#!/bin/bash
. /etc/rc.conf
. /etc/rc.d/functions

aa_profiles='/etc/apparmor.d/'
aa_log='/var/log/apparmor.init.log'

aa_log_daemon_msg() { echo "$@"; }
aa_log_failure_msg() { echo "$@"; }
aa_log_end_msg() { echo "$@"; }
. /lib/apparmor/rc.apparmor.functions

aa_parser_all() {
	apparmor_parser $@ $(find "$aa_profiles" -maxdepth 1 -type f) 2>>"$aa_log"
}

case "$1" in
  start)
    stat_busy "Enabling AppArmor profiles"
    aa_parser_all -r
    if [ $? -gt 0 ]; then
      stat_fail
    else
      add_daemon apparmor
      stat_done
    fi
    ;;
  stop)
    stat_busy "Disabling AppArmor profiles"
    aa_parser_all -R
    if [ $? -gt 0 ]; then
      stat_fail
    else
      rm_daemon apparmor
      stat_done
    fi
    ;;
  complain)
    $0 stop
    sleep 1
    stat_busy "Enabling AppArmor profiles in complain mode"
    aa_parser_all -C
    if [ $? -gt 0 ]; then
      stat_fail
    else
      stat_done
    fi
    ;;
  restart)
    $0 stop
    sleep 1
    $0 start
    ;;
  status)
    aa-status
    ;;
  *)
    echo "usage: $0 {start|stop|complain|restart|status}"
esac
exit 0