#!/bin/bash

. /usr/share/preupgrade/common.sh
switch_to_content
#END GENERATED SECTION

TARGET_DIR="${POSTUPGRADE_DIR}/selinux"
PRE_UPGRADE_DIR="$VALUE_TMP_PREUPGRADE/preupgrade-scripts"


mkdir -p ${TARGET_DIR} ${PRE_UPGRADE_DIR}

# create /etc/selinux/targeted/contexts/files/file_contexts.local during
# pre-upgrade phase if doesn't exist
cp -a "selinux-preup-script.sh" ${PRE_UPGRADE_DIR} || exit ${RESULT_ERROR}

# install selinux-sandbox rules if selinux policies are installed
cp -a ./postupgrade.d/00-selinux-sandbox.sh ${TARGET_DIR} || exit ${RESULT_ERROR}
cp -a ./postupgrade.d/01-selinux-autorelabel.sh ${TARGET_DIR} || exit ${RESULT_ERROR}

if [[ $(selinuxenabled) -eq 0 ]] ; then
    log_high_risk "There were changes in SELinux policies between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. See the solution to resolve this problem."
    cat >solution.txt <<EOF
We have detected that you are using SELinux. To have working SELinux in Red Hat Enterprise Linux 7, type 'semodule -r sandbox' before running redhat-upgrade-tool.
EOF
    exit ${RESULT_FAIL}
fi
exit ${RESULT_FIXED}
