From df99dfe8eae2971b1ac6740ca62e2f08832acde1 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@ieee.org>
Date: Thu, 18 Mar 2021 16:22:05 -0400
Subject: [PATCH] Rules.modular/Rules.monolithic: Fix intdented labeling
 statement moves.

The secure_mode_policyload Boolean labeling statement was lost moving the
statement to the proper place in the policy.conf/base.conf.

Fix this for all other labeling statements too.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>
---
 Rules.modular    | 16 ++++++++--------
 Rules.monolithic | 16 ++++++++--------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/Rules.modular b/Rules.modular
index ea234daef..63a10e7ff 100644
--- a/Rules.modular
+++ b/Rules.modular
@@ -167,14 +167,14 @@ $(tmpdir)/all_attrs_types.conf: $(tmpdir)/all_te_files.conf
 $(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf
 	$(verbose) cat $(tmpdir)/post_te_files.conf > $@
 # these have to run individually because order matters:
-	$(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^ibpkeycon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^ibendportcon $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*sid ' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*genfscon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*portcon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*netifcon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*nodecon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*ibpkeycon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*ibendportcon' $(tmpdir)/all_te_files.conf >> $@ || true
 
 $(tmpdir)/only_te_rules.conf: $(tmpdir)/all_te_files.conf
 	$(verbose) $(comment_move_decl) $^ > $@
diff --git a/Rules.monolithic b/Rules.monolithic
index 87edd2d36..e369f8f31 100644
--- a/Rules.monolithic
+++ b/Rules.monolithic
@@ -165,14 +165,14 @@ $(tmpdir)/all_attrs_types.conf: $(tmpdir)/all_te_files.conf
 $(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf
 	$(verbose) cat $(tmpdir)/post_te_files.conf > $@
 # these have to run individually because order matters:
-	$(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^ibpkeycon $(tmpdir)/all_te_files.conf >> $@ || true
-	$(verbose) $(GREP) ^ibendportcon $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*sid ' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*genfscon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*portcon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*netifcon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*nodecon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*ibpkeycon' $(tmpdir)/all_te_files.conf >> $@ || true
+	$(verbose) $(GREP) '^[[:blank:]]*ibendportcon' $(tmpdir)/all_te_files.conf >> $@ || true
 
 $(tmpdir)/only_te_rules.conf: $(tmpdir)/all_te_files.conf
 	$(verbose) $(comment_move_decl) $^ > $@