#!/bin/bash
#
# Do automatic relabelling
#

# . /etc/init.d/functions

relabel_selinux() {
    # if /sbin/init is not labeled correctly this process is running in the
    # wrong context, so a reboot will be required after relabel
    AUTORELABEL=
    . /etc/selinux/config
    echo "0" > /sys/fs/selinux/enforce

    if [ "$AUTORELABEL" = "0" ]; then
	echo
	echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. "
	echo $"*** /etc/selinux/config indicates you want to manually fix labeling"
	echo $"*** problems. Dropping you to a shell; the system will reboot"
	echo $"*** when you leave the shell."
	sulogin

    else
	echo
	echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required."
	echo $"*** Relabeling could take a very long time, depending on file"
	echo $"*** system size and speed of hard drives."

	FORCE=`cat /.autorelabel`
        [ -x "/usr/sbin/quotaoff" ] && /usr/sbin/quotaoff -aug
	/sbin/fixfiles $FORCE restore
    fi
    rm -f  /.autorelabel
    #/usr/lib/dracut/dracut-initramfs-restore
    systemctl --force reboot
}

# Check to see if a full relabel is needed
if [ "$READONLY" != "yes" ]; then
    restorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1
    relabel_selinux
fi