#!/bin/bash

#Preupgrade Assistant performs system upgradability assessment
#and gathers information required for successful operating system upgrade.
#Copyright (C) 2013 Red Hat Inc.
#Petr Stodulka <pstodulk@redhat.com>
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program.  If not, see <http://www.gnu.org/licenses/>.
. /usr/share/preupgrade/common.sh
#END GENERATED SECTION

DIRTYCONF_D=$VALUE_TMP_PREUPGRADE/dirtyconf
POSTMIGRATE_DIR=$VALUE_TMP_PREUPGRADE/postmigrate.d

fix_script="fix_SELinuxCustomPolicy.sh"


#############################
local_files="$(find /etc/selinux/targeted/ -name \*local)"
[ -z "$local_files" ] && {
  log_info "No custom SELinux policy has been found."
  exit_pass
}

# I don't like this but it is easier then creating of new file.
IFS=$'\n'
for ffile in $local_files; do
    log_info "Back up the $ffile file as '${DIRTYCONF_D}${ffile}'"
    cp -a --parents "$ffile" "$DIRTYCONF_D"
done

msg="Some custom SELinux policies have been found on your system."
msg+=" The policies have been backed up in the $DIRTYCONF_D directory."
msg+=" See the logs for the list of backed up files. These policies cannot be"
msg+=" applied automatically because it cannot be guaranteed that there are"
msg+=" no conflicts with rules on the target system. Update your SELinux"
msg+=" policies manually."
msg+="\n\nNote: Some rules can be applied automatically by other"
msg+=" modules that are responsible for specific components (but only in"
msg+=" specific cases) to provide basic functionality."
echo -e "$msg" >> $SOLUTION_FILE

log_medium_risk "Some custom SELinux policy modules have been found."
exit_fail

