#!/bin/sh
### BEGIN INIT INFO
# Provides :		restorecond
# Required-Start:	
# Required-Stop:	
# Default-Start:	2 3 4 5
# Default-Stop:		0 1 6
# Short-Description: 	Daemon used to maintain file contexts.
# Description:		restorecond uses inotify to look for creation of 
#			new files and relabels them according to the policy
#			file contexts. See /etc/selinux/restorecond.conf for
# 			affected files.
#
### END INIT INFO

# restorecond:		Daemon used to maintain path file context
#
# chkconfig:	2345 12 87
# description:	restorecond uses inotify to look for creation of new files \
# listed in the /etc/selinux/restorecond.conf file, and restores the \
# correct security context.
#
# processname: /usr/sbin/restorecond
# config: /etc/selinux/restorecond.conf 
# pidfile: /var/run/restorecond.pid
#
# Return values according to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running

PATH=/sbin:/bin:/usr/bin:/usr/sbin

# Source function library.
. /lib/lsb/init-functions

[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 0

# Check that we are root ... so non-root users stop here
test `/usr/bin/id -u` = 0  || exit 4

test -x /usr/sbin/restorecond  || exit 5
test -f /etc/selinux/restorecond.conf  || exit 6

RETVAL=0

start() 
{
        log_daemon_msg "Starting restorecond"
	unset HOME MAIL USER USERNAME
        /sbin/start-stop-daemon --start --quiet --pidfile=/var/run/restorecond.pid --oknodo --exec /usr/sbin/restorecond 
	RETVAL=$?
	/usr/bin/touch /var/lock/restorecond
	log_end_msg $RETVAL
	return $RETVAL
}

stop() 
{
        log_daemon_msg "Shutting down restorecond"
	/sbin/start-stop-daemon --stop --quiet --pidfile=/var/run/restorecond.pid restorecond
	RETVAL=$?
	/bin/rm -f /var/lock/restorecond
	log_end_msg $RETVAL
	return $RETVAL
}

restart() 
{
    stop
    start
}

# See how we were called.
case "$1" in
  start)
	start
        ;;
  stop)
	stop
        ;;
  status)
	status restorecond
	RETVAL=$?
	;;
  restart|reload)
	restart
	;;
  condrestart)
	[ -e /var/lock/restorecond ] && restart || :
	;;
  *)
        log_failure_msg "Usage: $0 (start|stop|restart|reload|condrestart)"
        RETVAL=3
esac

exit $RETVAL

