1_keytab_t;
files_type($1_keytab_t)
- allow $2 $1_keytab_t:file read_file_perms;
+ allow $2 $1_keytab_t:file read_file_perms;
kerberos_read_keytab($2)
kerberos_use($2)
diff --git a/policy/modules/services/kerneloops.if b/policy/modules/services/kerneloops.if
index 835b16b..767833d 100644
--- a/policy/modules/services/kerneloops.if
+++ b/policy/modules/services/kerneloops.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run kerneloops.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`kerneloops_domtrans',`
diff --git a/policy/modules/services/ksmtuned.if b/policy/modules/services/ksmtuned.if
index d17f349..40a9405 100644
--- a/policy/modules/services/ksmtuned.if
+++ b/policy/modules/services/ksmtuned.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run ksmtuned.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`ksmtuned_domtrans',`
@@ -70,5 +70,4 @@ interface(`ksmtuned_admin',`
domain_system_change_exemption($1)
role_transition $2 ksmtuned_initrc_exec_t system_r;
allow $2 system_r;
-
')
diff --git a/policy/modules/services/ldap.if b/policy/modules/services/ldap.if
index d15f94d..eabd77a 100644
--- a/policy/modules/services/ldap.if
+++ b/policy/modules/services/ldap.if
@@ -2,42 +2,40 @@
#######################################
## <summary>
-## Execute OpenLDAP in the ldap domain.
+## Execute OpenLDAP in the ldap domain.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`ldap_domtrans',`
- gen_require(`
- type slapd_t, slapd_exec_t;
- ')
-
- domtrans_pattern($1, slapd_exec_t, slapd_t)
+ gen_require(`
+ type slapd_t, slapd_exec_t;
+ ')
+ domtrans_pattern($1, slapd_exec_t, slapd_t)
')
#######################################
## <summary>
-## Execute OpenLDAP server in the ldap domain.
+## Execute OpenLDAP server in the ldap domain.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`ldap_initrc_domtrans',`
- gen_require(`
- type slapd_initrc_exec_t;
- ')
+ gen_require(`
+ type slapd_initrc_exec_t;
+ ')
- init_labeled_script_domtrans($1, slapd_initrc_exec_t)
+ init_labeled_script_domtrans($1, slapd_initrc_exec_t)
')
-
########################################
## <summary>
## Read the contents of the OpenLDAP
diff --git a/policy/modules/services/lircd.if b/policy/modules/services/lircd.if
index 418cc81..c0513fa 100644
--- a/policy/modules/services/lircd.if
+++ b/policy/modules/services/lircd.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run lircd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`lircd_domtrans',`
@@ -16,7 +16,6 @@ interface(`lircd_domtrans',`
')
domain_auto_trans($1, lircd_exec_t, lircd_t)
-
')
######################################
@@ -44,9 +43,9 @@ interface(`lircd_stream_connect',`
## Read lircd etc file
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed access.
-## </summary>
+## </summary>
## </param>
#
interface(`lircd_read_config',`
diff --git a/policy/modules/services/mailman.if b/policy/modules/services/mailman.if
index 19bcae2..84b7626 100644
--- a/policy/modules/services/mailman.if
+++ b/policy/modules/services/mailman.if
@@ -16,7 +16,7 @@
## </summary>
## </param>
#
-template(`mailman_domain_template', `
+template(`mailman_domain_template',`
type mailman_$1_t;
domain_type(mailman_$1_t)
role system_r types mailman_$1_t;
diff --git a/policy/modules/services/memcached.if b/policy/modules/services/memcached.if
index ee60e59..513a070 100644
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run memcached.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`memcached_domtrans',`
diff --git a/policy/modules/services/milter.if b/policy/modules/services/milter.if
index 267cd44..e10894b 100644
--- a/policy/modules/services/milter.if
+++ b/policy/modules/services/milter.if
@@ -121,19 +121,19 @@ interface(`milter_manage_spamass_state',`
#######################################
## <summary>
-## Delete dkim-milter PID files.
+## Delete dkim-milter PID files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`milter_delete_dkim_pid_files',`
- gen_require(`
- type dkim_milter_data_t;
- ')
+ gen_require(`
+ type dkim_milter_data_t;
+ ')
- files_search_pids($1)
- delete_files_pattern($1, dkim_milter_data_t, dkim_milter_data_t)
+ files_search_pids($1)
+ delete_files_pattern($1, dkim_milter_data_t, dkim_milter_data_t)
')
diff --git a/policy/modules/services/mock.if b/policy/modules/services/mock.if
index 4ed75f1..4b0002a 100644
--- a/policy/modules/services/mock.if
+++ b/policy/modules/services/mock.if
@@ -1,4 +1,3 @@
-
## <summary>policy for mock</summary>
########################################
@@ -6,9 +5,9 @@
## Execute a domain transition to run mock.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`mock_domtrans',`
@@ -19,7 +18,6 @@ interface(`mock_domtrans',`
domtrans_pattern($1, mock_exec_t, mock_t)
')
-
########################################
## <summary>
## Search mock lib directories.
@@ -55,7 +53,7 @@ interface(`mock_read_lib_files',`
')
files_search_var_lib($1)
- read_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
+ read_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')
########################################
@@ -75,7 +73,7 @@ interface(`mock_manage_lib_files',`
')
files_search_var_lib($1)
- manage_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
+ manage_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')
########################################
@@ -94,7 +92,7 @@ interface(`mock_manage_lib_dirs',`
')
files_search_var_lib($1)
- manage_dirs_pattern($1, mock_var_lib_t, mock_var_lib_t)
+ manage_dirs_pattern($1, mock_var_lib_t, mock_var_lib_t)
')
#########################################
@@ -113,7 +111,7 @@ interface(`mock_manage_lib_symlinks',`
')
files_search_var_lib($1)
- manage_lnk_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
+ manage_lnk_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')
########################################
@@ -132,7 +130,7 @@ interface(`mock_manage_lib_chr_files',`
')
files_search_var_lib($1)
- manage_chr_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
+ manage_chr_files_pattern($1, mock_var_lib_t, mock_var_lib_t)
')
########################################
@@ -177,7 +175,7 @@ interface(`mock_run',`
#
interface(`mock_role',`
gen_require(`
- type mock_t;
+ type mock_t;
')
role $1 types mock_t;
@@ -226,7 +224,7 @@ interface(`mock_signal',`
interface(`mock_admin',`
gen_require(`
type mock_t;
- type mock_var_lib_t;
+ type mock_var_lib_t;
')
allow $1 mock_t:process { ptrace signal_perms };
@@ -234,5 +232,4 @@ interface(`mock_admin',`
files_search_var_lib($1)
admin_pattern($1, mock_var_lib_t)
-
')
diff --git a/policy/modules/services/modemmanager.if b/policy/modules/services/modemmanager.if
index 3368699..7a7fc02 100644
--- a/policy/modules/services/modemmanager.if
+++ b/policy/modules/services/modemmanager.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run modemmanager.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`modemmanager_domtrans',`
diff --git a/policy/modules/services/mpd.if b/policy/modules/services/mpd.if
index 5599d14..65c79bc 100644
--- a/policy/modules/services/mpd.if
+++ b/policy/modules/services/mpd.if
@@ -1,4 +1,3 @@
-
## <summary>policy for daemon for playing music</summary>
########################################
@@ -6,9 +5,9 @@
## Execute a domain transition to run mpd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`mpd_domtrans',`
@@ -19,7 +18,6 @@ interface(`mpd_domtrans',`
domtrans_pattern($1, mpd_exec_t, mpd_t)
')
-
########################################
## <summary>
## Execute mpd server in the mpd domain.
@@ -40,79 +38,79 @@ interface(`mpd_initrc_domtrans',`
#######################################
## <summary>
-## Read mpd data files.
+## Read mpd data files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mpd_read_data_files',`
- gen_require(`
- type mpd_data_t;
- ')
+ gen_require(`
+ type mpd_data_t;
+ ')
mpd_search_lib($1)
- read_files_pattern($1, mpd_data_t, mpd_data_t)
+ read_files_pattern($1, mpd_data_t, mpd_data_t)
')
#######################################
## <summary>
-## Read mpd tmpfs files.
+## Read mpd tmpfs files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mpd_read_tmpfs_files',`
- gen_require(`
- type mpd_tmpfs_t;
- ')
+ gen_require(`
+ type mpd_tmpfs_t;
+ ')
fs_search_tmpfs($1)
- read_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
+ read_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
')
###################################
## <summary>
-## Manage mpd tmpfs files.
+## Manage mpd tmpfs files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mpd_manage_tmpfs_files',`
- gen_require(`
- type mpd_tmpfs_t;
- ')
+ gen_require(`
+ type mpd_tmpfs_t;
+ ')
fs_search_tmpfs($1)
- manage_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
- manage_lnk_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
+ manage_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
+ manage_lnk_files_pattern($1, mpd_tmpfs_t, mpd_tmpfs_t)
')
######################################
## <summary>
-## Manage mpd data files.
+## Manage mpd data files.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mpd_manage_data_files',`
- gen_require(`
- type mpd_data_t;
- ')
+ gen_require(`
+ type mpd_data_t;
+ ')
- mpd_search_lib($1)
- manage_files_pattern($1, mpd_data_t, mpd_data_t)
+ mpd_search_lib($1)
+ manage_files_pattern($1, mpd_data_t, mpd_data_t)
')
########################################
@@ -150,7 +148,7 @@ interface(`mpd_read_lib_files',`
')
files_search_var_lib($1)
- read_files_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
+ read_files_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
')
########################################
@@ -170,36 +168,36 @@ interface(`mpd_manage_lib_files',`
')
files_search_var_lib($1)
- manage_files_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
+ manage_files_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
')
#######################################
## <summary>
-## Create an object in the root directory, with a private
-## type using a type transition.
+## Create an object in the root directory, with a private
+## type using a type transition.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
## <param name="private type">
-## <summary>
-## The type of the object to be created.
-## </summary>
+## <summary>
+## The type of the object to be created.
+## </summary>
## </param>
## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
+## <summary>
+## The object class of the object being created.
+## </summary>
## </param>
#
interface(`mpd_var_lib_filetrans',`
- gen_require(`
- type mpd_var_lib_t;
- ')
+ gen_require(`
+ type mpd_var_lib_t;
+ ')
- filetrans_pattern($1, mpd_var_lib_t, $2, $3)
+ filetrans_pattern($1, mpd_var_lib_t, $2, $3)
')
########################################
@@ -218,7 +216,7 @@ interface(`mpd_manage_lib_dirs',`
')
files_search_var_lib($1)
- manage_dirs_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
+ manage_dirs_pattern($1, mpd_var_lib_t, mpd_var_lib_t)
')
########################################
@@ -245,7 +243,7 @@ interface(`mpd_admin',`
type mpd_etc_t;
type mpd_data_t;
type mpd_log_t;
- type mpd_var_lib_t;
+ type mpd_var_lib_t;
type mpd_tmpfs_t;
')
@@ -258,11 +256,11 @@ interface(`mpd_admin',`
allow $2 system_r;
admin_pattern($1, mpd_etc_t)
- files_search_etc($1)
+ files_search_etc($1)
files_search_var_lib($1)
admin_pattern($1, mpd_var_lib_t)
-
+
mpd_search_lib($1)
admin_pattern($1, mpd_data_t)
diff --git a/policy/modules/services/mta.if b/policy/modules/services/mta.if
index a9ebda2..97c492e 100644
--- a/policy/modules/services/mta.if
+++ b/policy/modules/services/mta.if
@@ -39,7 +39,6 @@ interface(`mta_stub',`
## </param>
#
template(`mta_base_mail_template',`
-
gen_require(`
attribute user_mail_domain;
type sendmail_exec_t;
@@ -225,18 +224,18 @@ interface(`mta_agent_executable',`
## Dontaudit read and write an leaked file descriptors
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mta_dontaudit_leaks_system_mail',`
- gen_require(`
- type system_mail_t;
- ')
+ gen_require(`
+ type system_mail_t;
+ ')
- dontaudit $1 system_mail_t:fifo_file write;
- dontaudit $1 system_mail_t:tcp_socket { read write };
+ dontaudit $1 system_mail_t:fifo_file write;
+ dontaudit $1 system_mail_t:tcp_socket { read write };
')
########################################
@@ -376,7 +375,7 @@ interface(`mta_send_mail',`
allow mta_user_agent $1:process sigchld;
allow mta_user_agent $1:fifo_file rw_fifo_file_perms;
- ifdef(`hide_broken_symptoms', `
+ ifdef(`hide_broken_symptoms',`
dontaudit system_mail_t $1:socket_class_set { read write };
')
')
@@ -962,20 +961,20 @@ interface(`mta_filetrans_aliases',`
######################################
## <summary>
-## ALlow domain to read mail content in the homedir
+## ALlow domain to read mail content in the homedir
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`mta_read_home',`
- gen_require(`
- type mail_home_t;
- ')
+ gen_require(`
+ type mail_home_t;
+ ')
- userdom_search_user_home_dirs($1)
- userdom_search_admin_dir($1)
- read_files_pattern($1, mail_home_t, mail_home_t)
+ userdom_search_user_home_dirs($1)
+ userdom_search_admin_dir($1)
+ read_files_pattern($1, mail_home_t, mail_home_t)
')
diff --git a/policy/modules/services/munin.if b/policy/modules/services/munin.if
index dda8ca9..297e392 100644
--- a/policy/modules/services/munin.if
+++ b/policy/modules/services/munin.if
@@ -37,8 +37,7 @@ template(`munin_plugin_template',`
# automatic transition rules from munin domain
# to specific munin plugin domain
domtrans_pattern(munin_t, $1_munin_plugin_exec_t, $1_munin_plugin_t)
- allow munin_t $1_munin_plugin_t:process signal;
-
+ allow munin_t $1_munin_plugin_t:process signal;
')
########################################
@@ -85,20 +84,20 @@ interface(`munin_read_config',`
######################################
## <summary>
-## dontaudit read and write an leaked file descriptors
+## dontaudit read and write an leaked file descriptors
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`munin_dontaudit_leaks',`
- gen_require(`
- type munin_t;
- ')
+ gen_require(`
+ type munin_t;
+ ')
- dontaudit $1 munin_t:tcp_socket { read write };
+ dontaudit $1 munin_t:tcp_socket { read write };
')
#######################################
diff --git a/policy/modules/services/nagios.if b/policy/modules/services/nagios.if
index e3c8272..fcb28e9 100644
--- a/policy/modules/services/nagios.if
+++ b/policy/modules/services/nagios.if
@@ -12,7 +12,6 @@
## </param>
#
template(`nagios_plugin_template',`
-
gen_require(`
type nagios_t, nrpe_t;
type nagios_log_t;
diff --git a/policy/modules/services/networkmanager.if b/policy/modules/services/networkmanager.if
index 1a1bfe4..0390b46 100644
--- a/policy/modules/services/networkmanager.if
+++ b/policy/modules/services/networkmanager.if
@@ -43,9 +43,9 @@ interface(`networkmanager_rw_packet_sockets',`
## Allow caller to relabel tun_socket
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`networkmanager_attach_tun_iface',`
diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if
index b94add1..2a55401 100644
--- a/policy/modules/services/nslcd.if
+++ b/policy/modules/services/nslcd.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run nslcd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`nslcd_domtrans',`
diff --git a/policy/modules/services/oddjob.if b/policy/modules/services/oddjob.if
index ca33ae3..c6e34b2 100644
--- a/policy/modules/services/oddjob.if
+++ b/policy/modules/services/oddjob.if
@@ -9,9 +9,9 @@
## Execute a domain transition to run oddjob.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`oddjob_domtrans',`
@@ -24,21 +24,21 @@ interface(`oddjob_domtrans',`
#####################################
## <summary>
-## Do not audit attempts to read and write
-## oddjob fifo file.
+## Do not audit attempts to read and write
+## oddjob fifo file.
## </summary>
## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
+## <summary>
+## Domain to not audit.
+## </summary>
## </param>
#
interface(`oddjob_dontaudit_rw_fifo_file',`
- gen_require(`
- type shutdown_t;
- ')
+ gen_require(`
+ type shutdown_t;
+ ')
- dontaudit $1 oddjob_t:fifo_file rw_inherited_fifo_file_perms;
+ dontaudit $1 oddjob_t:fifo_file rw_inherited_fifo_file_perms;
')
########################################
@@ -89,20 +89,20 @@ interface(`oddjob_dbus_chat',`
######################################
## <summary>
-## Send a SIGCHLD signal to oddjob.
+## Send a SIGCHLD signal to oddjob.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`oddjob_sigchld',`
- gen_require(`
- type oddjob_t;
- ')
+ gen_require(`
+ type oddjob_t;
+ ')
- allow $1 oddjob_t:process sigchld;
+ allow $1 oddjob_t:process sigchld;
')
########################################
diff --git a/policy/modules/services/oident.if b/policy/modules/services/oident.if
index bb4fae5..a3a9a76 100644
--- a/policy/modules/services/oident.if
+++ b/policy/modules/services/oident.if
@@ -18,7 +18,7 @@
## </summary>
## </param>
#
-interface(`oident_read_user_content', `
+interface(`oident_read_user_content',`
gen_require(`
type oidentd_home_t;
')
@@ -38,7 +38,7 @@ interface(`oident_read_user_content', `
## </summary>
## </param>
#
-interface(`oident_manage_user_content', `
+interface(`oident_manage_user_content',`
gen_require(`
type oidentd_home_t;
')
@@ -58,7 +58,7 @@ interface(`oident_manage_user_content', `
## </summary>
## </param>
#
-interface(`oident_relabel_user_content', `
+interface(`oident_relabel_user_content',`
gen_require(`
type oidentd_home_t;
')
diff --git a/policy/modules/services/openct.if b/policy/modules/services/openct.if
index 9d0a67b..9197ef0 100644
--- a/policy/modules/services/openct.if
+++ b/policy/modules/services/openct.if
@@ -23,9 +23,9 @@ interface(`openct_signull',`
## Execute openct in the caller domain.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed access.
-## </summary>
+## </summary>
## </param>
#
interface(`openct_exec',`
@@ -42,9 +42,9 @@ interface(`openct_exec',`
## Execute a domain transition to run openct.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`openct_domtrans',`
diff --git a/policy/modules/services/pads.if b/policy/modules/services/pads.if
index 4452d3b..5a14c62 100644
--- a/policy/modules/services/pads.if
+++ b/policy/modules/services/pads.if
@@ -25,7 +25,7 @@
## </param>
## <rolecap/>
#
-interface(`pads_admin', `
+interface(`pads_admin',`
gen_require(`
type pads_t, pads_config_t;
type pads_var_run_t, pads_initrc_exec_t;
diff --git a/policy/modules/services/passenger.if b/policy/modules/services/passenger.if
index 7ca90f6..7f2bbc6 100644
--- a/policy/modules/services/passenger.if
+++ b/policy/modules/services/passenger.if
@@ -2,19 +2,19 @@
######################################
## <summary>
-## Execute passenger in the passenger domain.
+## Execute passenger in the passenger domain.
## </summary>
## <param name="domain">
-## <summary>
-## The type of the process performing this action.
-## </summary>
+## <summary>
+## The type of the process performing this action.
+## </summary>
## </param>
#
interface(`passenger_domtrans',`
- gen_require(`
- type passenger_t;
- type passenger_exec_t;
- ')
+ gen_require(`
+ type passenger_t;
+ type passenger_exec_t;
+ ')
allow $1 self:capability { fowner fsetid };
@@ -27,43 +27,42 @@ interface(`passenger_domtrans',`
######################################
## <summary>
-## Manage passenger var_run content.
+## Manage passenger var_run content.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`passenger_manage_pid_content',`
- gen_require(`
- type passenger_var_run_t;
- ')
+ gen_require(`
+ type passenger_var_run_t;
+ ')
- files_search_pids($1)
+ files_search_pids($1)
manage_dirs_pattern($1, passenger_var_run_t, passenger_var_run_t)
- manage_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
+ manage_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
manage_fifo_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
manage_sock_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
')
########################################
## <summary>
-## Read passenger lib files
+## Read passenger lib files
## </summary>
## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
+## <summary>
+## Domain to not audit.
+## </summary>
## </param>
#
interface(`passenger_read_lib_files',`
- gen_require(`
- type passenger_var_lib_t;
- ')
+ gen_require(`
+ type passenger_var_lib_t;
+ ')
files_search_var_lib($1)
- read_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
- read_lnk_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
+ read_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
+ read_lnk_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
')
-
diff --git a/policy/modules/services/pcscd.if b/policy/modules/services/pcscd.if
index 1c2a091..ea5ae69 100644
--- a/policy/modules/services/pcscd.if
+++ b/policy/modules/services/pcscd.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run pcscd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`pcscd_domtrans',`
diff --git a/policy/modules/services/pingd.if b/policy/modules/services/pingd.if
index 8688aae..2e6ce68 100644
--- a/policy/modules/services/pingd.if
+++ b/policy/modules/services/pingd.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run pingd.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`pingd_domtrans',`
@@ -55,7 +55,6 @@ interface(`pingd_manage_config',`
files_search_etc($1)
manage_dirs_pattern($1, pingd_etc_t, pingd_etc_t)
manage_files_pattern($1, pingd_etc_t, pingd_etc_t)
-
')
#######################################
diff --git a/policy/modules/services/piranha.if b/policy/modules/services/piranha.if
index 8ecd276..6193984 100644
--- a/policy/modules/services/piranha.if
+++ b/policy/modules/services/piranha.if
@@ -1,44 +1,42 @@
-
## <summary>policy for piranha</summary>
#######################################
## <summary>
-## Creates types and rules for a basic
-## cluster init daemon domain.
+## Creates types and rules for a basic
+## cluster init daemon domain.
## </summary>
## <param name="prefix">
-## <summary>
-## Prefix for the domain.
-## </summary>
+## <summary>
+## Prefix for the domain.
+## </summary>
## </param>
#
template(`piranha_domain_template',`
-
- gen_require(`
- attribute piranha_domain;
- ')
+ gen_require(`
+ attribute piranha_domain;
+ ')
##############################
- #
- # piranha_$1_t declarations
- #
+ #
+ # piranha_$1_t declarations
+ #
type piranha_$1_t, piranha_domain;
type piranha_$1_exec_t;
init_daemon_domain(piranha_$1_t, piranha_$1_exec_t)
# pid files
- type piranha_$1_var_run_t;
- files_pid_file(piranha_$1_var_run_t)
+ type piranha_$1_var_run_t;
+ files_pid_file(piranha_$1_var_run_t)
##############################
- #
- # piranha_$1_t local policy
- #
+ #
+ # piranha_$1_t local policy
+ #
- manage_files_pattern(piranha_$1_t, piranha_$1_var_run_t, piranha_$1_var_run_t)
+ manage_files_pattern(piranha_$1_t, piranha_$1_var_run_t, piranha_$1_var_run_t)
manage_dirs_pattern(piranha_$1_t, piranha_$1_var_run_t, piranha_$1_var_run_t)
- files_pid_filetrans(piranha_$1_t, piranha_$1_var_run_t, { file })
+ files_pid_filetrans(piranha_$1_t, piranha_$1_var_run_t, { file })
')
########################################
@@ -46,9 +44,9 @@ template(`piranha_domain_template',`
## Execute a domain transition to run fos.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`piranha_domtrans_fos',`
@@ -61,56 +59,56 @@ interface(`piranha_domtrans_fos',`
#######################################
## <summary>
-## Execute a domain transition to run lvsd.
+## Execute a domain transition to run lvsd.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
+## <summary>
+## Domain allowed to transition.
+## </summary>
## </param>
#
interface(`piranha_domtrans_lvs',`
- gen_require(`
- type piranha_lvs_t, piranha_lvs_exec_t;
- ')
+ gen_require(`
+ type piranha_lvs_t, piranha_lvs_exec_t;
+ ')
- domtrans_pattern($1, piranha_lvs_exec_t, piranha_lvs_t)
+ domtrans_pattern($1, piranha_lvs_exec_t, piranha_lvs_t)
')
#######################################
## <summary>
-## Execute a domain transition to run pulse.
+## Execute a domain transition to run pulse.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
+## <summary>
+## Domain allowed to transition.
+## </summary>
## </param>
#
interface(`piranha_domtrans_pulse',`
- gen_require(`
- type piranha_pulse_t, piranha_pulse_exec_t;
- ')
+ gen_require(`
+ type piranha_pulse_t, piranha_pulse_exec_t;
+ ')
- domtrans_pattern($1, piranha_pulse_exec_t, piranha_pulse_t)
+ domtrans_pattern($1, piranha_pulse_exec_t, piranha_pulse_t)
')
#######################################
## <summary>
-## Execute pulse server in the pulse domain.
+## Execute pulse server in the pulse domain.
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
## </param>
#
interface(`piranha_pulse_initrc_domtrans',`
- gen_require(`
- type piranha_pulse_initrc_exec_t;
- ')
+ gen_require(`
+ type piranha_pulse_initrc_exec_t;
+ ')
- init_labeled_script_domtrans($1, piranha_pulse_initrc_exec_t)
+ init_labeled_script_domtrans($1, piranha_pulse_initrc_exec_t)
')
########################################
@@ -130,7 +128,7 @@ interface(`piranha_read_log',`
')
logging_search_logs($1)
- read_files_pattern($1, piranha_log_t, piranha_log_t)
+ read_files_pattern($1, piranha_log_t, piranha_log_t)
')
########################################
@@ -139,9 +137,9 @@ interface(`piranha_read_log',`
## piranha log files.
## </summary>
## <param name="domain">
-## <summary>
+## <summary>
## Domain allowed to transition.
-## </summary>
+## </summary>
## </param>
#
interface(`piranha_append_log',`
@@ -169,7 +167,7 @@ interface(`piranha_manage_log',`
')
logging_search_logs($1)
- manage_dirs_pattern($1, piranha_log_t, piranha_log_t)
- manage_files_pattern($1, piranha_log_t, piranha_log_t)
- manage_lnk_files_pattern($1, piranha_log_t, piranha_log_t)
+ manage_dirs_pattern($1, piranha_log_t, piranha_log_t)
+ manage_files_pattern($1, piranha_log_t, piranha_log_t)
+ manage_lnk_files_pattern($1, piranha_log_t, piranha_log_t)
')
More information about the scm-commits
mailing list