diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
index 9668cde..0ec0fb0 100644
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@@ -312,21 +312,21 @@ interface(`apache_domtrans',`
 
 ######################################
 ## <summary>
-##  Allow the specified domain to execute apache
-##  in the caller domain.
+##	Allow the specified domain to execute apache
+##	in the caller domain.
 ## </summary>
 ## <param name="domain">
-##  <summary>
-##  Domain allowed access.
-##  </summary>
+##	<summary>
+##	Domain allowed access.
+##	</summary>
 ## </param>
 #
 interface(`apache_exec',`
-    gen_require(`
-        type httpd_exec_t;
-    ')
+	gen_require(`
+		type httpd_exec_t;
+	')
 
-    can_exec($1, httpd_exec_t)
+	can_exec($1, httpd_exec_t)
 ')
 
 #######################################
@@ -901,45 +901,45 @@ interface(`apache_manage_sys_content',`
 
 ######################################
 ## <summary>
-##  Allow the specified domain to read
-##  apache system content rw files.
+##	Allow the specified domain to read
+##	apache system content rw files.
 ## </summary>
 ## <param name="domain">
-##  <summary>
-##  Domain allowed access.
-##  </summary>
+##	<summary>
+##	Domain allowed access.
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
 interface(`apache_read_sys_content_rw_files',`
-    gen_require(`
+	gen_require(`
 		type httpd_sys_rw_content_t;
 	')
 
-    read_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
+	read_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
 ')
 
 ######################################
 ## <summary>
-##  Allow the specified domain to manage
-##  apache system content rw files.
+##	Allow the specified domain to manage
+##	apache system content rw files.
 ## </summary>
 ## <param name="domain">
-##  <summary>
-##  Domain allowed access.
-##  </summary>
+##	<summary>
+##	Domain allowed access.
+##	</summary>
 ## </param>
 ## <rolecap/>
 #
 interface(`apache_manage_sys_content_rw',`
-    gen_require(`
+	gen_require(`
 		type httpd_sys_rw_content_t;
 	')
 
-    files_search_var($1)
-    manage_dirs_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
-    manage_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
-    manage_lnk_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
+	files_search_var($1)
+	manage_dirs_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
+	manage_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
+	manage_lnk_files_pattern($1, httpd_sys_rw_content_t, httpd_sys_rw_content_t)
 ')
 
 ########################################
@@ -1219,21 +1219,21 @@ interface(`apache_read_tmp_files',`
 
 ######################################
 ## <summary>
-##  Dontaudit attempts to read and write
-##  apache tmp files.
+##	Dontaudit attempts to read and write
+##	apache tmp files.
 ## </summary>
 ## <param name="domain">
-##  <summary>
-##  Domain to not audit.
-##  </summary>
+##	<summary>
+##	Domain to not audit.
+##	</summary>
 ## </param>
 #
 interface(`apache_dontaudit_rw_tmp_files',`
-    gen_require(`
-        type httpd_tmp_t;
-    ')
+	gen_require(`
+		type httpd_tmp_t;
+	')
 
-    dontaudit $1 httpd_tmp_t:file { read write };
+	dontaudit $1 httpd_tmp_t:file { read write };
 ')
 
 ########################################
@@ -1361,12 +1361,12 @@ interface(`apache_admin',`
 	admin_pattern($1, httpd_php_tmp_t)
 	admin_pattern($1, httpd_suexec_tmp_t)
 
-ifdef(`TODO',`
-	apache_set_booleans($1, $2, $3, httpd_bool_t )
-	seutil_setsebool_role_template($1, $3, $2)
-	allow httpd_setsebool_t httpd_bool_t:dir list_dir_perms;
-	allow httpd_setsebool_t httpd_bool_t:file rw_file_perms;
-')
+	ifdef(`TODO',`
+		apache_set_booleans($1, $2, $3, httpd_bool_t)
+		seutil_setsebool_role_template($1, $3, $2)
+		allow httpd_setsebool_t httpd_bool_t:dir list_dir_perms;
+		allow httpd_setsebool_t httpd_bool_t:file rw_file_perms;
+	')
 ')
 
 ########################################
@@ -1385,7 +1385,7 @@ interface(`apache_dontaudit_leaks',`
 	')
 
 	dontaudit $1 httpd_t:fifo_file rw_inherited_fifo_file_perms;
- 	dontaudit $1 httpd_t:tcp_socket { read write };
+	dontaudit $1 httpd_t:tcp_socket { read write };
 	dontaudit $1 httpd_t:unix_dgram_socket { read write };
 	dontaudit $1 httpd_t:unix_stream_socket { read write };
 ')
diff --git a/policy/modules/services/cyphesis.if b/policy/modules/services/cyphesis.if
index 9d44538..7e9057e 100644
--- a/policy/modules/services/cyphesis.if
+++ b/policy/modules/services/cyphesis.if
@@ -5,9 +5,9 @@
 ##	Execute a domain transition to run cyphesis.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`cyphesis_domtrans',`
diff --git a/policy/modules/services/dbus.if b/policy/modules/services/dbus.if
index 8a75e58..74fa3d6 100644
--- a/policy/modules/services/dbus.if
+++ b/policy/modules/services/dbus.if
@@ -117,7 +117,7 @@ template(`dbus_role_template',`
 
 	dev_read_urand($1_dbusd_t)
 
- 	domain_use_interactive_fds($1_dbusd_t)
+	domain_use_interactive_fds($1_dbusd_t)
 	domain_read_all_domains_state($1_dbusd_t)
 
 	files_read_etc_files($1_dbusd_t)
@@ -155,7 +155,7 @@ template(`dbus_role_template',`
 	userdom_manage_user_home_content_files($1_dbusd_t)
 	userdom_user_home_dir_filetrans_user_home_content($1_dbusd_t, { dir file })
 
-	ifdef(`hide_broken_symptoms', `
+	ifdef(`hide_broken_symptoms',`
 		dontaudit $3 $1_dbusd_t:netlink_selinux_socket { read write };
 	')
 
@@ -462,7 +462,7 @@ interface(`dbus_system_domain',`
 		unconfined_dbus_send($1)
 	')
 
-	ifdef(`hide_broken_symptoms', `
+	ifdef(`hide_broken_symptoms',`
 		dontaudit $1 system_dbusd_t:netlink_selinux_socket { read write };
 	')
 ')
@@ -522,4 +522,3 @@ interface(`dbus_delete_pid_files',`
 	files_search_pids($1)
 	delete_files_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t)
 ')
-
diff --git a/policy/modules/services/denyhosts.if b/policy/modules/services/denyhosts.if
index 5914f84..7b9da59 100644
--- a/policy/modules/services/denyhosts.if
+++ b/policy/modules/services/denyhosts.if
@@ -13,12 +13,12 @@
 ##	Execute a domain transition to run denyhosts.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
-interface(`denyhosts_domtrans', `
+interface(`denyhosts_domtrans',`
 	gen_require(`
 		type denyhosts_t, denyhosts_exec_t;
 	')
@@ -36,7 +36,7 @@ interface(`denyhosts_domtrans', `
 ##	</summary>
 ## </param>
 #
-interface(`denyhosts_initrc_domtrans', `
+interface(`denyhosts_initrc_domtrans',`
 	gen_require(`
 		type denyhosts_initrc_exec_t;
 	')
@@ -61,7 +61,7 @@ interface(`denyhosts_initrc_domtrans', `
 ## </param>
 ## <rolecap/>
 #
-interface(`denyhosts_admin', `
+interface(`denyhosts_admin',`
 	gen_require(`
 		type denyhosts_t, denyhosts_var_lib_t, denyhosts_var_lock_t;
 		type denyhosts_var_log_t, denyhosts_initrc_exec_t;
diff --git a/policy/modules/services/devicekit.if b/policy/modules/services/devicekit.if
index e20390f..262885f 100644
--- a/policy/modules/services/devicekit.if
+++ b/policy/modules/services/devicekit.if
@@ -5,9 +5,9 @@
 ##	Execute a domain transition to run devicekit.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`devicekit_domtrans',`
diff --git a/policy/modules/services/dnsmasq.if b/policy/modules/services/dnsmasq.if
index f5149c8..c808b31 100644
--- a/policy/modules/services/dnsmasq.if
+++ b/policy/modules/services/dnsmasq.if
@@ -101,9 +101,9 @@ interface(`dnsmasq_kill',`
 ##	Read dnsmasq config files.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed access.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`dnsmasq_read_config',`
@@ -120,9 +120,9 @@ interface(`dnsmasq_read_config',`
 ##	Write to dnsmasq config files.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed access.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`dnsmasq_write_config',`
diff --git a/policy/modules/services/exim.if b/policy/modules/services/exim.if
index 91f751d..8950248 100644
--- a/policy/modules/services/exim.if
+++ b/policy/modules/services/exim.if
@@ -5,9 +5,9 @@
 ##	Execute a domain transition to run exim.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`exim_domtrans',`
@@ -28,7 +28,7 @@ interface(`exim_domtrans',`
 ##	</summary>
 ## </param>
 #
-interface(`exim_initrc_domtrans', `
+interface(`exim_initrc_domtrans',`
 	gen_require(`
 		type exim_initrc_exec_t;
 	')
@@ -119,9 +119,9 @@ interface(`exim_read_log',`
 ##	exim log files.
 ## </summary>
 ## <param name="domain">
-## 	<summary>
+##	<summary>
 ##	Domain allowed access.
-## 	</summary>
+##	</summary>
 ## </param>
 #
 interface(`exim_append_log',`
@@ -229,10 +229,10 @@ interface(`exim_manage_spool_files',`
 ##	</summary>
 ## </param>
 #
-interface(`exim_admin', `
+interface(`exim_admin',`
 	gen_require(`
-		type exim_t, exim_initrc_exec_t, exim_log_t; 
-		type exim_tmp_t, exim_spool_t,  exim_var_run_t;
+		type exim_t, exim_initrc_exec_t, exim_log_t;
+		type exim_tmp_t, exim_spool_t, exim_var_run_t;
 	')
 
 	allow $1 exim_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/fail2ban.if b/policy/modules/services/fail2ban.if
index 38715b1..87f6bfb 100644
--- a/policy/modules/services/fail2ban.if
+++ b/policy/modules/services/fail2ban.if
@@ -5,9 +5,9 @@
 ##	Execute a domain transition to run fail2ban.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`fail2ban_domtrans',`
@@ -102,9 +102,9 @@ interface(`fail2ban_read_log',`
 ##	fail2ban log files.
 ## </summary>
 ## <param name="domain">
-## 	<summary>
+##	<summary>
 ##	Domain allowed access.
-## 	</summary>
+##	</summary>
 ## </param>
 #
 interface(`fail2ban_append_log',`
diff --git a/policy/modules/services/fprintd.if b/policy/modules/services/fprintd.if
index ebad8c4..c02062c 100644
--- a/policy/modules/services/fprintd.if
+++ b/policy/modules/services/fprintd.if
@@ -5,9 +5,9 @@
 ##	Execute a domain transition to run fprintd.
 ## </summary>
 ## <param name="domain">
-## <summary>
+##	<summary>
 ##	Domain allowed to transition.
-## </summary>
+##	</summary>
 ## </param>
 #
 interface(`fprintd_domtrans',`
@@ -38,4 +38,3 @@ interface(`fprintd_dbus_chat',`
 	allow $1 fprintd_t:dbus send_msg;
 	allow fprintd_t $1:dbus send_msg;
 ')
-
diff --git a/policy/modules/services/git.fc b/policy/modules/services/git.fc
index 472c952..28b71f6 100644
--- a/policy/modules/services/git.fc
+++ b/policy/modules/services/git.fc
@@ -1,10 +1,10 @@
-HOME_DIR/public_git(/.*)?	gen_context(system_u:object_r:git_session_content_t, s0)
-HOME_DIR/\.gitaliases	--	gen_context(system_u:object_r:git_session_content_t, s0)
-HOME_DIR/\.gitconfig	--	gen_context(system_u:object_r:git_session_content_t, s0)
+HOME_DIR/public_git(/.*)?	gen_context(system_u:object_r:git_session_content_t,s0)
+HOME_DIR/\.gitaliases	--	gen_context(system_u:object_r:git_session_content_t,s0)
+HOME_DIR/\.gitconfig	--	gen_context(system_u:object_r:git_session_content_t,s0)
 
-/srv/git(/.*)?			gen_context(system_u:object_r:git_system_content_t, s0)
+/srv/git(/.*)?			gen_context(system_u:object_r:git_system_content_t,s0)
 
-/usr/libexec/git-core/git-daemon	--	gen_context(system_u:object_r:gitd_exec_t, s0)
+/usr/libexec/git-core/git-daemon	--	gen_context(system_u:object_r:gitd_exec_t,s0)
 
 /var/cache/cgit(/.*)?		gen_context(system_u:object_r:httpd_git_rw_content_t,s0)
 /var/lib/git(/.*)?		gen_context(system_u:object_r:httpd_git_content_t,s0)
diff --git a/policy/modules/services/git.if b/policy/modules/services/git.if
index c3d7d64..3780650 100644
--- a/policy/modules/services/git.if
+++ b/policy/modules/services/git.if
@@ -1,10 +1,10 @@
 ## <summary>Fast Version Control System.</summary>
 ## <desc>
 ##	<p>
-##		A really simple TCP git daemon that normally listens on
-##		port DEFAULT_GIT_PORT aka 9418. It waits for a
-##		connection asking for a service, and will serve that
-##		service if it is enabled.
+##	A really simple TCP git daemon that normally listens on
+##	port DEFAULT_GIT_PORT aka 9418. It waits for a
+##	connection asking for a service, and will serve that
+##	service if it is enabled.
 ##	</p>
 ## </desc>
 
@@ -58,7 +58,6 @@ interface(`git_session_role',`
 ## </param>
 #
 template(`git_content_template',`
-
 	gen_require(`
 		attribute git_system_content, git_content;
 	')
@@ -84,7 +83,6 @@ template(`git_content_template',`
 ## </param>
 #
 template(`git_role_template',`
-
 	gen_require(`
 		class context contains;
 		role system_r;
@@ -520,4 +518,3 @@ interface(`git_relabel_session_content',`
 	relabel_files_pattern($1, git_session_content_t, git_session_content_t)
 	userdom_search_user_home_dirs($1)
 ')
-