commit: f9bd7fa24d2ccec2ddc1855dda6cf424fa1feb62
Author: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org>
AuthorDate: Tue Jun 24 16:44:36 2025 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Jul 15 08:04:55 2025 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f9bd7fa2
modules: only whitespace fixes spotted while editing modules
Signed-off-by: Marc Schiffbauer <mschiff <AT> gentoo.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/devices.if | 10 +++----
policy/modules/kernel/files.if | 16 +++++------
policy/modules/kernel/filesystem.if | 54 ++++++++++++++++++-------------------
policy/modules/roles/sysadm.te | 2 +-
policy/modules/system/iptables.if | 2 +-
5 files changed, 42 insertions(+), 42 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 61a7d6f60..5191ba496 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4988,7 +4988,7 @@ interface(`dev_relabel_all_sysfs',`
#
interface(`dev_setattr_all_sysfs',`
gen_require(`
- attribute sysfs_types;
+ attribute sysfs_types;
')
allow $1 sysfs_types:dir { search_dir_perms setattr };
@@ -5026,11 +5026,11 @@ interface(`dev_rw_tpm',`
## </param>
#
interface(`dev_rw_uhid',`
- gen_require(`
- type device_t, uhid_device_t;
- ')
+ gen_require(`
+ type device_t, uhid_device_t;
+ ')
- rw_chr_files_pattern($1, device_t, uhid_device_t)
+ rw_chr_files_pattern($1, device_t, uhid_device_t)
')
########################################
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index a37365e9d..8428afdbe 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -7759,11 +7759,11 @@ interface(`files_runtime_filetrans_lock_dir',`
## </param>
#
interface(`files_create_all_spool_sockets',`
- gen_require(`
- attribute spoolfile;
- ')
+ gen_require(`
+ attribute spoolfile;
+ ')
- allow $1 spoolfile:sock_file create_sock_file_perms;
+ allow $1 spoolfile:sock_file create_sock_file_perms;
')
########################################
@@ -7777,11 +7777,11 @@ interface(`files_create_all_spool_sockets',`
## </param>
#
interface(`files_delete_all_spool_sockets',`
- gen_require(`
- attribute spoolfile;
- ')
+ gen_require(`
+ attribute spoolfile;
+ ')
- allow $1 spoolfile:sock_file delete_sock_file_perms;
+ allow $1 spoolfile:sock_file delete_sock_file_perms;
')
########################################
diff --git a/policy/modules/kernel/filesystem.if
b/policy/modules/kernel/filesystem.if
index 1ac35c855..424a6af40 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -2582,9 +2582,9 @@ interface(`fs_read_dos_files',`
## </param>
#
interface(`fs_mmap_read_dos_files',`
- gen_require(`
- type dosfs_t;
- ')
+ gen_require(`
+ type dosfs_t;
+ ')
read_files_pattern($1, dosfs_t, dosfs_t)
allow $1 dosfs_t:file map;
@@ -2620,12 +2620,12 @@ interface(`fs_manage_dos_files',`
## </param>
#
interface(`fs_list_ecryptfs',`
- gen_require(`
- type ecryptfs_t;
- ')
+ gen_require(`
+ type ecryptfs_t;
+ ')
- allow $1 ecryptfs_t:dir list_dir_perms;
- read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t)
+ allow $1 ecryptfs_t:dir list_dir_perms;
+ read_lnk_files_pattern($1, ecryptfs_t, ecryptfs_t)
')
########################################
@@ -2641,11 +2641,11 @@ interface(`fs_list_ecryptfs',`
## <rolecap/>
#
interface(`fs_manage_ecryptfs_dirs',`
- gen_require(`
- type ecryptfs_t;
- ')
+ gen_require(`
+ type ecryptfs_t;
+ ')
- allow $1 ecryptfs_t:dir manage_dir_perms;
+ allow $1 ecryptfs_t:dir manage_dir_perms;
')
########################################
@@ -2661,11 +2661,11 @@ interface(`fs_manage_ecryptfs_dirs',`
## <rolecap/>
#
interface(`fs_manage_ecryptfs_files',`
- gen_require(`
- type ecryptfs_t;
- ')
+ gen_require(`
+ type ecryptfs_t;
+ ')
- manage_files_pattern($1, ecryptfs_t, ecryptfs_t)
+ manage_files_pattern($1, ecryptfs_t, ecryptfs_t)
')
########################################
@@ -2680,11 +2680,11 @@ interface(`fs_manage_ecryptfs_files',`
## </param>
#
interface(`fs_manage_ecryptfs_named_sockets',`
- gen_require(`
- type ecryptfs_t;
- ')
+ gen_require(`
+ type ecryptfs_t;
+ ')
- manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t)
+ manage_sock_files_pattern($1, ecryptfs_t, ecryptfs_t)
')
########################################
@@ -3763,11 +3763,11 @@ interface(`fs_rw_hugetlbfs_files',`
## </param>
#
interface(`fs_mmap_rw_hugetlbfs_files',`
- gen_require(`
- type hugetlbfs_t;
- ')
+ gen_require(`
+ type hugetlbfs_t;
+ ')
- fs_rw_hugetlbfs_files($1)
+ fs_rw_hugetlbfs_files($1)
allow $1 hugetlbfs_t:file map;
')
@@ -6668,7 +6668,7 @@ interface(`fs_getattr_tracefs',`
type tracefs_t;
')
- allow $1 tracefs_t:filesystem getattr;
+ allow $1 tracefs_t:filesystem getattr;
')
########################################
@@ -6742,7 +6742,7 @@ interface(`fs_search_tracefs',`
type tracefs_t;
')
- allow $1 tracefs_t:dir search_dir_perms;
+ allow $1 tracefs_t:dir search_dir_perms;
')
########################################
@@ -6761,7 +6761,7 @@ interface(`fs_getattr_tracefs_files',`
type tracefs_t;
')
- allow $1 tracefs_t:file getattr;
+ allow $1 tracefs_t:file getattr;
')
########################################
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 6e3873e5c..03561721c 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -749,7 +749,7 @@ optional_policy(`
')
optional_policy(`
- nsd_admin(sysadm_t, sysadm_r)
+ nsd_admin(sysadm_t, sysadm_r)
')
optional_policy(`
diff --git a/policy/modules/system/iptables.if
b/policy/modules/system/iptables.if
index 746a8dc02..ef26a0a6e 100644
--- a/policy/modules/system/iptables.if
+++ b/policy/modules/system/iptables.if
@@ -18,7 +18,7 @@ interface(`iptables_domtrans',`
corecmd_search_bin($1)
domtrans_pattern($1, iptables_exec_t, iptables_t)
- dontaudit iptables_t $1:socket_class_set { read write };
+ dontaudit iptables_t $1:socket_class_set { read write };
')
########################################
