#!/bin/sh
#
# Copyright (c) 2012 Intel Corporation
#
#      This program is free software; you can redistribute it and/or modify
#      it under the terms of the GNU General Public License as published by
#      the Free Software Foundation, version 2.
#
#      This program is distributed in the hope that it will be useful, but
#      WITHOUT ANY WARRANTY; without even the implied warranty of
#      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
#      General Public License for more details.
#
#      You should have received a copy of the GNU General Public
#      License along with this program; if not, write to the Free Software
#      Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
#      02110-1301 USA
#
# Description: Initialize Smack policy
#
### BEGIN INIT INFO
# Provides:          smack-utils
# Required-Start:    $remote_fs $local_fs
# Required-Stop:     $remote_fs $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Utility to set up SMACK policy
# Description:       SMACK is a simplified mandatory access control \
#                    framework using an the LSM interface of the kernel. \
#                    The access control rules are loaded using smackfs \
#                    pseudo-filesystem.
### END INIT INFO

PATH=/sbin:/usr/sbin:/bin:/usr/bin

PROG=smack-utils
DESC="Simplified MAC Kernel (SMACK)"
SMACKCTL=/usr/bin/smackctl

# Check kernel whether smack is supported
[ `grep -c smack /proc/filesystems` -eq 1 ] || exit 0

#
# Mount smackfs in /smack
#
mount_smack() {
    if [ ! -d /smack ] ; then
      test -e /smack && rm -f /smack
      mkdir /smack
    fi
    if ! grep -E -qs smackfs /etc/mtab; then
	mount -t smackfs smackfs /smack > /dev/null 2>&1
    fi
}

case "$1" in
   start)
	echo -n "Starting $DESC ..."
	mount_smack
	/usr/bin/smackctl apply
	echo " done."
	;;
   status)
	if [ ! -e /smack/load2 ] ; then
		exit -1
	fi
	;;
   reload|force-reload|restart|try-restart)
	echo -n "Reloading $DESC ..."
	/usr/bin/smackctl clear
	/usr/bin/smackctl apply
	echo " done."
	;;
   stop)
	echo -n "Stopping $DESC ..."
	/usr/bin/smackctl clear
	echo " done."
	;;
   *)
	echo $"Usage: $0 {start|stop|reload|force-reload|restart|try-restart|status}"
	exit 3
	;;
esac

exit 0
