#!/bin/bash
#
# Initial script for Live operating system
# This script are launching before starting init from linux-live script.
# Current dir allways must be set to root (/)
# All system path must be relative, except initrd dirs

ENABLED=yes
[ "$ENABLED" != "yes" ] && exit 0

PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
DEBUGMODE=no
debug_mode "$0" "$@"

echo $SYSCONF | grep -q ^/ && SYSCONF=.$SYSCONF
SOURCE=${SYSCONF}/config; [ -f "${SOURCE}" ] && . ${SOURCE} 2>/dev/null

SERVICEAPPARMOR="apparmor.service"

if  ! [ "$APPARMOR"=="yes" ] ;then
  mkdir -p proc
  mount -o rbind /proc proc
  ISSYSTEMD=$(readlink -fq usr/bin/init | grep /lib/systemd/systemd)
  if [ $ISSYSTEMD ] ;then
    chroot . systemctl unmask $SERVICEAPPARMOR
    chroot . systemctl enable $SERVICEAPPARMOR || chroot . chkconfig --add $SERVICEAPPARMOR
  else
     chroot . chkconfig --add $SERVICEAPPARMOR
  fi
  umount proc

cat > ${ROOTFS}etc/xdg/autostart/apparmor-notify.desktop << EOF
[Desktop Entry]
Type=Application
Name=AppArmor Notify
Comment=Receive on screen notifications of AppArmor denials
TryExec=aa-notify
Exec=aa-notify -p -s 1 -w 60 -f /var/log/audit/audit.log
StartupNotify=false
NoDisplay=true
EOF

fi