#!/bin/bash

#

# Do automatic relabelling

#

# . /etc/init.d/functions

relabel_selinux() {

    # if /sbin/init is not labeled correctly this process is running in the

    # wrong context, so a reboot will be required after relabel

    AUTORELABEL=

    . /etc/selinux/config

    echo "0" > /sys/fs/selinux/enforce

    [ -x /bin/plymouth ] && plymouth --hide-splash

    if [ "$AUTORELABEL" = "0" ]; then

	echo

	echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. "

	echo $"*** /etc/selinux/config indicates you want to manually fix labeling"

	echo $"*** problems. Dropping you to a shell; the system will reboot"

	echo $"*** when you leave the shell."

	sulogin

    else

	echo

	echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required."

	echo $"*** Relabeling could take a very long time, depending on file"

	echo $"*** system size and speed of hard drives."

	FORCE=`cat /.autorelabel`

        [ -x "/usr/sbin/quotaoff" ] && /usr/sbin/quotaoff -aug

	/sbin/fixfiles $FORCE restore > /dev/null 2>&1

    fi

    rm -f  /.autorelabel

    /usr/lib/dracut/dracut-initramfs-restore

    systemctl --force reboot

}

# Check to see if a full relabel is needed

if [ "$READONLY" != "yes" ]; then

    restorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1

    relabel_selinux

fi