#!/bin/bash

#Preupgrade Assistant performs system upgradability assessment
#and gathers information required for successful operating system upgrade.
#Copyright (C) 2013 Red Hat Inc.
#Tomas Tomecek <ttomecek@redhat.com>
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program.  If not, see <http://www.gnu.org/licenses/>.
. /usr/share/preupgrade/common.sh
check_applies_to "selinux-policy"
#END GENERATED SECTION

TARGET_DIR="${POSTUPGRADE_DIR}/selinux"
PRE_UPGRADE_DIR="$VALUE_TMP_PREUPGRADE/preupgrade-scripts"


mkdir -p ${TARGET_DIR} ${PRE_UPGRADE_DIR}

# create /etc/selinux/targeted/contexts/files/file_contexts.local during
# pre-upgrade phase if doesn't exist
cp -a "selinux-preup-script.sh" ${PRE_UPGRADE_DIR} || exit ${RESULT_ERROR}

# install selinux-sandbox rules if selinux policies are installed
cp -a ./postupgrade.d/00-selinux-sandbox.sh ${TARGET_DIR} || exit ${RESULT_ERROR}
cp -a ./postupgrade.d/01-selinux-autorelabel.sh ${TARGET_DIR} || exit ${RESULT_ERROR}

if [[ $(selinuxenabled) -eq 0 ]] ; then
    log_high_risk "There were changes in SELinux policies between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. See the solution to resolve this issue."
    cat >solution.txt <<EOF
We have detected that you are using SELinux. To have working SELinux in Red Hat Enterprise Linux 7, type 'semodule -r sandbox' before running redhat-upgrade-tool.
EOF
    exit ${RESULT_FAIL}
fi
exit ${RESULT_FIXED}
