#!/bin/bash
#
# setroubleshoot       This starts and stops setroubleshoot daemon
#
# chkconfig: 345 13 87
# description: This starts the SELinux Troubleshooting Daemon
#
# processname: /usr/sbin/setroubleshootd
# config: /etc/setroubleshoot/setroubleshoot.cfg
# pidfile: /var/run/setroubleshoot.pid
#

### BEGIN INIT INFO
# Provides: lsb-setroubleshootd
# Required-Start: $local_fs $syslog $network $named
# Required-Stop: $local_fs $syslog $network $named
# Default-Start:  3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop SELinux Troubleshooting Daemon
# Description: controls operation of the SELinux Troubleshooting Daemon
#	(setroubleshootd) which listens for SELinux AVC denial messages
#	analyzes it and provides a friendly interpretation.
### END INIT INFO

# Return values according to LSB for all commands but status:
# 0	success
# 1	generic or unspecified error (current practice)
# 2	invalid or excess argument(s)
# 3	unimplemented feature (for example, "reload")
# 4	user had insufficient privilege
# 5	program is not installed
# 6	program is not configured
# 7	program is not running

# Command argument
# start		start the service
# stop		stop the service
# restart	stop and restart the service if the service is already running, otherwise start the service
# try-restart	restart the service if the service is already running
# reload	cause the configuration of the service to be reloaded without actually stopping and restarting the service
# force-reload	cause the configuration to be reloaded if the service supports this, otherwise restart the service if it is running
# status	print the current status of the service

# start, stop, restart, force-reload, and status actions must be supported
# reload and the try-restart actions are optional.
# the init script.



PATH=/sbin:/bin:/usr/bin:/usr/sbin

# Source function library.
. /etc/init.d/functions

# Silently exit is SELinux is not enabled
[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 1

# Check that we are root ... so non-root users stop here
test `id -u` = 0  || exit 4

RETVAL=0

prog="setroubleshootd"

start(){
    echo -n $"Starting $prog: "
    unset HOME MAIL USER USERNAME
    daemon $prog "$EXTRAOPTIONS"
    RETVAL=$?
    echo
    if test $RETVAL = 0 ; then
        touch /var/lock/subsys/$prog
    fi
    if test $RETVAL = 3 ; then
	echo -n $"Cannot start $prog: SELinux not enabled"
    fi
    return $RETVAL
}

stop(){
    echo -n $"Stopping $prog: "
    killproc $prog
    RETVAL=$?
    echo
    rm -f /var/lock/subsys/$prog
    return $RETVAL
}

reload(){
    echo -n $"Reloading configuration: "	
    killproc $prog -HUP
    RETVAL=$?
    echo
    return $RETVAL
}

restart(){
    stop
    start
}

condrestart(){
    [ -e /var/lock/subsys/$prog ] && restart
    return 0
}

cleardb(){
    running=0
    [ -e /var/lock/subsys/$prog ] && running=1
    [ $running == 1 ] && stop
    echo $"Clearing database"
    rm -f /var/lib/setroubleshoot/database.xml
    [ $running == 1 ] && start
    return 0
}


# See how we were called.
case "$1" in
    start)
	start
	;;
    stop)
	stop
	;;
    status)
	status $prog
	;;
    restart)
	restart
	;;
    force-reload|reload)
	reload
	;;
    try-restart|condrestart)
	condrestart
	;;
    cleardb)
	cleardb
	;;
    *)
	echo $"Usage: $0 {start|stop|status|restart|try-restart|condrestart|reload|force-reload|cleardb}"
	RETVAL=3
esac

exit $RETVAL